Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Linux Analysis Report
Aqua.arm5.elf

Overview

General Information

Sample name:Aqua.arm5.elf
Analysis ID:1569921
MD5:2da1798fbb916db08633e3e21c7dd051
SHA1:f92a83277889f4228cba05e58e3a9976f0e5f534
SHA256:6196cb20d16b99920b874df4abd3e0a6b0becbd3355651fd2d38448933824267
Tags:elfMiraiuser-lontze7
Infos:

Detection

Mirai
Score:92
Range:0 - 100
Whitelisted:false

Signatures

Antivirus / Scanner detection for submitted sample
Malicious sample detected (through community Yara rule)
Multi AV Scanner detection for submitted file
Yara detected Mirai
Reads system files that contain records of logged in users
Sample deletes itself
Sample reads /proc/mounts (often used for finding a writable filesystem)
Sample tries to kill multiple processes (SIGKILL)
Sends malformed DNS queries
Creates hidden files and/or directories
Deletes log files
Detected TCP or UDP traffic on non-standard ports
Enumerates processes within the "proc" file system
Executes commands using a shell command-line interpreter
Executes the "grep" command used to find patterns in files or piped streams
Executes the "kill" or "pkill" command typically used to terminate processes
Executes the "rm" command used to delete files or directories
Found strings indicative of a multi-platform dropper
HTTP GET or POST without a user agent
Reads CPU information from /sys indicative of miner or evasive malware
Reads system version information
Reads the 'hosts' file potentially containing internal network hosts
Sample has stripped symbol table
Sample listens on a socket
Sample tries to kill a process (SIGKILL)
Sample tries to set the executable flag
Uses the "uname" system call to query kernel version information (possible evasion)
Yara signature match

Classification

General Information

Joe Sandbox version:41.0.0 Charoite
Analysis ID:1569921
Start date and time:2024-12-06 11:41:17 +01:00
Joe Sandbox product:CloudBasic
Overall analysis duration:0h 4m 22s
Hypervisor based Inspection enabled:false
Report type:full
Cookbook file name:defaultlinuxfilecookbook.jbs
Analysis system description:Ubuntu Linux 20.04 x64 (Kernel 5.4.0-72, Firefox 91.0, Evince Document Viewer 3.36.10, LibreOffice 6.4.7.2, OpenJDK 11.0.11)
Analysis Mode:default
Sample name:Aqua.arm5.elf
Detection:MAL
Classification:mal92.spre.troj.evad.linELF@0/29@120/0

Warnings

  • Connection to analysis system has been lost, crash info: Unknown
  • Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
  • VT rate limit hit for: Aqua.arm5.elf

Runtime Messages

Command:/tmp/Aqua.arm5.elf
PID:6250
Exit Code:0
Exit Code Info:
Killed:False
Standard Output:
about to cum inside a femboy btw
Standard Error:

Process Tree

  • system is lnxubuntu20
  • dash New Fork (PID: 6224, Parent: 4331)
  • rm (PID: 6224, Parent: 4331, MD5: aa2b5496fdbfd88e38791ab81f90b95b) Arguments: rm -f /tmp/tmp.f8NtUib4dg /tmp/tmp.QwVtZeApeT /tmp/tmp.ExO63KUjCm
  • dash New Fork (PID: 6225, Parent: 4331)
  • rm (PID: 6225, Parent: 4331, MD5: aa2b5496fdbfd88e38791ab81f90b95b) Arguments: rm -f /tmp/tmp.f8NtUib4dg /tmp/tmp.QwVtZeApeT /tmp/tmp.ExO63KUjCm
  • Aqua.arm5.elf (PID: 6250, Parent: 6153, MD5: 5ebfcae4fe2471fcc5695c2394773ff1) Arguments: /tmp/Aqua.arm5.elf
  • sh (PID: 6256, Parent: 1477, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: /bin/sh -e -u -c "export GIO_LAUNCHED_DESKTOP_FILE_PID=$$; exec \"$@\"" sh /usr/libexec/gsd-rfkill
  • gsd-rfkill (PID: 6256, Parent: 1477, MD5: 88a16a3c0aba1759358c06215ecfb5cc) Arguments: /usr/libexec/gsd-rfkill
  • systemd New Fork (PID: 6261, Parent: 1)
  • systemd-hostnamed (PID: 6261, Parent: 1, MD5: 2cc8a5576629a2d5bd98e49a4b8bef65) Arguments: /lib/systemd/systemd-hostnamed
  • gdm3 New Fork (PID: 6392, Parent: 1320)
  • Default (PID: 6392, Parent: 1320, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: /etc/gdm3/PrimeOff/Default
  • gdm3 New Fork (PID: 6393, Parent: 1320)
  • Default (PID: 6393, Parent: 1320, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: /etc/gdm3/PrimeOff/Default
  • gdm3 New Fork (PID: 6406, Parent: 1320)
  • Default (PID: 6406, Parent: 1320, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: /etc/gdm3/PrimeOff/Default
  • systemd New Fork (PID: 6409, Parent: 1)
  • dbus-daemon (PID: 6409, Parent: 1, MD5: 3089d47e3f3ab84cd81c48fd406d7a8c) Arguments: /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only
  • systemd New Fork (PID: 6410, Parent: 1860)
  • pulseaudio (PID: 6410, Parent: 1860, MD5: 0c3b4c789d8ffb12b25507f27e14c186) Arguments: /usr/bin/pulseaudio --daemonize=no --log-target=journal
  • systemd New Fork (PID: 6411, Parent: 1)
  • rsyslogd (PID: 6411, Parent: 1, MD5: 0b8087fc907c42eb3c81a691db258e33) Arguments: /usr/sbin/rsyslogd -n -iNONE
  • systemd New Fork (PID: 6420, Parent: 1)
  • rtkit-daemon (PID: 6420, Parent: 1, MD5: df0cacf1db4ec95ac70f5b6e06b8ffd7) Arguments: /usr/libexec/rtkit-daemon
  • systemd New Fork (PID: 6423, Parent: 1)
  • systemd-logind (PID: 6423, Parent: 1, MD5: 8dd58a1b4c12f7a1d5fe3ce18b2aaeef) Arguments: /lib/systemd/systemd-logind
  • systemd New Fork (PID: 6485, Parent: 1)
  • polkitd (PID: 6485, Parent: 1, MD5: 8efc9b4b5b524210ad2ea1954a9d0e69) Arguments: /usr/lib/policykit-1/polkitd --no-debug
  • fusermount (PID: 6486, Parent: 2038, MD5: 576a1b135c82bdcbc97a91acea900566) Arguments: fusermount -u -q -z -- /run/user/1000/gvfs
  • systemd New Fork (PID: 6493, Parent: 1)
  • gpu-manager (PID: 6493, Parent: 1, MD5: 8fae9dd5dd67e1f33d873089c2fd8761) Arguments: /usr/bin/gpu-manager --log /var/log/gpu-manager.log
    • sh (PID: 6496, Parent: 6493, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: sh -c "grep -G \"^blacklist.*nvidia[[:space:]]*$\" /etc/modprobe.d/*.conf"
      • sh New Fork (PID: 6499, Parent: 6496)
      • grep (PID: 6499, Parent: 6496, MD5: 1e6ebb9dd094f774478f72727bdba0f5) Arguments: grep -G ^blacklist.*nvidia[[:space:]]*$ /etc/modprobe.d/alsa-base.conf /etc/modprobe.d/amd64-microcode-blacklist.conf /etc/modprobe.d/blacklist-ath_pci.conf /etc/modprobe.d/blacklist-firewire.conf /etc/modprobe.d/blacklist-framebuffer.conf /etc/modprobe.d/blacklist-modem.conf /etc/modprobe.d/blacklist-oss.conf /etc/modprobe.d/blacklist-rare-network.conf /etc/modprobe.d/blacklist.conf /etc/modprobe.d/intel-microcode-blacklist.conf /etc/modprobe.d/iwlwifi.conf /etc/modprobe.d/mdadm.conf
    • sh (PID: 6501, Parent: 6493, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: sh -c "grep -G \"^blacklist.*nvidia[[:space:]]*$\" /lib/modprobe.d/*.conf"
      • sh New Fork (PID: 6502, Parent: 6501)
      • grep (PID: 6502, Parent: 6501, MD5: 1e6ebb9dd094f774478f72727bdba0f5) Arguments: grep -G ^blacklist.*nvidia[[:space:]]*$ /lib/modprobe.d/aliases.conf /lib/modprobe.d/blacklist_linux_5.4.0-72-generic.conf /lib/modprobe.d/blacklist_linux_5.4.0-81-generic.conf /lib/modprobe.d/fbdev-blacklist.conf /lib/modprobe.d/systemd.conf
    • sh (PID: 6507, Parent: 6493, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: sh -c "grep -G \"^blacklist.*radeon[[:space:]]*$\" /etc/modprobe.d/*.conf"
      • sh New Fork (PID: 6508, Parent: 6507)
      • grep (PID: 6508, Parent: 6507, MD5: 1e6ebb9dd094f774478f72727bdba0f5) Arguments: grep -G ^blacklist.*radeon[[:space:]]*$ /etc/modprobe.d/alsa-base.conf /etc/modprobe.d/amd64-microcode-blacklist.conf /etc/modprobe.d/blacklist-ath_pci.conf /etc/modprobe.d/blacklist-firewire.conf /etc/modprobe.d/blacklist-framebuffer.conf /etc/modprobe.d/blacklist-modem.conf /etc/modprobe.d/blacklist-oss.conf /etc/modprobe.d/blacklist-rare-network.conf /etc/modprobe.d/blacklist.conf /etc/modprobe.d/intel-microcode-blacklist.conf /etc/modprobe.d/iwlwifi.conf /etc/modprobe.d/mdadm.conf
    • sh (PID: 6509, Parent: 6493, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: sh -c "grep -G \"^blacklist.*radeon[[:space:]]*$\" /lib/modprobe.d/*.conf"
      • sh New Fork (PID: 6510, Parent: 6509)
      • grep (PID: 6510, Parent: 6509, MD5: 1e6ebb9dd094f774478f72727bdba0f5) Arguments: grep -G ^blacklist.*radeon[[:space:]]*$ /lib/modprobe.d/aliases.conf /lib/modprobe.d/blacklist_linux_5.4.0-72-generic.conf /lib/modprobe.d/blacklist_linux_5.4.0-81-generic.conf /lib/modprobe.d/fbdev-blacklist.conf /lib/modprobe.d/systemd.conf
    • sh (PID: 6511, Parent: 6493, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: sh -c "grep -G \"^blacklist.*amdgpu[[:space:]]*$\" /etc/modprobe.d/*.conf"
      • sh New Fork (PID: 6512, Parent: 6511)
      • grep (PID: 6512, Parent: 6511, MD5: 1e6ebb9dd094f774478f72727bdba0f5) Arguments: grep -G ^blacklist.*amdgpu[[:space:]]*$ /etc/modprobe.d/alsa-base.conf /etc/modprobe.d/amd64-microcode-blacklist.conf /etc/modprobe.d/blacklist-ath_pci.conf /etc/modprobe.d/blacklist-firewire.conf /etc/modprobe.d/blacklist-framebuffer.conf /etc/modprobe.d/blacklist-modem.conf /etc/modprobe.d/blacklist-oss.conf /etc/modprobe.d/blacklist-rare-network.conf /etc/modprobe.d/blacklist.conf /etc/modprobe.d/intel-microcode-blacklist.conf /etc/modprobe.d/iwlwifi.conf /etc/modprobe.d/mdadm.conf
    • sh (PID: 6515, Parent: 6493, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: sh -c "grep -G \"^blacklist.*amdgpu[[:space:]]*$\" /lib/modprobe.d/*.conf"
      • sh New Fork (PID: 6517, Parent: 6515)
      • grep (PID: 6517, Parent: 6515, MD5: 1e6ebb9dd094f774478f72727bdba0f5) Arguments: grep -G ^blacklist.*amdgpu[[:space:]]*$ /lib/modprobe.d/aliases.conf /lib/modprobe.d/blacklist_linux_5.4.0-72-generic.conf /lib/modprobe.d/blacklist_linux_5.4.0-81-generic.conf /lib/modprobe.d/fbdev-blacklist.conf /lib/modprobe.d/systemd.conf
    • sh (PID: 6519, Parent: 6493, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: sh -c "grep -G \"^blacklist.*nouveau[[:space:]]*$\" /etc/modprobe.d/*.conf"
      • sh New Fork (PID: 6520, Parent: 6519)
      • grep (PID: 6520, Parent: 6519, MD5: 1e6ebb9dd094f774478f72727bdba0f5) Arguments: grep -G ^blacklist.*nouveau[[:space:]]*$ /etc/modprobe.d/alsa-base.conf /etc/modprobe.d/amd64-microcode-blacklist.conf /etc/modprobe.d/blacklist-ath_pci.conf /etc/modprobe.d/blacklist-firewire.conf /etc/modprobe.d/blacklist-framebuffer.conf /etc/modprobe.d/blacklist-modem.conf /etc/modprobe.d/blacklist-oss.conf /etc/modprobe.d/blacklist-rare-network.conf /etc/modprobe.d/blacklist.conf /etc/modprobe.d/intel-microcode-blacklist.conf /etc/modprobe.d/iwlwifi.conf /etc/modprobe.d/mdadm.conf
    • sh (PID: 6521, Parent: 6493, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: sh -c "grep -G \"^blacklist.*nouveau[[:space:]]*$\" /lib/modprobe.d/*.conf"
      • sh New Fork (PID: 6522, Parent: 6521)
      • grep (PID: 6522, Parent: 6521, MD5: 1e6ebb9dd094f774478f72727bdba0f5) Arguments: grep -G ^blacklist.*nouveau[[:space:]]*$ /lib/modprobe.d/aliases.conf /lib/modprobe.d/blacklist_linux_5.4.0-72-generic.conf /lib/modprobe.d/blacklist_linux_5.4.0-81-generic.conf /lib/modprobe.d/fbdev-blacklist.conf /lib/modprobe.d/systemd.conf
  • systemd New Fork (PID: 6495, Parent: 1)
  • dbus-daemon (PID: 6495, Parent: 1, MD5: 3089d47e3f3ab84cd81c48fd406d7a8c) Arguments: /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only
  • systemd New Fork (PID: 6500, Parent: 1)
  • rsyslogd (PID: 6500, Parent: 1, MD5: 0b8087fc907c42eb3c81a691db258e33) Arguments: /usr/sbin/rsyslogd -n -iNONE
  • systemd New Fork (PID: 6513, Parent: 1)
  • agetty (PID: 6513, Parent: 1, MD5: 3a374724ba7e863768139bdd60ca36f7) Arguments: /sbin/agetty -o "-p -- \\u" --noclear tty2 linux
  • systemd New Fork (PID: 6524, Parent: 1)
  • generate-config (PID: 6524, Parent: 1, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: /usr/share/gdm/generate-config
    • pkill (PID: 6525, Parent: 6524, MD5: fa96a75a08109d8842e4865b2907d51f) Arguments: pkill --signal HUP --uid gdm dconf-service
  • systemd New Fork (PID: 6528, Parent: 1)
  • gdm-wait-for-drm (PID: 6528, Parent: 1, MD5: 82043ba752c6930b4e6aaea2f7747545) Arguments: /usr/lib/gdm3/gdm-wait-for-drm
  • systemd New Fork (PID: 6533, Parent: 1)
  • dbus-daemon (PID: 6533, Parent: 1, MD5: 3089d47e3f3ab84cd81c48fd406d7a8c) Arguments: /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only
  • systemd New Fork (PID: 6534, Parent: 1)
  • rsyslogd (PID: 6534, Parent: 1, MD5: 0b8087fc907c42eb3c81a691db258e33) Arguments: /usr/sbin/rsyslogd -n -iNONE
  • systemd New Fork (PID: 6535, Parent: 1)
  • agetty (PID: 6535, Parent: 1, MD5: 3a374724ba7e863768139bdd60ca36f7) Arguments: /sbin/agetty -o "-p -- \\u" --noclear tty2 linux
  • systemd New Fork (PID: 6543, Parent: 1)
  • systemd-logind (PID: 6543, Parent: 1, MD5: 8dd58a1b4c12f7a1d5fe3ce18b2aaeef) Arguments: /lib/systemd/systemd-logind
  • systemd New Fork (PID: 6605, Parent: 1)
  • gdm3 (PID: 6605, Parent: 1, MD5: 2492e2d8d34f9377e3e530a61a15674f) Arguments: /usr/sbin/gdm3
    • gdm3 New Fork (PID: 6608, Parent: 6605)
    • plymouth (PID: 6608, Parent: 6605, MD5: 87003efd8dad470042f5e75360a8f49f) Arguments: plymouth --ping
    • gdm3 New Fork (PID: 6622, Parent: 6605)
    • gdm-session-worker (PID: 6622, Parent: 6605, MD5: 692243754bd9f38fe9bd7e230b5c060a) Arguments: "gdm-session-worker [pam/gdm-launch-environment]"
      • gdm-wayland-session (PID: 6626, Parent: 6622, MD5: d3def63cf1e83f7fb8a0f13b1744ff7c) Arguments: /usr/lib/gdm3/gdm-wayland-session "dbus-run-session -- gnome-session --autostart /usr/share/gdm/greeter/autostart"
        • dbus-daemon (PID: 6628, Parent: 6626, MD5: 3089d47e3f3ab84cd81c48fd406d7a8c) Arguments: dbus-daemon --print-address 3 --session
          • dbus-daemon New Fork (PID: 6630, Parent: 6628)
            • false (PID: 6631, Parent: 6630, MD5: 3177546c74e4f0062909eae43d948bfc) Arguments: /bin/false
        • dbus-run-session (PID: 6632, Parent: 6626, MD5: 245f3ef6a268850b33b0225a8753b7f4) Arguments: dbus-run-session -- gnome-session --autostart /usr/share/gdm/greeter/autostart
          • dbus-daemon (PID: 6633, Parent: 6632, MD5: 3089d47e3f3ab84cd81c48fd406d7a8c) Arguments: dbus-daemon --nofork --print-address 4 --session
    • gdm3 New Fork (PID: 6636, Parent: 6605)
    • Default (PID: 6636, Parent: 6605, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: /etc/gdm3/PrimeOff/Default
    • gdm3 New Fork (PID: 6637, Parent: 6605)
    • Default (PID: 6637, Parent: 6605, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: /etc/gdm3/PrimeOff/Default
  • systemd New Fork (PID: 6609, Parent: 1)
  • accounts-daemon (PID: 6609, Parent: 1, MD5: 01a899e3fb5e7e434bea1290255a1f30) Arguments: /usr/lib/accountsservice/accounts-daemon
    • language-validate (PID: 6613, Parent: 6609, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: /usr/share/language-tools/language-validate en_US.UTF-8
      • language-options (PID: 6614, Parent: 6613, MD5: 16a21f464119ea7fad1d3660de963637) Arguments: /usr/share/language-tools/language-options
        • sh (PID: 6615, Parent: 6614, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: sh -c "locale -a | grep -F .utf8 "
          • sh New Fork (PID: 6616, Parent: 6615)
          • locale (PID: 6616, Parent: 6615, MD5: c72a78792469db86d91369c9057f20d2) Arguments: locale -a
          • sh New Fork (PID: 6617, Parent: 6615)
          • grep (PID: 6617, Parent: 6615, MD5: 1e6ebb9dd094f774478f72727bdba0f5) Arguments: grep -F .utf8
  • systemd New Fork (PID: 6618, Parent: 1)
  • polkitd (PID: 6618, Parent: 1, MD5: 8efc9b4b5b524210ad2ea1954a9d0e69) Arguments: /usr/lib/policykit-1/polkitd --no-debug
  • systemd New Fork (PID: 6667, Parent: 1860)
  • dbus-daemon (PID: 6667, Parent: 1860, MD5: 3089d47e3f3ab84cd81c48fd406d7a8c) Arguments: /usr/bin/dbus-daemon --session --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only
  • systemd New Fork (PID: 6673, Parent: 1860)
  • pulseaudio (PID: 6673, Parent: 1860, MD5: 0c3b4c789d8ffb12b25507f27e14c186) Arguments: /usr/bin/pulseaudio --daemonize=no --log-target=journal
  • systemd New Fork (PID: 6674, Parent: 1)
  • rtkit-daemon (PID: 6674, Parent: 1, MD5: df0cacf1db4ec95ac70f5b6e06b8ffd7) Arguments: /usr/libexec/rtkit-daemon
  • cleanup

Malware Threat Intel

Provided by

NameDescriptionAttributionBlogpost URLsLink
MiraiMirai is one of the first significant botnets targeting exposed networking devices running Linux. Found in August 2016 by MalwareMustDie, its name means "future" in Japanese. Nowadays it targets a wide range of networked embedded devices such as IP cameras, home routers (many vendors involved), and other IoT devices. Since the source code was published on "Hack Forums" many variants of the Mirai family appeared, infecting mostly home networks all around the world.No Attributionhttps://malpedia.caad.fkie.fraunhofer.de/details/elf.mirai

Yara Signatures

Initial Sample

SourceRuleDescriptionAuthorStrings
Aqua.arm5.elfJoeSecurity_Mirai_8Yara detected MiraiJoe Security
    Aqua.arm5.elfLinux_Trojan_Gafgyt_28a2fe0cunknownunknown
    • 0x20d74:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
    • 0x20d88:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
    • 0x20d9c:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
    • 0x20db0:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
    • 0x20dc4:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
    • 0x20dd8:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
    • 0x20dec:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
    • 0x20e00:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
    • 0x20e14:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
    • 0x20e28:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
    • 0x20e3c:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
    • 0x20e50:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
    • 0x20e64:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
    • 0x20e78:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
    • 0x20e8c:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
    • 0x20ea0:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
    • 0x20eb4:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
    • 0x20ec8:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
    • 0x20edc:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
    • 0x20ef0:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
    • 0x20f04:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F

    Memory Dumps

    SourceRuleDescriptionAuthorStrings
    6254.1.00007fd614017000.00007fd61403b000.r-x.sdmpJoeSecurity_Mirai_8Yara detected MiraiJoe Security
      6254.1.00007fd614017000.00007fd61403b000.r-x.sdmpLinux_Trojan_Gafgyt_28a2fe0cunknownunknown
      • 0x20d74:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
      • 0x20d88:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
      • 0x20d9c:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
      • 0x20db0:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
      • 0x20dc4:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
      • 0x20dd8:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
      • 0x20dec:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
      • 0x20e00:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
      • 0x20e14:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
      • 0x20e28:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
      • 0x20e3c:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
      • 0x20e50:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
      • 0x20e64:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
      • 0x20e78:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
      • 0x20e8c:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
      • 0x20ea0:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
      • 0x20eb4:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
      • 0x20ec8:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
      • 0x20edc:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
      • 0x20ef0:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
      • 0x20f04:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
      6250.1.00007fd614017000.00007fd61403b000.r-x.sdmpJoeSecurity_Mirai_8Yara detected MiraiJoe Security
        6250.1.00007fd614017000.00007fd61403b000.r-x.sdmpLinux_Trojan_Gafgyt_28a2fe0cunknownunknown
        • 0x20d74:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
        • 0x20d88:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
        • 0x20d9c:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
        • 0x20db0:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
        • 0x20dc4:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
        • 0x20dd8:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
        • 0x20dec:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
        • 0x20e00:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
        • 0x20e14:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
        • 0x20e28:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
        • 0x20e3c:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
        • 0x20e50:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
        • 0x20e64:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
        • 0x20e78:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
        • 0x20e8c:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
        • 0x20ea0:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
        • 0x20eb4:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
        • 0x20ec8:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
        • 0x20edc:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
        • 0x20ef0:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
        • 0x20f04:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
        Process Memory Space: Aqua.arm5.elf PID: 6250JoeSecurity_Mirai_8Yara detected MiraiJoe Security
          Click to see the 3 entries

          Suricata Signatures

          No Suricata rule has matched

          Joe Sandbox Signatures

          Click to jump to signature section

          Show All Signature Results

          AV Detection

          barindex
          Antivirus / Scanner detection for submitted sample
          Source: Aqua.arm5.elfAvira: detected
          Multi AV Scanner detection for submitted file
          Source: Aqua.arm5.elfReversingLabs: Detection: 39%
          Source: /usr/bin/pkill (PID: 6525)Reads CPU info from /sys: /sys/devices/system/cpu/onlineJump to behavior
          Source: /usr/bin/pulseaudio (PID: 6673)Reads CPU info from /sys: /sys/devices/system/cpu/onlineJump to behavior
          Source: Aqua.arm5.elfString: EOF/proc//proc/%s/cmdlinewgetcurlftpechokillbashrebootshutdownhaltpoweroff[locker] killed process: %s ;; pid: %d

          Networking

          barindex
          Sends malformed DNS queries
          Source: global trafficDNS traffic detected: malformed DNS query: server.eye-network.ru. [malformed]
          Source: global trafficTCP traffic: 192.168.2.23:50016 -> 89.190.156.145:7733
          Source: global trafficHTTP traffic detected: POST /9aadafe2051348cd32033e1cad68f0a5fe46fba3240ac1e6e42158f31b8a1371790c09baf3996b4979fe8e533446c7dedf30f654c68b25357334c66911dc6a9e HTTP/1.1Host: daisy.ubuntu.comAccept: */*Content-Type: application/octet-streamX-Whoopsie-Version: 0.2.69ubuntu0.3Content-Length: 164887Expect: 100-continue
          Source: /usr/sbin/rsyslogd (PID: 6411)Reads hosts file: /etc/hostsJump to behavior
          Source: /usr/sbin/rsyslogd (PID: 6500)Reads hosts file: /etc/hostsJump to behavior
          Source: /usr/sbin/rsyslogd (PID: 6534)Reads hosts file: /etc/hostsJump to behavior
          Source: /usr/sbin/gdm3 (PID: 6605)Socket: unknown address familyJump to behavior
          Source: /usr/bin/dbus-daemon (PID: 6628)Socket: unknown address familyJump to behavior
          Source: unknownTCP traffic detected without corresponding DNS query: 54.171.230.55
          Source: unknownTCP traffic detected without corresponding DNS query: 91.189.91.42
          Source: unknownTCP traffic detected without corresponding DNS query: 89.190.156.145
          Source: unknownTCP traffic detected without corresponding DNS query: 89.190.156.145
          Source: unknownTCP traffic detected without corresponding DNS query: 89.190.156.145
          Source: unknownTCP traffic detected without corresponding DNS query: 89.190.156.145
          Source: unknownTCP traffic detected without corresponding DNS query: 89.190.156.145
          Source: unknownTCP traffic detected without corresponding DNS query: 89.190.156.145
          Source: unknownTCP traffic detected without corresponding DNS query: 89.190.156.145
          Source: unknownTCP traffic detected without corresponding DNS query: 89.190.156.145
          Source: unknownTCP traffic detected without corresponding DNS query: 89.190.156.145
          Source: unknownTCP traffic detected without corresponding DNS query: 89.190.156.145
          Source: unknownTCP traffic detected without corresponding DNS query: 89.190.156.145
          Source: unknownTCP traffic detected without corresponding DNS query: 89.190.156.145
          Source: unknownTCP traffic detected without corresponding DNS query: 89.190.156.145
          Source: unknownTCP traffic detected without corresponding DNS query: 89.190.156.145
          Source: unknownTCP traffic detected without corresponding DNS query: 89.190.156.145
          Source: unknownTCP traffic detected without corresponding DNS query: 89.190.156.145
          Source: unknownTCP traffic detected without corresponding DNS query: 89.190.156.145
          Source: unknownTCP traffic detected without corresponding DNS query: 89.190.156.145
          Source: unknownTCP traffic detected without corresponding DNS query: 89.190.156.145
          Source: unknownTCP traffic detected without corresponding DNS query: 89.190.156.145
          Source: unknownTCP traffic detected without corresponding DNS query: 89.190.156.145
          Source: unknownTCP traffic detected without corresponding DNS query: 89.190.156.145
          Source: unknownTCP traffic detected without corresponding DNS query: 89.190.156.145
          Source: unknownTCP traffic detected without corresponding DNS query: 89.190.156.145
          Source: unknownTCP traffic detected without corresponding DNS query: 89.190.156.145
          Source: unknownTCP traffic detected without corresponding DNS query: 89.190.156.145
          Source: unknownTCP traffic detected without corresponding DNS query: 89.190.156.145
          Source: unknownTCP traffic detected without corresponding DNS query: 89.190.156.145
          Source: unknownTCP traffic detected without corresponding DNS query: 89.190.156.145
          Source: unknownTCP traffic detected without corresponding DNS query: 89.190.156.145
          Source: unknownTCP traffic detected without corresponding DNS query: 89.190.156.145
          Source: unknownTCP traffic detected without corresponding DNS query: 89.190.156.145
          Source: unknownTCP traffic detected without corresponding DNS query: 89.190.156.145
          Source: unknownTCP traffic detected without corresponding DNS query: 89.190.156.145
          Source: unknownTCP traffic detected without corresponding DNS query: 89.190.156.145
          Source: unknownTCP traffic detected without corresponding DNS query: 89.190.156.145
          Source: unknownTCP traffic detected without corresponding DNS query: 89.190.156.145
          Source: unknownTCP traffic detected without corresponding DNS query: 89.190.156.145
          Source: unknownTCP traffic detected without corresponding DNS query: 89.190.156.145
          Source: unknownTCP traffic detected without corresponding DNS query: 89.190.156.145
          Source: unknownTCP traffic detected without corresponding DNS query: 89.190.156.145
          Source: unknownTCP traffic detected without corresponding DNS query: 89.190.156.145
          Source: unknownTCP traffic detected without corresponding DNS query: 89.190.156.145
          Source: unknownTCP traffic detected without corresponding DNS query: 89.190.156.145
          Source: unknownTCP traffic detected without corresponding DNS query: 89.190.156.145
          Source: unknownTCP traffic detected without corresponding DNS query: 89.190.156.145
          Source: unknownTCP traffic detected without corresponding DNS query: 89.190.156.145
          Source: unknownTCP traffic detected without corresponding DNS query: 89.190.156.145
          Source: global trafficDNS traffic detected: DNS query: server.eye-network.ru
          Source: global trafficDNS traffic detected: DNS query: server.eye-network.ru. [malformed]
          Source: global trafficDNS traffic detected: DNS query: daisy.ubuntu.com
          Source: unknownHTTP traffic detected: POST /9aadafe2051348cd32033e1cad68f0a5fe46fba3240ac1e6e42158f31b8a1371790c09baf3996b4979fe8e533446c7dedf30f654c68b25357334c66911dc6a9e HTTP/1.1Host: daisy.ubuntu.comAccept: */*Content-Type: application/octet-streamX-Whoopsie-Version: 0.2.69ubuntu0.3Content-Length: 164887Expect: 100-continue
          Source: syslog.35.dr, syslog.57.dr, syslog.101.drString found in binary or memory: https://www.rsyslog.com
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 33606
          Source: unknownNetwork traffic detected: HTTP traffic on port 33606 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 43928 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53116
          Source: unknownNetwork traffic detected: HTTP traffic on port 42836 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 53116 -> 443

          System Summary

          barindex
          Malicious sample detected (through community Yara rule)
          Source: Aqua.arm5.elf, type: SAMPLEMatched rule: Linux_Trojan_Gafgyt_28a2fe0c Author: unknown
          Source: 6254.1.00007fd614017000.00007fd61403b000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_28a2fe0c Author: unknown
          Source: 6250.1.00007fd614017000.00007fd61403b000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_28a2fe0c Author: unknown
          Source: Process Memory Space: Aqua.arm5.elf PID: 6250, type: MEMORYSTRMatched rule: Linux_Trojan_Gafgyt_28a2fe0c Author: unknown
          Source: Process Memory Space: Aqua.arm5.elf PID: 6254, type: MEMORYSTRMatched rule: Linux_Trojan_Gafgyt_28a2fe0c Author: unknown
          Sample tries to kill multiple processes (SIGKILL)
          Source: /tmp/Aqua.arm5.elf (PID: 6254)SIGKILL sent: pid: 1638, result: successfulJump to behavior
          Source: /tmp/Aqua.arm5.elf (PID: 6254)SIGKILL sent: pid: 6256, result: successfulJump to behavior
          Source: /tmp/Aqua.arm5.elf (PID: 6254)SIGKILL sent: pid: 658, result: successfulJump to behavior
          Source: /tmp/Aqua.arm5.elf (PID: 6254)SIGKILL sent: pid: 720, result: successfulJump to behavior
          Source: /tmp/Aqua.arm5.elf (PID: 6254)SIGKILL sent: pid: 721, result: successfulJump to behavior
          Source: /tmp/Aqua.arm5.elf (PID: 6254)SIGKILL sent: pid: 772, result: successfulJump to behavior
          Source: /tmp/Aqua.arm5.elf (PID: 6254)SIGKILL sent: pid: 774, result: successfulJump to behavior
          Source: /tmp/Aqua.arm5.elf (PID: 6254)SIGKILL sent: pid: 777, result: successfulJump to behavior
          Source: /tmp/Aqua.arm5.elf (PID: 6254)SIGKILL sent: pid: 785, result: successfulJump to behavior
          Source: /tmp/Aqua.arm5.elf (PID: 6254)SIGKILL sent: pid: 793, result: successfulJump to behavior
          Source: /tmp/Aqua.arm5.elf (PID: 6254)SIGKILL sent: pid: 936, result: successfulJump to behavior
          Source: /tmp/Aqua.arm5.elf (PID: 6254)SIGKILL sent: pid: 1320, result: successfulJump to behavior
          Source: /tmp/Aqua.arm5.elf (PID: 6254)SIGKILL sent: pid: 1344, result: successfulJump to behavior
          Source: /tmp/Aqua.arm5.elf (PID: 6254)SIGKILL sent: pid: 1886, result: successfulJump to behavior
          Source: /tmp/Aqua.arm5.elf (PID: 6254)SIGKILL sent: pid: 2048, result: successfulJump to behavior
          Source: /tmp/Aqua.arm5.elf (PID: 6254)SIGKILL sent: pid: 6214, result: successfulJump to behavior
          Source: /tmp/Aqua.arm5.elf (PID: 6254)SIGKILL sent: pid: 6215, result: successfulJump to behavior
          Source: /tmp/Aqua.arm5.elf (PID: 6254)SIGKILL sent: pid: 6407, result: successfulJump to behavior
          Source: /tmp/Aqua.arm5.elf (PID: 6254)SIGKILL sent: pid: 6409, result: successfulJump to behavior
          Source: /tmp/Aqua.arm5.elf (PID: 6254)SIGKILL sent: pid: 6410, result: successfulJump to behavior
          Source: /tmp/Aqua.arm5.elf (PID: 6254)SIGKILL sent: pid: 6411, result: successfulJump to behavior
          Source: /tmp/Aqua.arm5.elf (PID: 6254)SIGKILL sent: pid: 1335, result: successfulJump to behavior
          Source: /tmp/Aqua.arm5.elf (PID: 6254)SIGKILL sent: pid: 1872, result: successfulJump to behavior
          Source: /tmp/Aqua.arm5.elf (PID: 6254)SIGKILL sent: pid: 6494, result: successfulJump to behavior
          Source: /tmp/Aqua.arm5.elf (PID: 6254)SIGKILL sent: pid: 6495, result: successfulJump to behavior
          Source: /tmp/Aqua.arm5.elf (PID: 6254)SIGKILL sent: pid: 6500, result: successfulJump to behavior
          Source: /tmp/Aqua.arm5.elf (PID: 6254)SIGKILL sent: pid: 6513, result: successfulJump to behavior
          Source: ELF static info symbol of initial sample.symtab present: no
          Source: /tmp/Aqua.arm5.elf (PID: 6254)SIGKILL sent: pid: 1638, result: successfulJump to behavior
          Source: /tmp/Aqua.arm5.elf (PID: 6254)SIGKILL sent: pid: 6256, result: successfulJump to behavior
          Source: /tmp/Aqua.arm5.elf (PID: 6254)SIGKILL sent: pid: 658, result: successfulJump to behavior
          Source: /tmp/Aqua.arm5.elf (PID: 6254)SIGKILL sent: pid: 720, result: successfulJump to behavior
          Source: /tmp/Aqua.arm5.elf (PID: 6254)SIGKILL sent: pid: 721, result: successfulJump to behavior
          Source: /tmp/Aqua.arm5.elf (PID: 6254)SIGKILL sent: pid: 772, result: successfulJump to behavior
          Source: /tmp/Aqua.arm5.elf (PID: 6254)SIGKILL sent: pid: 774, result: successfulJump to behavior
          Source: /tmp/Aqua.arm5.elf (PID: 6254)SIGKILL sent: pid: 777, result: successfulJump to behavior
          Source: /tmp/Aqua.arm5.elf (PID: 6254)SIGKILL sent: pid: 785, result: successfulJump to behavior
          Source: /tmp/Aqua.arm5.elf (PID: 6254)SIGKILL sent: pid: 793, result: successfulJump to behavior
          Source: /tmp/Aqua.arm5.elf (PID: 6254)SIGKILL sent: pid: 936, result: successfulJump to behavior
          Source: /tmp/Aqua.arm5.elf (PID: 6254)SIGKILL sent: pid: 1320, result: successfulJump to behavior
          Source: /tmp/Aqua.arm5.elf (PID: 6254)SIGKILL sent: pid: 1344, result: successfulJump to behavior
          Source: /tmp/Aqua.arm5.elf (PID: 6254)SIGKILL sent: pid: 1886, result: successfulJump to behavior
          Source: /tmp/Aqua.arm5.elf (PID: 6254)SIGKILL sent: pid: 2048, result: successfulJump to behavior
          Source: /tmp/Aqua.arm5.elf (PID: 6254)SIGKILL sent: pid: 6214, result: successfulJump to behavior
          Source: /tmp/Aqua.arm5.elf (PID: 6254)SIGKILL sent: pid: 6215, result: successfulJump to behavior
          Source: /tmp/Aqua.arm5.elf (PID: 6254)SIGKILL sent: pid: 6407, result: successfulJump to behavior
          Source: /tmp/Aqua.arm5.elf (PID: 6254)SIGKILL sent: pid: 6409, result: successfulJump to behavior
          Source: /tmp/Aqua.arm5.elf (PID: 6254)SIGKILL sent: pid: 6410, result: successfulJump to behavior
          Source: /tmp/Aqua.arm5.elf (PID: 6254)SIGKILL sent: pid: 6411, result: successfulJump to behavior
          Source: /tmp/Aqua.arm5.elf (PID: 6254)SIGKILL sent: pid: 1335, result: successfulJump to behavior
          Source: /tmp/Aqua.arm5.elf (PID: 6254)SIGKILL sent: pid: 1872, result: successfulJump to behavior
          Source: /tmp/Aqua.arm5.elf (PID: 6254)SIGKILL sent: pid: 6494, result: successfulJump to behavior
          Source: /tmp/Aqua.arm5.elf (PID: 6254)SIGKILL sent: pid: 6495, result: successfulJump to behavior
          Source: /tmp/Aqua.arm5.elf (PID: 6254)SIGKILL sent: pid: 6500, result: successfulJump to behavior
          Source: /tmp/Aqua.arm5.elf (PID: 6254)SIGKILL sent: pid: 6513, result: successfulJump to behavior
          Source: Aqua.arm5.elf, type: SAMPLEMatched rule: Linux_Trojan_Gafgyt_28a2fe0c os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a2c6beaec18ca876e8487c11bcc7a29279669588aacb7d3027d8d8df8f5bcead, id = 28a2fe0c-eed5-4c79-81e6-3b11b73a4ebd, last_modified = 2021-09-16
          Source: 6254.1.00007fd614017000.00007fd61403b000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_28a2fe0c os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a2c6beaec18ca876e8487c11bcc7a29279669588aacb7d3027d8d8df8f5bcead, id = 28a2fe0c-eed5-4c79-81e6-3b11b73a4ebd, last_modified = 2021-09-16
          Source: 6250.1.00007fd614017000.00007fd61403b000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_28a2fe0c os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a2c6beaec18ca876e8487c11bcc7a29279669588aacb7d3027d8d8df8f5bcead, id = 28a2fe0c-eed5-4c79-81e6-3b11b73a4ebd, last_modified = 2021-09-16
          Source: Process Memory Space: Aqua.arm5.elf PID: 6250, type: MEMORYSTRMatched rule: Linux_Trojan_Gafgyt_28a2fe0c os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a2c6beaec18ca876e8487c11bcc7a29279669588aacb7d3027d8d8df8f5bcead, id = 28a2fe0c-eed5-4c79-81e6-3b11b73a4ebd, last_modified = 2021-09-16
          Source: Process Memory Space: Aqua.arm5.elf PID: 6254, type: MEMORYSTRMatched rule: Linux_Trojan_Gafgyt_28a2fe0c os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a2c6beaec18ca876e8487c11bcc7a29279669588aacb7d3027d8d8df8f5bcead, id = 28a2fe0c-eed5-4c79-81e6-3b11b73a4ebd, last_modified = 2021-09-16
          Source: classification engineClassification label: mal92.spre.troj.evad.linELF@0/29@120/0

          Persistence and Installation Behavior

          barindex
          Sample reads /proc/mounts (often used for finding a writable filesystem)
          Source: /usr/bin/dbus-daemon (PID: 6409)File: /proc/6409/mountsJump to behavior
          Source: /bin/fusermount (PID: 6486)File: /proc/6486/mountsJump to behavior
          Source: /usr/bin/dbus-daemon (PID: 6495)File: /proc/6495/mountsJump to behavior
          Source: /usr/bin/dbus-daemon (PID: 6533)File: /proc/6533/mountsJump to behavior
          Source: /usr/bin/dbus-daemon (PID: 6628)File: /proc/6628/mountsJump to behavior
          Source: /usr/bin/dbus-daemon (PID: 6633)File: /proc/6633/mountsJump to behavior
          Source: /usr/bin/dbus-daemon (PID: 6667)File: /proc/6667/mountsJump to behavior
          Source: /usr/libexec/gsd-rfkill (PID: 6256)Directory: <invalid fd (9)>/..Jump to behavior
          Source: /usr/libexec/gsd-rfkill (PID: 6256)Directory: <invalid fd (8)>/..Jump to behavior
          Source: /lib/systemd/systemd-hostnamed (PID: 6261)Directory: <invalid fd (10)>/..Jump to behavior
          Source: /lib/systemd/systemd-logind (PID: 6423)Directory: <invalid fd (18)>/..Jump to behavior
          Source: /lib/systemd/systemd-logind (PID: 6423)Directory: <invalid fd (17)>/..Jump to behavior
          Source: /lib/systemd/systemd-logind (PID: 6423)File: /run/systemd/seats/.#seat0j6uDiTJump to behavior
          Source: /usr/lib/policykit-1/polkitd (PID: 6485)Directory: /root/.cacheJump to behavior
          Source: /lib/systemd/systemd-logind (PID: 6543)Directory: <invalid fd (18)>/..Jump to behavior
          Source: /lib/systemd/systemd-logind (PID: 6543)Directory: <invalid fd (17)>/..Jump to behavior
          Source: /lib/systemd/systemd-logind (PID: 6543)File: /run/systemd/seats/.#seat05Ai2cYJump to behavior
          Source: /lib/systemd/systemd-logind (PID: 6543)File: /run/systemd/users/.#127rbfDbXJump to behavior
          Source: /lib/systemd/systemd-logind (PID: 6543)File: /run/systemd/users/.#127RoIWiXJump to behavior
          Source: /lib/systemd/systemd-logind (PID: 6543)File: /run/systemd/seats/.#seat0O8VX6VJump to behavior
          Source: /lib/systemd/systemd-logind (PID: 6543)File: /run/systemd/users/.#127puFNyYJump to behavior
          Source: /lib/systemd/systemd-logind (PID: 6543)File: /run/systemd/users/.#127yjOUzYJump to behavior
          Source: /lib/systemd/systemd-logind (PID: 6543)File: /run/systemd/users/.#127Km3Y2UJump to behavior
          Source: /usr/lib/gdm3/gdm-wayland-session (PID: 6626)Directory: /var/lib/gdm3/.cacheJump to behavior
          Source: /usr/lib/accountsservice/accounts-daemon (PID: 6609)Directory: /var/lib/gdm3/.pam_environmentJump to behavior
          Source: /usr/lib/accountsservice/accounts-daemon (PID: 6609)Directory: /root/.cacheJump to behavior
          Source: /usr/lib/policykit-1/polkitd (PID: 6618)Directory: /root/.cacheJump to behavior
          Source: /tmp/Aqua.arm5.elf (PID: 6254)File opened: /proc/6230/cmdlineJump to behavior
          Source: /tmp/Aqua.arm5.elf (PID: 6254)File opened: /proc/6230/statJump to behavior
          Source: /tmp/Aqua.arm5.elf (PID: 6254)File opened: /proc/6230/cmdlineJump to behavior
          Source: /tmp/Aqua.arm5.elf (PID: 6254)File opened: /proc/6230/statJump to behavior
          Source: /tmp/Aqua.arm5.elf (PID: 6254)File opened: /proc/6232/cmdlineJump to behavior
          Source: /tmp/Aqua.arm5.elf (PID: 6254)File opened: /proc/6232/statJump to behavior
          Source: /tmp/Aqua.arm5.elf (PID: 6254)File opened: /proc/6232/cmdlineJump to behavior
          Source: /tmp/Aqua.arm5.elf (PID: 6254)File opened: /proc/6232/statJump to behavior
          Source: /tmp/Aqua.arm5.elf (PID: 6254)File opened: /proc/6231/cmdlineJump to behavior
          Source: /tmp/Aqua.arm5.elf (PID: 6254)File opened: /proc/6231/statJump to behavior
          Source: /tmp/Aqua.arm5.elf (PID: 6254)File opened: /proc/6231/cmdlineJump to behavior
          Source: /tmp/Aqua.arm5.elf (PID: 6254)File opened: /proc/6231/statJump to behavior
          Source: /tmp/Aqua.arm5.elf (PID: 6254)File opened: /proc/6234/cmdlineJump to behavior
          Source: /tmp/Aqua.arm5.elf (PID: 6254)File opened: /proc/6234/statJump to behavior
          Source: /tmp/Aqua.arm5.elf (PID: 6254)File opened: /proc/6234/cmdlineJump to behavior
          Source: /tmp/Aqua.arm5.elf (PID: 6254)File opened: /proc/6234/statJump to behavior
          Source: /tmp/Aqua.arm5.elf (PID: 6254)File opened: /proc/6233/cmdlineJump to behavior
          Source: /tmp/Aqua.arm5.elf (PID: 6254)File opened: /proc/6233/statJump to behavior
          Source: /tmp/Aqua.arm5.elf (PID: 6254)File opened: /proc/6233/cmdlineJump to behavior
          Source: /tmp/Aqua.arm5.elf (PID: 6254)File opened: /proc/6233/statJump to behavior
          Source: /tmp/Aqua.arm5.elf (PID: 6254)File opened: /proc/6236/cmdlineJump to behavior
          Source: /tmp/Aqua.arm5.elf (PID: 6254)File opened: /proc/6236/statJump to behavior
          Source: /tmp/Aqua.arm5.elf (PID: 6254)File opened: /proc/6236/cmdlineJump to behavior
          Source: /tmp/Aqua.arm5.elf (PID: 6254)File opened: /proc/6236/statJump to behavior
          Source: /tmp/Aqua.arm5.elf (PID: 6254)File opened: /proc/6235/cmdlineJump to behavior
          Source: /tmp/Aqua.arm5.elf (PID: 6254)File opened: /proc/6235/statJump to behavior
          Source: /tmp/Aqua.arm5.elf (PID: 6254)File opened: /proc/6235/cmdlineJump to behavior
          Source: /tmp/Aqua.arm5.elf (PID: 6254)File opened: /proc/6235/statJump to behavior
          Source: /tmp/Aqua.arm5.elf (PID: 6254)File opened: /proc/1582/cmdlineJump to behavior
          Source: /tmp/Aqua.arm5.elf (PID: 6254)File opened: /proc/3088/cmdlineJump to behavior
          Source: /tmp/Aqua.arm5.elf (PID: 6254)File opened: /proc/3088/statJump to behavior
          Source: /tmp/Aqua.arm5.elf (PID: 6254)File opened: /proc/3088/cmdlineJump to behavior
          Source: /tmp/Aqua.arm5.elf (PID: 6254)File opened: /proc/3088/statJump to behavior
          Source: /tmp/Aqua.arm5.elf (PID: 6254)File opened: /proc/230/cmdlineJump to behavior
          Source: /tmp/Aqua.arm5.elf (PID: 6254)File opened: /proc/230/statJump to behavior
          Source: /tmp/Aqua.arm5.elf (PID: 6254)File opened: /proc/230/cmdlineJump to behavior
          Source: /tmp/Aqua.arm5.elf (PID: 6254)File opened: /proc/230/statJump to behavior
          Source: /tmp/Aqua.arm5.elf (PID: 6254)File opened: /proc/110/cmdlineJump to behavior
          Source: /tmp/Aqua.arm5.elf (PID: 6254)File opened: /proc/110/statJump to behavior
          Source: /tmp/Aqua.arm5.elf (PID: 6254)File opened: /proc/110/cmdlineJump to behavior
          Source: /tmp/Aqua.arm5.elf (PID: 6254)File opened: /proc/110/statJump to behavior
          Source: /tmp/Aqua.arm5.elf (PID: 6254)File opened: /proc/231/cmdlineJump to behavior
          Source: /tmp/Aqua.arm5.elf (PID: 6254)File opened: /proc/231/statJump to behavior
          Source: /tmp/Aqua.arm5.elf (PID: 6254)File opened: /proc/231/cmdlineJump to behavior
          Source: /tmp/Aqua.arm5.elf (PID: 6254)File opened: /proc/231/statJump to behavior
          Source: /tmp/Aqua.arm5.elf (PID: 6254)File opened: /proc/111/cmdlineJump to behavior
          Source: /tmp/Aqua.arm5.elf (PID: 6254)File opened: /proc/111/statJump to behavior
          Source: /tmp/Aqua.arm5.elf (PID: 6254)File opened: /proc/111/cmdlineJump to behavior
          Source: /tmp/Aqua.arm5.elf (PID: 6254)File opened: /proc/111/statJump to behavior
          Source: /tmp/Aqua.arm5.elf (PID: 6254)File opened: /proc/232/cmdlineJump to behavior
          Source: /tmp/Aqua.arm5.elf (PID: 6254)File opened: /proc/232/statJump to behavior
          Source: /tmp/Aqua.arm5.elf (PID: 6254)File opened: /proc/232/cmdlineJump to behavior
          Source: /tmp/Aqua.arm5.elf (PID: 6254)File opened: /proc/232/statJump to behavior
          Source: /tmp/Aqua.arm5.elf (PID: 6254)File opened: /proc/1579/cmdlineJump to behavior
          Source: /tmp/Aqua.arm5.elf (PID: 6254)File opened: /proc/112/cmdlineJump to behavior
          Source: /tmp/Aqua.arm5.elf (PID: 6254)File opened: /proc/112/statJump to behavior
          Source: /tmp/Aqua.arm5.elf (PID: 6254)File opened: /proc/112/cmdlineJump to behavior
          Source: /tmp/Aqua.arm5.elf (PID: 6254)File opened: /proc/112/statJump to behavior
          Source: /tmp/Aqua.arm5.elf (PID: 6254)File opened: /proc/233/cmdlineJump to behavior
          Source: /tmp/Aqua.arm5.elf (PID: 6254)File opened: /proc/233/statJump to behavior
          Source: /tmp/Aqua.arm5.elf (PID: 6254)File opened: /proc/233/cmdlineJump to behavior
          Source: /tmp/Aqua.arm5.elf (PID: 6254)File opened: /proc/233/statJump to behavior
          Source: /tmp/Aqua.arm5.elf (PID: 6254)File opened: /proc/1699/cmdlineJump to behavior
          Source: /tmp/Aqua.arm5.elf (PID: 6254)File opened: /proc/113/cmdlineJump to behavior
          Source: /tmp/Aqua.arm5.elf (PID: 6254)File opened: /proc/113/statJump to behavior
          Source: /tmp/Aqua.arm5.elf (PID: 6254)File opened: /proc/113/cmdlineJump to behavior
          Source: /tmp/Aqua.arm5.elf (PID: 6254)File opened: /proc/113/statJump to behavior
          Source: /tmp/Aqua.arm5.elf (PID: 6254)File opened: /proc/234/cmdlineJump to behavior
          Source: /tmp/Aqua.arm5.elf (PID: 6254)File opened: /proc/234/statJump to behavior
          Source: /tmp/Aqua.arm5.elf (PID: 6254)File opened: /proc/234/cmdlineJump to behavior
          Source: /tmp/Aqua.arm5.elf (PID: 6254)File opened: /proc/234/statJump to behavior
          Source: /tmp/Aqua.arm5.elf (PID: 6254)File opened: /proc/1335/cmdlineJump to behavior
          Source: /tmp/Aqua.arm5.elf (PID: 6254)File opened: /proc/1335/statJump to behavior
          Source: /tmp/Aqua.arm5.elf (PID: 6254)File opened: /proc/1335/cmdlineJump to behavior
          Source: /tmp/Aqua.arm5.elf (PID: 6254)File opened: /proc/1335/statJump to behavior
          Source: /tmp/Aqua.arm5.elf (PID: 6254)File opened: /proc/1698/cmdlineJump to behavior
          Source: /tmp/Aqua.arm5.elf (PID: 6254)File opened: /proc/114/cmdlineJump to behavior
          Source: /tmp/Aqua.arm5.elf (PID: 6254)File opened: /proc/114/statJump to behavior
          Source: /tmp/Aqua.arm5.elf (PID: 6254)File opened: /proc/114/cmdlineJump to behavior
          Source: /tmp/Aqua.arm5.elf (PID: 6254)File opened: /proc/114/statJump to behavior
          Source: /tmp/Aqua.arm5.elf (PID: 6254)File opened: /proc/235/cmdlineJump to behavior
          Source: /tmp/Aqua.arm5.elf (PID: 6254)File opened: /proc/235/statJump to behavior
          Source: /tmp/Aqua.arm5.elf (PID: 6254)File opened: /proc/235/cmdlineJump to behavior
          Source: /tmp/Aqua.arm5.elf (PID: 6254)File opened: /proc/235/statJump to behavior
          Source: /tmp/Aqua.arm5.elf (PID: 6254)File opened: /proc/1334/cmdlineJump to behavior
          Source: /tmp/Aqua.arm5.elf (PID: 6254)File opened: /proc/1334/statJump to behavior
          Source: /tmp/Aqua.arm5.elf (PID: 6254)File opened: /proc/1334/cmdlineJump to behavior
          Source: /tmp/Aqua.arm5.elf (PID: 6254)File opened: /proc/1334/statJump to behavior
          Source: /tmp/Aqua.arm5.elf (PID: 6254)File opened: /proc/1576/cmdlineJump to behavior
          Source: /tmp/Aqua.arm5.elf (PID: 6254)File opened: /proc/2302/cmdlineJump to behavior
          Source: /tmp/Aqua.arm5.elf (PID: 6254)File opened: /proc/2302/statJump to behavior
          Source: /tmp/Aqua.arm5.elf (PID: 6254)File opened: /proc/2302/cmdlineJump to behavior
          Source: /tmp/Aqua.arm5.elf (PID: 6254)File opened: /proc/2302/statJump to behavior
          Source: /tmp/Aqua.arm5.elf (PID: 6254)File opened: /proc/115/cmdlineJump to behavior
          Source: /tmp/Aqua.arm5.elf (PID: 6254)File opened: /proc/115/statJump to behavior
          Source: /tmp/Aqua.arm5.elf (PID: 6254)File opened: /proc/115/cmdlineJump to behavior
          Source: /tmp/Aqua.arm5.elf (PID: 6254)File opened: /proc/115/statJump to behavior
          Source: /tmp/Aqua.arm5.elf (PID: 6254)File opened: /proc/236/cmdlineJump to behavior
          Source: /tmp/Aqua.arm5.elf (PID: 6254)File opened: /proc/236/statJump to behavior
          Source: /tmp/Aqua.arm5.elf (PID: 6254)File opened: /proc/236/cmdlineJump to behavior
          Source: /tmp/Aqua.arm5.elf (PID: 6254)File opened: /proc/236/statJump to behavior
          Source: /tmp/Aqua.arm5.elf (PID: 6254)File opened: /proc/116/cmdlineJump to behavior
          Source: /tmp/Aqua.arm5.elf (PID: 6254)File opened: /proc/116/statJump to behavior
          Source: /tmp/Aqua.arm5.elf (PID: 6254)File opened: /proc/116/cmdlineJump to behavior
          Source: /tmp/Aqua.arm5.elf (PID: 6254)File opened: /proc/116/statJump to behavior
          Source: /usr/bin/gpu-manager (PID: 6496)Shell command executed: sh -c "grep -G \"^blacklist.*nvidia[[:space:]]*$\" /etc/modprobe.d/*.conf"Jump to behavior
          Source: /usr/bin/gpu-manager (PID: 6501)Shell command executed: sh -c "grep -G \"^blacklist.*nvidia[[:space:]]*$\" /lib/modprobe.d/*.conf"Jump to behavior
          Source: /usr/bin/gpu-manager (PID: 6507)Shell command executed: sh -c "grep -G \"^blacklist.*radeon[[:space:]]*$\" /etc/modprobe.d/*.conf"Jump to behavior
          Source: /usr/bin/gpu-manager (PID: 6509)Shell command executed: sh -c "grep -G \"^blacklist.*radeon[[:space:]]*$\" /lib/modprobe.d/*.conf"Jump to behavior
          Source: /usr/bin/gpu-manager (PID: 6511)Shell command executed: sh -c "grep -G \"^blacklist.*amdgpu[[:space:]]*$\" /etc/modprobe.d/*.conf"Jump to behavior
          Source: /usr/bin/gpu-manager (PID: 6515)Shell command executed: sh -c "grep -G \"^blacklist.*amdgpu[[:space:]]*$\" /lib/modprobe.d/*.conf"Jump to behavior
          Source: /usr/bin/gpu-manager (PID: 6519)Shell command executed: sh -c "grep -G \"^blacklist.*nouveau[[:space:]]*$\" /etc/modprobe.d/*.conf"Jump to behavior
          Source: /usr/bin/gpu-manager (PID: 6521)Shell command executed: sh -c "grep -G \"^blacklist.*nouveau[[:space:]]*$\" /lib/modprobe.d/*.conf"Jump to behavior
          Source: /usr/share/language-tools/language-options (PID: 6615)Shell command executed: sh -c "locale -a | grep -F .utf8 "Jump to behavior
          Source: /bin/sh (PID: 6499)Grep executable: /usr/bin/grep -> grep -G ^blacklist.*nvidia[[:space:]]*$ /etc/modprobe.d/alsa-base.conf /etc/modprobe.d/amd64-microcode-blacklist.conf /etc/modprobe.d/blacklist-ath_pci.conf /etc/modprobe.d/blacklist-firewire.conf /etc/modprobe.d/blacklist-framebuffer.conf /etc/modprobe.d/blacklist-modem.conf /etc/modprobe.d/blacklist-oss.conf /etc/modprobe.d/blacklist-rare-network.conf /etc/modprobe.d/blacklist.conf /etc/modprobe.d/intel-microcode-blacklist.conf /etc/modprobe.d/iwlwifi.conf /etc/modprobe.d/mdadm.confJump to behavior
          Source: /bin/sh (PID: 6502)Grep executable: /usr/bin/grep -> grep -G ^blacklist.*nvidia[[:space:]]*$ /lib/modprobe.d/aliases.conf /lib/modprobe.d/blacklist_linux_5.4.0-72-generic.conf /lib/modprobe.d/blacklist_linux_5.4.0-81-generic.conf /lib/modprobe.d/fbdev-blacklist.conf /lib/modprobe.d/systemd.confJump to behavior
          Source: /bin/sh (PID: 6508)Grep executable: /usr/bin/grep -> grep -G ^blacklist.*radeon[[:space:]]*$ /etc/modprobe.d/alsa-base.conf /etc/modprobe.d/amd64-microcode-blacklist.conf /etc/modprobe.d/blacklist-ath_pci.conf /etc/modprobe.d/blacklist-firewire.conf /etc/modprobe.d/blacklist-framebuffer.conf /etc/modprobe.d/blacklist-modem.conf /etc/modprobe.d/blacklist-oss.conf /etc/modprobe.d/blacklist-rare-network.conf /etc/modprobe.d/blacklist.conf /etc/modprobe.d/intel-microcode-blacklist.conf /etc/modprobe.d/iwlwifi.conf /etc/modprobe.d/mdadm.confJump to behavior
          Source: /bin/sh (PID: 6510)Grep executable: /usr/bin/grep -> grep -G ^blacklist.*radeon[[:space:]]*$ /lib/modprobe.d/aliases.conf /lib/modprobe.d/blacklist_linux_5.4.0-72-generic.conf /lib/modprobe.d/blacklist_linux_5.4.0-81-generic.conf /lib/modprobe.d/fbdev-blacklist.conf /lib/modprobe.d/systemd.confJump to behavior
          Source: /bin/sh (PID: 6512)Grep executable: /usr/bin/grep -> grep -G ^blacklist.*amdgpu[[:space:]]*$ /etc/modprobe.d/alsa-base.conf /etc/modprobe.d/amd64-microcode-blacklist.conf /etc/modprobe.d/blacklist-ath_pci.conf /etc/modprobe.d/blacklist-firewire.conf /etc/modprobe.d/blacklist-framebuffer.conf /etc/modprobe.d/blacklist-modem.conf /etc/modprobe.d/blacklist-oss.conf /etc/modprobe.d/blacklist-rare-network.conf /etc/modprobe.d/blacklist.conf /etc/modprobe.d/intel-microcode-blacklist.conf /etc/modprobe.d/iwlwifi.conf /etc/modprobe.d/mdadm.confJump to behavior
          Source: /bin/sh (PID: 6517)Grep executable: /usr/bin/grep -> grep -G ^blacklist.*amdgpu[[:space:]]*$ /lib/modprobe.d/aliases.conf /lib/modprobe.d/blacklist_linux_5.4.0-72-generic.conf /lib/modprobe.d/blacklist_linux_5.4.0-81-generic.conf /lib/modprobe.d/fbdev-blacklist.conf /lib/modprobe.d/systemd.confJump to behavior
          Source: /bin/sh (PID: 6520)Grep executable: /usr/bin/grep -> grep -G ^blacklist.*nouveau[[:space:]]*$ /etc/modprobe.d/alsa-base.conf /etc/modprobe.d/amd64-microcode-blacklist.conf /etc/modprobe.d/blacklist-ath_pci.conf /etc/modprobe.d/blacklist-firewire.conf /etc/modprobe.d/blacklist-framebuffer.conf /etc/modprobe.d/blacklist-modem.conf /etc/modprobe.d/blacklist-oss.conf /etc/modprobe.d/blacklist-rare-network.conf /etc/modprobe.d/blacklist.conf /etc/modprobe.d/intel-microcode-blacklist.conf /etc/modprobe.d/iwlwifi.conf /etc/modprobe.d/mdadm.confJump to behavior
          Source: /bin/sh (PID: 6522)Grep executable: /usr/bin/grep -> grep -G ^blacklist.*nouveau[[:space:]]*$ /lib/modprobe.d/aliases.conf /lib/modprobe.d/blacklist_linux_5.4.0-72-generic.conf /lib/modprobe.d/blacklist_linux_5.4.0-81-generic.conf /lib/modprobe.d/fbdev-blacklist.conf /lib/modprobe.d/systemd.confJump to behavior
          Source: /bin/sh (PID: 6617)Grep executable: /usr/bin/grep -> grep -F .utf8Jump to behavior
          Source: /usr/share/gdm/generate-config (PID: 6525)Pkill executable: /usr/bin/pkill -> pkill --signal HUP --uid gdm dconf-serviceJump to behavior
          Source: /usr/bin/dash (PID: 6224)Rm executable: /usr/bin/rm -> rm -f /tmp/tmp.f8NtUib4dg /tmp/tmp.QwVtZeApeT /tmp/tmp.ExO63KUjCmJump to behavior
          Source: /usr/bin/dash (PID: 6225)Rm executable: /usr/bin/rm -> rm -f /tmp/tmp.f8NtUib4dg /tmp/tmp.QwVtZeApeT /tmp/tmp.ExO63KUjCmJump to behavior
          Source: /sbin/agetty (PID: 6513)Reads version info: /etc/issueJump to behavior
          Source: /sbin/agetty (PID: 6535)Reads version info: /etc/issueJump to behavior
          Source: /usr/sbin/gdm3 (PID: 6605)File: /var/run/gdm3 (bits: - usr: -x grp: x all: rwx)Jump to behavior
          Source: /usr/sbin/gdm3 (PID: 6605)File: /var/log/gdm3 (bits: - usr: -x grp: x all: rwx)Jump to behavior
          Source: /usr/lib/accountsservice/accounts-daemon (PID: 6609)File: /var/lib/AccountsService/icons (bits: - usr: rx grp: rwx all: rwx)Jump to behavior
          Source: /usr/lib/accountsservice/accounts-daemon (PID: 6609)File: /var/lib/AccountsService/users (bits: - usr: - grp: - all: rwx)Jump to behavior
          Source: /usr/sbin/rsyslogd (PID: 6411)Log file created: /var/log/kern.log
          Source: /usr/bin/gpu-manager (PID: 6493)Log file created: /var/log/gpu-manager.logJump to dropped file
          Source: /usr/sbin/rsyslogd (PID: 6500)Log file created: /var/log/kern.log
          Source: /usr/sbin/rsyslogd (PID: 6500)Log file created: /var/log/auth.log
          Source: /usr/sbin/rsyslogd (PID: 6534)Log file created: /var/log/kern.logJump to dropped file
          Source: /usr/sbin/rsyslogd (PID: 6534)Log file created: /var/log/auth.logJump to dropped file

          Hooking and other Techniques for Hiding and Protection

          barindex
          Sample deletes itself
          Source: /tmp/Aqua.arm5.elf (PID: 6252)File: /tmp/Aqua.arm5.elfJump to behavior
          Source: /usr/bin/gpu-manager (PID: 6493)Truncated file: /var/log/gpu-manager.logJump to behavior
          Source: /usr/bin/pkill (PID: 6525)Reads CPU info from /sys: /sys/devices/system/cpu/onlineJump to behavior
          Source: /usr/bin/pulseaudio (PID: 6673)Reads CPU info from /sys: /sys/devices/system/cpu/onlineJump to behavior
          Source: /tmp/Aqua.arm5.elf (PID: 6250)Queries kernel information via 'uname': Jump to behavior
          Source: /lib/systemd/systemd-hostnamed (PID: 6261)Queries kernel information via 'uname': Jump to behavior
          Source: /usr/sbin/rsyslogd (PID: 6411)Queries kernel information via 'uname': Jump to behavior
          Source: /usr/bin/gpu-manager (PID: 6493)Queries kernel information via 'uname': Jump to behavior
          Source: /usr/sbin/rsyslogd (PID: 6500)Queries kernel information via 'uname': Jump to behavior
          Source: /sbin/agetty (PID: 6513)Queries kernel information via 'uname': Jump to behavior
          Source: /usr/sbin/rsyslogd (PID: 6534)Queries kernel information via 'uname': Jump to behavior
          Source: /sbin/agetty (PID: 6535)Queries kernel information via 'uname': Jump to behavior
          Source: /usr/lib/gdm3/gdm-session-worker (PID: 6622)Queries kernel information via 'uname': Jump to behavior
          Source: /usr/bin/pulseaudio (PID: 6673)Queries kernel information via 'uname': Jump to behavior
          Source: Aqua.arm5.elf, 6250.1.00007ffcc5db7000.00007ffcc5dd8000.rw-.sdmpBinary or memory string: /tmp/qemu-open.x2zjOM
          Source: Aqua.arm5.elf, 6250.1.00007ffcc5db7000.00007ffcc5dd8000.rw-.sdmp, Aqua.arm5.elf, 6254.1.00007ffcc5db7000.00007ffcc5dd8000.rw-.sdmpBinary or memory string: 4x86_64/usr/bin/qemu-arm/tmp/Aqua.arm5.elfSUDO_USER=saturninoPATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/snap/binDISPLAY=:1.0XAUTHORITY=/run/user/1000/gdm/XauthoritySUDO_UID=1000TERM=xterm-256colorCOLORTERM=truecolorLOGNAME=rootUSER=rootLANG=en_US.UTF-8SUDO_COMMAND=/bin/bashHOME=/rootMAIL=/var/mail/rootSUDO_GID=1000SHELL=/bin/bash/tmp/Aqua.arm5.elf
          Source: Aqua.arm5.elf, 6250.1.000055b06a22b000.000055b06a359000.rw-.sdmp, Aqua.arm5.elf, 6254.1.000055b06a22b000.000055b06a359000.rw-.sdmpBinary or memory string: U!/etc/qemu-binfmt/arm
          Source: Aqua.arm5.elf, 6250.1.000055b06a22b000.000055b06a359000.rw-.sdmp, Aqua.arm5.elf, 6254.1.000055b06a22b000.000055b06a359000.rw-.sdmpBinary or memory string: /etc/qemu-binfmt/arm
          Source: Aqua.arm5.elf, 6250.1.00007ffcc5db7000.00007ffcc5dd8000.rw-.sdmpBinary or memory string: U/tmp/qemu-open.x2zjOM:
          Source: Aqua.arm5.elf, 6250.1.00007ffcc5db7000.00007ffcc5dd8000.rw-.sdmp, Aqua.arm5.elf, 6254.1.00007ffcc5db7000.00007ffcc5dd8000.rw-.sdmpBinary or memory string: /usr/bin/qemu-arm
          Source: syslog.35.drBinary or memory string: Dec 6 04:42:06 galassia kernel: [ 418.737116] Modules linked in: monitor(OE) md4 cmac cifs libarc4 fscache libdes vmw_vsock_vmci_transport vsock binfmt_misc dm_multipath scsi_dh_rdac scsi_dh_emc scsi_dh_alua vmw_balloon joydev input_leds serio_raw vmw_vmci sch_fq_codel drm parport_pc ppdev lp parport ip_tables x_tables autofs4 btrfs zstd_compress raid10 raid456 async_raid6_recov async_memcpy async_pq async_xor async_tx xor raid6_pq libcrc32c raid1 raid0 multipath linear crct10dif_pclmul crc32_pclmul ghash_clmulni_intel aesni_intel crypto_simd cryptd glue_helper psmouse ahci mptspi vmxnet3 scsi_transport_spi mptscsih libahci mptbase
          Source: syslog.35.drBinary or memory string: Dec 6 04:42:06 galassia kernel: [ 418.737151] Hardware name: VMware, Inc. VMware Virtual Platform/440BX Desktop Reference Platform, BIOS 6.00 12/12/2018
          Source: Aqua.arm5.elf, 6254.1.00007ffcc5db7000.00007ffcc5dd8000.rw-.sdmpBinary or memory string: qemu: uncaught target signal 11 (Segmentation fault) - core dumped

          Language, Device and Operating System Detection

          barindex
          Reads system files that contain records of logged in users
          Source: /usr/lib/accountsservice/accounts-daemon (PID: 6609)Logged in records file read: /var/log/wtmpJump to behavior

          Stealing of Sensitive Information

          barindex
          Yara detected Mirai
          Source: Yara matchFile source: Aqua.arm5.elf, type: SAMPLE
          Source: Yara matchFile source: 6254.1.00007fd614017000.00007fd61403b000.r-x.sdmp, type: MEMORY
          Source: Yara matchFile source: 6250.1.00007fd614017000.00007fd61403b000.r-x.sdmp, type: MEMORY
          Source: Yara matchFile source: Process Memory Space: Aqua.arm5.elf PID: 6250, type: MEMORYSTR
          Source: Yara matchFile source: Process Memory Space: Aqua.arm5.elf PID: 6254, type: MEMORYSTR

          Remote Access Functionality

          barindex
          Yara detected Mirai
          Source: Yara matchFile source: Aqua.arm5.elf, type: SAMPLE
          Source: Yara matchFile source: 6254.1.00007fd614017000.00007fd61403b000.r-x.sdmp, type: MEMORY
          Source: Yara matchFile source: 6250.1.00007fd614017000.00007fd61403b000.r-x.sdmp, type: MEMORY
          Source: Yara matchFile source: Process Memory Space: Aqua.arm5.elf PID: 6250, type: MEMORYSTR
          Source: Yara matchFile source: Process Memory Space: Aqua.arm5.elf PID: 6254, type: MEMORYSTR

          Mitre Att&ck Matrix

          ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
          Gather Victim Identity Information2
          Scripting          		Valid AccountsWindows Management Instrumentation2
          Scripting          		Path Interception1
          File and Directory Permissions Modification          		1
          OS Credential Dumping          		11
          Security Software Discovery          		Remote ServicesData from Local System1
          Encrypted Channel          		Exfiltration Over Other Network Medium1
          Service Stop
          CredentialsDomainsDefault AccountsScheduled Task/JobBoot or Logon Initialization ScriptsBoot or Logon Initialization Scripts1
          Disable or Modify Tools          		LSASS Memory1
          System Owner/User Discovery          		Remote Desktop ProtocolData from Removable Media1
          Non-Standard Port          		Exfiltration Over BluetoothNetwork Denial of Service
          Email AddressesDNS ServerDomain AccountsAtLogon Script (Windows)Logon Script (Windows)1
          Hidden Files and Directories          		Security Account Manager11
          File and Directory Discovery          		SMB/Windows Admin SharesData from Network Shared Drive2
          Non-Application Layer Protocol          		Automated ExfiltrationData Encrypted for Impact
          Employee NamesVirtual Private ServerLocal AccountsCronLogin HookLogin Hook1
          Indicator Removal          		NTDS2
          System Information Discovery          		Distributed Component Object ModelInput Capture3
          Application Layer Protocol          		Traffic DuplicationData Destruction
          Gather Victim Network InformationServerCloud AccountsLaunchdNetwork Logon ScriptNetwork Logon Script11
          File Deletion          		LSA SecretsInternet Connection DiscoverySSHKeyloggingFallback ChannelsScheduled TransferData Encrypted for Impact

          Malware Configuration

          No configs have been found

          Behavior Graph

          Hide Legend

          Legend:

          • Process
          • Signature
          • Created File
          • DNS/IP Info
          • Is Dropped
          • Number of created Files
          • Is malicious
          • Internet
          behaviorgraph top1 dnsIp2 2 Behavior Graph ID: 1569921 Sample: Aqua.arm5.elf Startdate: 06/12/2024 Architecture: LINUX Score: 92 79 server.eye-network.ru. [malformed] 2->79 81 server.eye-network.ru 2->81 83 7 other IPs or domains 2->83 93 Malicious sample detected (through community Yara rule) 2->93 95 Antivirus / Scanner detection for submitted sample 2->95 97 Multi AV Scanner detection for submitted file 2->97 99 Yara detected Mirai 2->99 11 systemd gdm3 2->11         started        13 systemd gpu-manager 2->13         started        15 dash rm Aqua.arm5.elf 2->15         started        17 27 other processes 2->17 signatures3 101 Sends malformed DNS queries 79->101 process4 file5 21 gdm3 gdm-session-worker 11->21         started        36 3 other processes 11->36 23 gpu-manager sh 13->23         started        25 gpu-manager sh 13->25         started        27 gpu-manager sh 13->27         started        38 5 other processes 13->38 29 Aqua.arm5.elf 15->29         started        77 /var/log/wtmp, data 17->77 dropped 87 Sample reads /proc/mounts (often used for finding a writable filesystem) 17->87 89 Reads system files that contain records of logged in users 17->89 32 accounts-daemon language-validate 17->32         started        34 generate-config pkill 17->34         started        signatures6 process7 signatures8 40 gdm-session-worker gdm-wayland-session 21->40         started        42 sh grep 23->42         started        44 sh grep 25->44         started        46 sh grep 27->46         started        103 Sample deletes itself 29->103 48 Aqua.arm5.elf 29->48         started        51 language-validate language-options 32->51         started        53 sh grep 38->53         started        55 sh grep 38->55         started        57 3 other processes 38->57 process9 signatures10 59 gdm-wayland-session dbus-run-session 40->59         started        61 gdm-wayland-session dbus-daemon 40->61         started        85 Sample tries to kill multiple processes (SIGKILL) 48->85 64 language-options sh 51->64         started        process11 signatures12 66 dbus-run-session dbus-daemon 59->66         started        105 Sample reads /proc/mounts (often used for finding a writable filesystem) 61->105 69 dbus-daemon 61->69         started        71 sh locale 64->71         started        73 sh grep 64->73         started        process13 signatures14 91 Sample reads /proc/mounts (often used for finding a writable filesystem) 66->91 75 dbus-daemon false 69->75         started        process15

          Antivirus, Machine Learning and Genetic Malware Detection

          Initial Sample

          SourceDetectionScannerLabelLink
          Aqua.arm5.elf39%ReversingLabsLinux.Backdoor.Mirai
          Aqua.arm5.elf100%AviraEXP/ELF.Mirai.Z.A

          Dropped Files

          No Antivirus matches

          Domains

          No Antivirus matches

          URLs

          No Antivirus matches

          Domains and IPs

          Contacted Domains

          NameIPActiveMaliciousAntivirus DetectionReputation
          daisy.ubuntu.com
          		162.213.35.24
          		truefalse
            		high
            server.eye-network.ru
            		unknown
            		unknowntrue
              		unknown
              server.eye-network.ru. [malformed]
              		unknown
              		unknowntrue
                		unknown

                Contacted URLs

                NameMaliciousAntivirus DetectionReputation
                https://daisy.ubuntu.com/9aadafe2051348cd32033e1cad68f0a5fe46fba3240ac1e6e42158f31b8a1371790c09baf3996b4979fe8e533446c7dedf30f654c68b25357334c66911dc6a9efalse
                  		high

                  URLs from Memory and Binaries

                  NameSourceMaliciousAntivirus DetectionReputation
                  https://www.rsyslog.comsyslog.35.dr, syslog.57.dr, syslog.101.drfalse
                    		high

                    World Map of Contacted IPs

                    • No. of IPs < 25%
                    • 25% < No. of IPs < 50%
                    • 50% < No. of IPs < 75%
                    • 75% < No. of IPs

                    Public IPs

                    IPDomainCountryFlagASNASN NameMalicious
                    54.171.230.55
                    		unknownUnited States
                    		16509AMAZON-02USfalse
                    162.213.35.25
                    		unknownUnited States
                    		41231CANONICAL-ASGBfalse
                    89.190.156.145
                    		unknownUnited Kingdom
                    		7489HOSTUS-GLOBAL-ASHostUSHKfalse
                    109.202.202.202
                    		unknownSwitzerland
                    		13030INIT7CHfalse
                    91.189.91.43
                    		unknownUnited Kingdom
                    		41231CANONICAL-ASGBfalse
                    91.189.91.42
                    		unknownUnited Kingdom
                    		41231CANONICAL-ASGBfalse

                    Joe Sandbox View / Context

                    IPs

                    MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                    54.171.230.55x86.elfGet hashmaliciousUnknownBrowse
                      arm6.elfGet hashmaliciousUnknownBrowse
                        spc.elfGet hashmaliciousUnknownBrowse
                          mpsl.elfGet hashmaliciousUnknownBrowse
                            mips.elfGet hashmaliciousUnknownBrowse
                              sshd.elfGet hashmaliciousUnknownBrowse
                                sshd.elfGet hashmaliciousUnknownBrowse
                                  x86_32.nn.elfGet hashmaliciousMirai, OkiruBrowse
                                    x86_64.nn.elfGet hashmaliciousMirai, OkiruBrowse
                                      co.elfGet hashmaliciousGafgyt, MiraiBrowse
                                        162.213.35.25Aqua.m68k.elfGet hashmaliciousMiraiBrowse
                                          dwhdbg.elfGet hashmaliciousMiraiBrowse
                                            iwir64.elfGet hashmaliciousMiraiBrowse
                                              vsbeps.elfGet hashmaliciousMiraiBrowse
                                                qkehusl.elfGet hashmaliciousMiraiBrowse
                                                  dwhdbg.elfGet hashmaliciousMiraiBrowse
                                                    vwkjebwi686.elfGet hashmaliciousMiraiBrowse
                                                      jwwofba5.elfGet hashmaliciousMiraiBrowse
                                                        dvwkja7.elfGet hashmaliciousMiraiBrowse
                                                          dvwkja7.elfGet hashmaliciousMiraiBrowse
                                                            89.190.156.145Aqua.mips.elfGet hashmaliciousMiraiBrowse
                                                              Aqua.i686.elfGet hashmaliciousMiraiBrowse
                                                                Aqua.x86.elfGet hashmaliciousMiraiBrowse
                                                                  Aqua.arm7.elfGet hashmaliciousMiraiBrowse
                                                                    Aqua.ppc.elfGet hashmaliciousMiraiBrowse
                                                                      Aqua.mpsl.elfGet hashmaliciousMiraiBrowse
                                                                        Aqua.arm4.elfGet hashmaliciousMiraiBrowse
                                                                          Aqua.m68k.elfGet hashmaliciousMiraiBrowse
                                                                            dwhdbg.elfGet hashmaliciousMiraiBrowse
                                                                              vwkjebwi686.elfGet hashmaliciousMiraiBrowse
                                                                                109.202.202.202kpLwzBouH4.elfGet hashmaliciousUnknownBrowse
                                                                                • ch.archive.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_92.0%2bbuild3-0ubuntu0.20.04.1_amd64.deb

                                                                                Domains

                                                                                MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                daisy.ubuntu.comAqua.arm7.elfGet hashmaliciousMiraiBrowse
                                                                                • 162.213.35.25
                                                                                Aqua.ppc.elfGet hashmaliciousMiraiBrowse
                                                                                • 162.213.35.25
                                                                                Aqua.arm6.elfGet hashmaliciousMiraiBrowse
                                                                                • 162.213.35.25
                                                                                Aqua.m68k.elfGet hashmaliciousMiraiBrowse
                                                                                • 162.213.35.24
                                                                                main_x86.elfGet hashmaliciousMiraiBrowse
                                                                                • 162.213.35.25
                                                                                debug.dbg.elfGet hashmaliciousMirai, OkiruBrowse
                                                                                • 162.213.35.24
                                                                                arm6.nn-20241205-0609.elfGet hashmaliciousMirai, OkiruBrowse
                                                                                • 162.213.35.25
                                                                                sh4.nn.elfGet hashmaliciousMirai, OkiruBrowse
                                                                                • 162.213.35.25
                                                                                boatnet.arm.elfGet hashmaliciousMiraiBrowse
                                                                                • 162.213.35.25
                                                                                bin.sh.elfGet hashmaliciousMiraiBrowse
                                                                                • 162.213.35.24

                                                                                ASNs

                                                                                MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                HOSTUS-GLOBAL-ASHostUSHKAqua.mips.elfGet hashmaliciousMiraiBrowse
                                                                                • 89.190.156.145
                                                                                Aqua.i686.elfGet hashmaliciousMiraiBrowse
                                                                                • 89.190.156.145
                                                                                Aqua.x86.elfGet hashmaliciousMiraiBrowse
                                                                                • 89.190.156.145
                                                                                Aqua.arm7.elfGet hashmaliciousMiraiBrowse
                                                                                • 89.190.156.145
                                                                                Aqua.ppc.elfGet hashmaliciousMiraiBrowse
                                                                                • 89.190.156.145
                                                                                Aqua.mpsl.elfGet hashmaliciousMiraiBrowse
                                                                                • 89.190.156.145
                                                                                Aqua.arm4.elfGet hashmaliciousMiraiBrowse
                                                                                • 89.190.156.145
                                                                                Aqua.m68k.elfGet hashmaliciousMiraiBrowse
                                                                                • 89.190.156.145
                                                                                dwhdbg.elfGet hashmaliciousMiraiBrowse
                                                                                • 89.190.156.145
                                                                                vwkjebwi686.elfGet hashmaliciousMiraiBrowse
                                                                                • 89.190.156.145
                                                                                AMAZON-02USmain_spc.elfGet hashmaliciousMiraiBrowse
                                                                                • 54.104.48.220
                                                                                na.elfGet hashmaliciousUnknownBrowse
                                                                                • 52.216.45.205
                                                                                https://hr-recruitment-application.com/red-bull/id-00981Get hashmaliciousUnknownBrowse
                                                                                • 52.38.173.188
                                                                                jW3NEKvxH1.exeGet hashmaliciousRemcos, DBatLoaderBrowse
                                                                                • 185.166.143.50
                                                                                yG53aU3gGm.exeGet hashmaliciousUnknownBrowse
                                                                                • 185.166.143.50
                                                                                yG53aU3gGm.exeGet hashmaliciousUnknownBrowse
                                                                                • 185.166.143.50
                                                                                QUOTATON-37839993.exeGet hashmaliciousFormBookBrowse
                                                                                • 13.228.81.39
                                                                                http://www.javatpoint.com.cach3.com/Get hashmaliciousUnknownBrowse
                                                                                • 52.76.92.93
                                                                                f3aef511705f37f9792c6032b936ca61.exeGet hashmaliciousNjratBrowse
                                                                                • 18.157.68.73
                                                                                https://skillbridge.ca/onlinePaymentverify.htmlGet hashmaliciousUnknownBrowse
                                                                                • 108.158.75.100
                                                                                CANONICAL-ASGBAqua.arm7.elfGet hashmaliciousMiraiBrowse
                                                                                • 91.189.91.42
                                                                                Aqua.ppc.elfGet hashmaliciousMiraiBrowse
                                                                                • 91.189.91.42
                                                                                Aqua.m68k.elfGet hashmaliciousMiraiBrowse
                                                                                • 91.189.91.42
                                                                                i.elfGet hashmaliciousMiraiBrowse
                                                                                • 91.189.91.42
                                                                                main_arm6.elfGet hashmaliciousMiraiBrowse
                                                                                • 91.189.91.42
                                                                                tftp.elfGet hashmaliciousUnknownBrowse
                                                                                • 91.189.91.42
                                                                                memfd.elfGet hashmaliciousUnknownBrowse
                                                                                • 91.189.91.42
                                                                                tftp.elfGet hashmaliciousUnknownBrowse
                                                                                • 91.189.91.42
                                                                                x86.elfGet hashmaliciousMirai, OkiruBrowse
                                                                                • 91.189.91.42
                                                                                arm5.elfGet hashmaliciousMirai, Gafgyt, OkiruBrowse
                                                                                • 91.189.91.42

                                                                                JA3 Fingerprints

                                                                                No context

                                                                                Dropped Files

                                                                                No context

                                                                                Created / dropped Files

                                                                                /home/saturnino/.config/pulse/ee49dfd4fa47433baee88884e2d7de7c-default-sink

                                                                                Download File
                                                                                Process:/usr/bin/pulseaudio
                                                                                File Type:ASCII text
                                                                                Category:dropped
                                                                                Size (bytes):10
                                                                                Entropy (8bit):2.9219280948873623
                                                                                Encrypted:false
                                                                                SSDEEP:3:5bkPn:pkP
                                                                                MD5:FF001A15CE15CF062A3704CEA2991B5F
                                                                                SHA1:B06F6855F376C3245B82212AC73ADED55DFE5DEF
                                                                                SHA-256:C54830B41ECFA1B6FBDC30397188DDA86B7B200E62AEAC21AE694A6192DCC38A
                                                                                SHA-512:65EBF7C31F6F65713CE01B38A112E97D0AE64A6BD1DA40CE4C1B998F10CD3912EE1A48BB2B279B24493062118AAB3B8753742E2AF28E56A31A7AAB27DE80E7BF
                                                                                Malicious:false
                                                                                Reputation:moderate, very likely benign file
                                                                                Preview:auto_null.

                                                                                /home/saturnino/.config/pulse/ee49dfd4fa47433baee88884e2d7de7c-default-source

                                                                                Download File
                                                                                Process:/usr/bin/pulseaudio
                                                                                File Type:ASCII text
                                                                                Category:dropped
                                                                                Size (bytes):18
                                                                                Entropy (8bit):3.4613201402110088
                                                                                Encrypted:false
                                                                                SSDEEP:3:5bkrIZsXvn:pkckv
                                                                                MD5:28FE6435F34B3367707BB1C5D5F6B430
                                                                                SHA1:EB8FE2D16BD6BBCCE106C94E4D284543B2573CF6
                                                                                SHA-256:721A37C69E555799B41D308849E8F8125441883AB021B723FED90A9B744F36C0
                                                                                SHA-512:6B6AB7C0979629D0FEF6BE47C5C6BCC367EDD0AAE3FC973F4DE2FD5F0A819C89E7656DB65D453B1B5398E54012B27EDFE02894AD87A7E0AF3A9C5F2EB24A9919
                                                                                Malicious:false
                                                                                Reputation:moderate, very likely benign file
                                                                                Preview:auto_null.monitor.

                                                                                /proc/6631/oom_score_adj

                                                                                Download File
                                                                                Process:/usr/bin/dbus-daemon
                                                                                File Type:very short file (no magic)
                                                                                Category:dropped
                                                                                Size (bytes):1
                                                                                Entropy (8bit):0.0
                                                                                Encrypted:false
                                                                                SSDEEP:3:V:V
                                                                                MD5:CFCD208495D565EF66E7DFF9F98764DA
                                                                                SHA1:B6589FC6AB0DC82CF12099D1C2D40AB994E8410C
                                                                                SHA-256:5FECEB66FFC86F38D952786C6D696C79C2DBC239DD4E91B46729D73A27FB57E9
                                                                                SHA-512:31BCA02094EB78126A517B206A88C73CFA9EC6F704C7030D18212CACE820F025F00BF0EA68DBF3F3A5436CA63B53BF7BF80AD8D5DE7D8359D0B7FED9DBC3AB99
                                                                                Malicious:false
                                                                                Reputation:high, very likely benign file
                                                                                Preview:0

                                                                                /run/gdm3.pid

                                                                                Download File
                                                                                Process:/usr/sbin/gdm3
                                                                                File Type:ASCII text
                                                                                Category:dropped
                                                                                Size (bytes):5
                                                                                Entropy (8bit):1.9219280948873623
                                                                                Encrypted:false
                                                                                SSDEEP:3:8:8
                                                                                MD5:45256D5CBEBF40978D314F5A58A6693D
                                                                                SHA1:4C0E12A6041195301883BBB22556E9B6D399FE25
                                                                                SHA-256:515F8717F7A3C0EAA7066C2A989325B90FA8489422EC2FA2E2944330CD7BEED0
                                                                                SHA-512:A7018B1003A6E8C23D32F0BAD2028E9163A6CA60821C9D037D2BA7856D3803BE257215EBA98F1241112437B6A0785182FFFA3C4DA04BA6EDF295646E6D9D21E8
                                                                                Malicious:false
                                                                                Reputation:low
                                                                                Preview:6605.

                                                                                /run/systemd/seats/.#seat05Ai2cY

                                                                                Download File
                                                                                Process:/lib/systemd/systemd-logind
                                                                                File Type:ASCII text
                                                                                Category:dropped
                                                                                Size (bytes):95
                                                                                Entropy (8bit):4.921230646592726
                                                                                Encrypted:false
                                                                                SSDEEP:3:SbFVVmFyinKMsuH47rLg205vmLUbr+v:SbFuFyLwH47Pg20ggWv
                                                                                MD5:BE58CCABC942125F5E27AF6EB1BA2F88
                                                                                SHA1:07C20F55E36EE48869B223B8FC4DBC227C7353AC
                                                                                SHA-256:551B1D1C8E5953D5D0CF49C83C1568E2FBEF8BDDB69903B3DA82240B777B4629
                                                                                SHA-512:E5A270995FDE80530927E0BACD3BF76EE820C968AABD55D2E34579326F388AFD6DE7FB8C5D54F69D3F6AC30A5B587FD3B0456FC60326E7DF4F45789A900D046C
                                                                                Malicious:false
                                                                                Preview:# This is private data. Do not parse..IS_SEAT0=1.CAN_MULTI_SESSION=1.CAN_TTY=1.CAN_GRAPHICAL=0.

                                                                                /run/systemd/seats/.#seat0O8VX6V

                                                                                Download File
                                                                                Process:/lib/systemd/systemd-logind
                                                                                File Type:ASCII text
                                                                                Category:dropped
                                                                                Size (bytes):116
                                                                                Entropy (8bit):4.957035419463244
                                                                                Encrypted:false
                                                                                SSDEEP:3:SbFVVmFyinKMsuH47rLg205vmLUbr+ugKQ2KwshcXSv:SbFuFyLwH47Pg20ggWunQ2rNXc
                                                                                MD5:66D114877B3B4DB3BDD8A3AD4F5E7421
                                                                                SHA1:62E0CB0F51E0E3F97BE251CB917968DFF69ED344
                                                                                SHA-256:A922628916A7DDBE2BAA33F421C82250527EA3C28E429749353A1C75C0C18860
                                                                                SHA-512:5651247FA236DCF020A3C8456E4A9A74A85C5B9B3CCE94A3CF8F85FD4D66465C9F97DF7A1822E6CA4553C02BE149F3021D58DCC0C8CB6DCF37F915BD0A158187
                                                                                Malicious:false
                                                                                Preview:# This is private data. Do not parse..IS_SEAT0=1.CAN_MULTI_SESSION=1.CAN_TTY=1.CAN_GRAPHICAL=0.SESSIONS=c1.UIDS=127.

                                                                                /run/systemd/seats/.#seat0j6uDiT

                                                                                Download File
                                                                                Process:/lib/systemd/systemd-logind
                                                                                File Type:ASCII text
                                                                                Category:dropped
                                                                                Size (bytes):95
                                                                                Entropy (8bit):4.921230646592726
                                                                                Encrypted:false
                                                                                SSDEEP:3:SbFVVmFyinKMsuH47rLg205vmLUbr+v:SbFuFyLwH47Pg20ggWv
                                                                                MD5:BE58CCABC942125F5E27AF6EB1BA2F88
                                                                                SHA1:07C20F55E36EE48869B223B8FC4DBC227C7353AC
                                                                                SHA-256:551B1D1C8E5953D5D0CF49C83C1568E2FBEF8BDDB69903B3DA82240B777B4629
                                                                                SHA-512:E5A270995FDE80530927E0BACD3BF76EE820C968AABD55D2E34579326F388AFD6DE7FB8C5D54F69D3F6AC30A5B587FD3B0456FC60326E7DF4F45789A900D046C
                                                                                Malicious:false
                                                                                Preview:# This is private data. Do not parse..IS_SEAT0=1.CAN_MULTI_SESSION=1.CAN_TTY=1.CAN_GRAPHICAL=0.

                                                                                /run/systemd/users/.#127Km3Y2U

                                                                                Download File
                                                                                Process:/lib/systemd/systemd-logind
                                                                                File Type:ASCII text
                                                                                Category:dropped
                                                                                Size (bytes):223
                                                                                Entropy (8bit):5.456730506170413
                                                                                Encrypted:false
                                                                                SSDEEP:6:SbFuFyL3BVgdL87ynAir/0IxffQ0JgqNu5t6EB6:qgFq30dABibBICgGKIw6
                                                                                MD5:03311A130F0022A8DA9DB354212862BD
                                                                                SHA1:41AD013EBE0131E909872CFA9B922911C4A67438
                                                                                SHA-256:80B280DBF2BB444B8DAAB784990B56FBF698218CDA7090067D4E8E74D6E90D5D
                                                                                SHA-512:DB1705623A436B25A24E78DA973AA07130611B71E08E66D760C637C3B157FEB196DBB4D87E22AEC1BF925DC2FE92D94496E021FF00E99C84007F63F783599CF6
                                                                                Malicious:false
                                                                                Preview:# This is private data. Do not parse..NAME=gdm.STATE=closing.STOPPING=yes.RUNTIME=/run/user/127.SERVICE_JOB=/org/freedesktop/systemd1/job/13006.REALTIME=1733481746231544.MONOTONIC=438351866.LAST_SESSION_TIMESTAMP=438430355.

                                                                                /run/systemd/users/.#127RoIWiX

                                                                                Download File
                                                                                Process:/lib/systemd/systemd-logind
                                                                                File Type:ASCII text
                                                                                Category:dropped
                                                                                Size (bytes):282
                                                                                Entropy (8bit):5.3020208891335265
                                                                                Encrypted:false
                                                                                SSDEEP:6:SbFuFyL3BVgVuR257iesnAir/0Ixff6GJgqNZ2thQc2pb02/g2p9rwB:qgFq30VuR8L/ibB7gGIthQHtPYq9M
                                                                                MD5:90F5B13CC5C69DF98CB22FD43ECDC627
                                                                                SHA1:5F7D021B4845041061BC54EDA4E3DCBD8A64FFA7
                                                                                SHA-256:8346F796E6E51517B4BE640148420CB394DCE208C0C81526D7E9AC2C4058CFF0
                                                                                SHA-512:9365919DAA0AB2796D026B65D3E83D8886AB01891D509B8C21E288474431636F38D1BCC0DAEEE5BEC14220CDEF275A6DE7ED69D9354C6D99BA7A010CFF8A1399
                                                                                Malicious:false
                                                                                Preview:# This is private data. Do not parse..NAME=gdm.STATE=opening.STOPPING=no.RUNTIME=/run/user/127.SERVICE_JOB=/org/freedesktop/systemd1/job/12944.REALTIME=1733481746231544.MONOTONIC=438351866.SESSIONS=c1.SEATS=seat0.ACTIVE_SESSIONS=.ONLINE_SESSIONS=c1.ACTIVE_SEATS=.ONLINE_SEATS=seat0.

                                                                                /run/systemd/users/.#127puFNyY

                                                                                Download File
                                                                                Process:/lib/systemd/systemd-logind
                                                                                File Type:ASCII text
                                                                                Category:dropped
                                                                                Size (bytes):282
                                                                                Entropy (8bit):5.3020208891335265
                                                                                Encrypted:false
                                                                                SSDEEP:6:SbFuFyL3BVgVuR257iesnAir/0Ixff6GJgqNZ2thQc2pb02/g2p9rwB:qgFq30VuR8L/ibB7gGIthQHtPYq9M
                                                                                MD5:90F5B13CC5C69DF98CB22FD43ECDC627
                                                                                SHA1:5F7D021B4845041061BC54EDA4E3DCBD8A64FFA7
                                                                                SHA-256:8346F796E6E51517B4BE640148420CB394DCE208C0C81526D7E9AC2C4058CFF0
                                                                                SHA-512:9365919DAA0AB2796D026B65D3E83D8886AB01891D509B8C21E288474431636F38D1BCC0DAEEE5BEC14220CDEF275A6DE7ED69D9354C6D99BA7A010CFF8A1399
                                                                                Malicious:false
                                                                                Preview:# This is private data. Do not parse..NAME=gdm.STATE=opening.STOPPING=no.RUNTIME=/run/user/127.SERVICE_JOB=/org/freedesktop/systemd1/job/12944.REALTIME=1733481746231544.MONOTONIC=438351866.SESSIONS=c1.SEATS=seat0.ACTIVE_SESSIONS=.ONLINE_SESSIONS=c1.ACTIVE_SEATS=.ONLINE_SEATS=seat0.

                                                                                /run/systemd/users/.#127rbfDbX

                                                                                Download File
                                                                                Process:/lib/systemd/systemd-logind
                                                                                File Type:ASCII text
                                                                                Category:dropped
                                                                                Size (bytes):188
                                                                                Entropy (8bit):4.928997328913428
                                                                                Encrypted:false
                                                                                SSDEEP:3:SbFVVmFyinKMs5BuSgVuMI2sKiYiesnAv/XS12K2hwEY8mTQ2pJi22sQ2KkmD2pi:SbFuFyL3BVgVuR257iesnAi12thQc2p4
                                                                                MD5:065A3AD1A34A9903F536410ECA748105
                                                                                SHA1:21CD684DF60D569FA96EEEB66A0819EAC1B2B1A4
                                                                                SHA-256:E80554BF0FF4E32C61D4FA3054F8EFB27A26F1C37C91AE4EA94445C400693941
                                                                                SHA-512:DB3C42E893640BAEE9F0001BDE6E93ED40CC33198AC2B47328F577D3C71E2C2E986AAAFEF5BD8ADBC639B5C24ADF715D87034AE24B697331FF6FEC5962630064
                                                                                Malicious:false
                                                                                Preview:# This is private data. Do not parse..NAME=gdm.STATE=opening.STOPPING=no.RUNTIME=/run/user/127.SESSIONS=c1.SEATS=seat0.ACTIVE_SESSIONS=.ONLINE_SESSIONS=c1.ACTIVE_SEATS=.ONLINE_SEATS=seat0.

                                                                                /run/systemd/users/.#127yjOUzY

                                                                                Download File
                                                                                Process:/lib/systemd/systemd-logind
                                                                                File Type:ASCII text
                                                                                Category:dropped
                                                                                Size (bytes):174
                                                                                Entropy (8bit):5.287920995017701
                                                                                Encrypted:false
                                                                                SSDEEP:3:SbFVVmFyinKMs5BuSgdNR2sKiYiesnAv/XSHxJgG7LRHTx4R5206qodvWB6:SbFuFyL3BVgdL87iesnAiRJgqNu5t6EY
                                                                                MD5:50CE9959B2A33E17BAF83BCA2267708D
                                                                                SHA1:3658727C884078D834102F3C3BC40BFB4AC2EA1F
                                                                                SHA-256:D72D063DCA0CB70A6E63F54A01D72B497672E57B36A55B8C2451C9FE52075B06
                                                                                SHA-512:7DB9295C1A79D01C704919B60EE6DA70C444648494241B225ED60AB41D47EB62E32D19C2F825DCC857E1F9DF9EA897E378B8D0C416985A025CD3F9471EF61DAC
                                                                                Malicious:false
                                                                                Preview:# This is private data. Do not parse..NAME=gdm.STATE=closing.STOPPING=no.RUNTIME=/run/user/127.REALTIME=1733481746231544.MONOTONIC=438351866.LAST_SESSION_TIMESTAMP=438430355.

                                                                                /run/user/1000/pulse/pid

                                                                                Download File
                                                                                Process:/usr/bin/pulseaudio
                                                                                File Type:ASCII text
                                                                                Category:dropped
                                                                                Size (bytes):5
                                                                                Entropy (8bit):1.9219280948873623
                                                                                Encrypted:false
                                                                                SSDEEP:3:9vn:Nn
                                                                                MD5:289B54A4D30E2078EB146569B16A47E6
                                                                                SHA1:37682CAFF1B08FC2CC12AC1C2BB846E9CFE49D37
                                                                                SHA-256:EDCA54B01E931195FD893E0716AE8D7EF548DEB8193BD1079C6C692B0EDE5EC2
                                                                                SHA-512:B607685FF96C00E6F8259A4100B3F0A6F724A7A24BB6BA72BF0D1463C87C0C4A61BD681437DE27BDD9D8547C23C3F03752735412E6E65538E9947866C34F943D
                                                                                Malicious:false
                                                                                Preview:6673.

                                                                                /run/utmp

                                                                                Download File
                                                                                Process:/sbin/agetty
                                                                                File Type:data
                                                                                Category:dropped
                                                                                Size (bytes):384
                                                                                Entropy (8bit):0.6775035134351416
                                                                                Encrypted:false
                                                                                SSDEEP:3:/AsXlXEWtl/55mlX:/h+ylSX
                                                                                MD5:C845632ECEE10BA106F9549808FF3960
                                                                                SHA1:9A2A89D80553CC6CF548254B1DA63C48288E4127
                                                                                SHA-256:5E1216F27E42CF92A0D63F647678F52DEAF42AE62238682E4C12ED75EBD17D50
                                                                                SHA-512:3480846FEB3C8FCC61FC6A9B2F5DF87DF7F1C772CF3378C424D7899B843AE5ADE4DCBF5AAE0AFAB0CE368DFA7F1DB6FF84250EE0524E93AFC21C7EBF86B65B8E
                                                                                Malicious:false
                                                                                Preview:........tty2.tty2.......................tty2LOGIN.....................................................................................................................................................................................................................................................................................................Rgv.......................................

                                                                                /tmp/qemu-open.x2zjOM (deleted)

                                                                                Download File
                                                                                Process:/tmp/Aqua.arm5.elf
                                                                                File Type:data
                                                                                Category:dropped
                                                                                Size (bytes):29
                                                                                Entropy (8bit):4.1162646156680225
                                                                                Encrypted:false
                                                                                SSDEEP:3:Tg0wV8HJN:TguJN
                                                                                MD5:4544A7679D740EEB693F73BE3B914EA6
                                                                                SHA1:D464EFA50C50C678F92B3527D32F733EE193E9FD
                                                                                SHA-256:BF8D67FE4A6830DF4F7C4EFDF835D627B7AC41C686A405ECBEBE1D58FE741A08
                                                                                SHA-512:828DBECBB143E5502FE6FE8B1CA67AFE4FAB9DFD02B0C9EEDFB648166A3F5CE4B2BC5927852CDC277B1D25B80431CCB2C637536B17D834AA3DA53B7926330024
                                                                                Malicious:false
                                                                                Preview:/tmp/Aqua.arm5.elf.nwlrbbmqbh

                                                                                /var/lib/AccountsService/users/gdm.A6QQY2

                                                                                Download File
                                                                                Process:/usr/lib/accountsservice/accounts-daemon
                                                                                File Type:ASCII text
                                                                                Category:dropped
                                                                                Size (bytes):61
                                                                                Entropy (8bit):4.66214589518167
                                                                                Encrypted:false
                                                                                SSDEEP:3:urzMQvNT+PzKLrAan4R8AKn:gzMQIzKLrAa4M
                                                                                MD5:542BA3FB41206AE43928AF1C5E61FEBC
                                                                                SHA1:F56F574DAF50D609526B36B5B54FDD59EA4D6A26
                                                                                SHA-256:730D9509D4EAA7266829A8F5A8CFEBA6BBDDD5873FC2BD580AD464F4A237E11A
                                                                                SHA-512:D774B8F191A5C65228D1B3CA1181701CFCD07A3D91C5571B0DDF32AD3E241C2D7BDFC0697AB97DC10441EF9CDC8AEE5B19BC34E13E5C8B0B91AD06EEF42F5AEA
                                                                                Malicious:false
                                                                                Preview:[User].XSession=.Icon=/var/lib/gdm3/.face.SystemAccount=true.

                                                                                /var/lib/ubuntu-drivers-common/last_gfx_boot

                                                                                Download File
                                                                                Process:/usr/bin/gpu-manager
                                                                                File Type:ASCII text
                                                                                Category:dropped
                                                                                Size (bytes):25
                                                                                Entropy (8bit):2.7550849518197795
                                                                                Encrypted:false
                                                                                SSDEEP:3:JoT/V9fDVbn:M/V3n
                                                                                MD5:078760523943E160756979906B85FB5E
                                                                                SHA1:0962643266F4C5537F7D125046F28F21D6DD0C89
                                                                                SHA-256:048416AC7A9A99690B8B53718CD39F32F637B55CC8DD8E67E58E5AEF060DD41C
                                                                                SHA-512:DEFAAE8F8B54C61A716A0B0B4884358FEB8EB44DFEA01AAA5A687FDA7182792B7DEBB34AA840672EB3B40EB59FD0186749E08E47D181786C7FAA8C8F73F0104D
                                                                                Malicious:false
                                                                                Preview:15ad:0405;0000:00:0f:0;1.

                                                                                /var/log/auth.log

                                                                                Download File
                                                                                Process:/usr/sbin/rsyslogd
                                                                                File Type:ASCII text
                                                                                Category:dropped
                                                                                Size (bytes):1537
                                                                                Entropy (8bit):4.881860927955781
                                                                                Encrypted:false
                                                                                SSDEEP:24:VuZeaBuZ4BBwGB4R4p50rAvZrA2+VDklt0pYrpfJrpOKSUgerCQU:Ov2fV3YrjrV0erCn
                                                                                MD5:84C789C40EB1A1D436CC361C64A35AC2
                                                                                SHA1:49AB5FF8589512526D9451E013B7F1293CD84ACD
                                                                                SHA-256:F954B8DB9601F911C94FC06985458ACB30EF98AEC505134D29EFE4D8B0CA6CEE
                                                                                SHA-512:1E096EFA85805FE53FDB52D751727A101CA44F7CEDABE9DAB0B8F42DC17F2F3572DDF98BAD2F58A9D365244C4BDC9B2E34AC485235C74E81390BC938362D6C88
                                                                                Malicious:false
                                                                                Preview:Dec 6 04:42:21 galassia systemd-logind[6543]: Failed to add user by file name 1000, ignoring: Invalid argument.Dec 6 04:42:21 galassia systemd-logind[6543]: Failed to add user by file name 127, ignoring: Invalid argument.Dec 6 04:42:21 galassia systemd-logind[6543]: User enumeration failed: Invalid argument.Dec 6 04:42:21 galassia systemd-logind[6543]: User of session 2 not known..Dec 6 04:42:21 galassia systemd-logind[6543]: User of session c1 not known..Dec 6 04:42:21 galassia systemd-logind[6543]: Session enumeration failed: No such file or directory.Dec 6 04:42:21 galassia systemd-logind[6543]: Watching system buttons on /dev/input/event0 (Power Button).Dec 6 04:42:21 galassia systemd-logind[6543]: Watching system buttons on /dev/input/event1 (AT Translated Set 2 keyboard).Dec 6 04:42:21 galassia systemd-logind[6543]: New seat seat0..Dec 6 04:42:26 galassia gdm-launch-environment]: pam_unix(gdm-launch-environment:session): session opened for user gdm by (uid=0).Dec 6 04:

                                                                                /var/log/gpu-manager.log

                                                                                Download File
                                                                                Process:/usr/bin/gpu-manager
                                                                                File Type:ASCII text
                                                                                Category:dropped
                                                                                Size (bytes):1371
                                                                                Entropy (8bit):4.8296848499188485
                                                                                Encrypted:false
                                                                                SSDEEP:24:wPXXX9uV6BNu3WDF3GF3XFFxFFed2uk2HUvJlfWkpPpx7uvvAdow9555cJz:wPXXXe6vejpeC2HUR5WkpPpcvAdow95O
                                                                                MD5:3AF77E630DA00B3BE24F4E8AA5D78B13
                                                                                SHA1:BCF2D99E002F6DE2413A183227B011CFBEF5673D
                                                                                SHA-256:EB1CBBA20845237B4409274D693FEAE13F835274DA3337B7A9D14F4D7FDF9DEA
                                                                                SHA-512:8524B1E8A761F962B32F396812099B9B0B2DCF3C9FCA8605424753CFCFF4DC67EDC5EE1D8C91B9C0ED7FAE6BB1E752898B8D514B7C421D1839D6FEDA609C593C
                                                                                Malicious:false
                                                                                Preview:log_file: /var/log/gpu-manager.log.last_boot_file: /var/lib/ubuntu-drivers-common/last_gfx_boot.new_boot_file: /var/lib/ubuntu-drivers-common/last_gfx_boot.can't access /run/u-d-c-nvidia-was-loaded file.can't get module info via kmodcan't access /opt/amdgpu-pro/bin/amdgpu-pro-px.Looking for nvidia modules in /lib/modules/5.4.0-72-generic/kernel.Looking for nvidia modules in /lib/modules/5.4.0-72-generic/updates/dkms.Looking for amdgpu modules in /lib/modules/5.4.0-72-generic/kernel.Looking for amdgpu modules in /lib/modules/5.4.0-72-generic/updates/dkms.Is nvidia loaded? no.Was nvidia unloaded? no.Is nvidia blacklisted? no.Is intel loaded? no.Is radeon loaded? no.Is radeon blacklisted? no.Is amdgpu loaded? no.Is amdgpu blacklisted? no.Is amdgpu versioned? no.Is amdgpu pro stack? no.Is nouveau loaded? no.Is nouveau blacklisted? no.Is nvidia kernel module available? no.Is amdgpu kernel module available? no.Vendor/Device Id: 15ad:405.BusID "PCI:0@0:15:0".Is boot vga? yes.Error: can't acce

                                                                                /var/log/kern.log

                                                                                Download File
                                                                                Process:/usr/sbin/rsyslogd
                                                                                File Type:ASCII text
                                                                                Category:dropped
                                                                                Size (bytes):4594
                                                                                Entropy (8bit):4.643889491030624
                                                                                Encrypted:false
                                                                                SSDEEP:48:5dlNXXTZynnX3rC9jI5OX7QVGucRQ0wXZJpHceuFIZVXJPSW/4SW66ey+ncJ5sz5:9VOxGUN6R1XVw
                                                                                MD5:6B28479CB546A65A54853D7FE5EFB05E
                                                                                SHA1:FC24DCDEC7FA7D76EEBB78094B9DA25719146BF1
                                                                                SHA-256:9AA9CD08FEF553447D1D1C1DAD0DA500FA86A818F8D511C18108E9C50ADDF263
                                                                                SHA-512:D6BE71D9656EBF66D1C8A713235F198F1A237BBB34376ED98E6A79EB47A0563D279E396F937FD9D994C8E17FCAC065EDB316DAD4B1A7C1E636E87C0CA15FC07D
                                                                                Malicious:false
                                                                                Preview:Dec 6 04:42:19 galassia kernel: [ 430.630011] blocking signal 9: 6254 -> 2048.Dec 6 04:42:19 galassia kernel: [ 431.311948] New task spawned: old: (tgid 6532, tid 6532), new (tgid: 6532, tid: 6536).Dec 6 04:42:19 galassia kernel: [ 431.598161] New task spawned: old: (tgid 6534, tid 6534), new (tgid: 6534, tid: 6537).Dec 6 04:42:19 galassia kernel: [ 431.598967] New task spawned: old: (tgid 6534, tid 6534), new (tgid: 6534, tid: 6538).Dec 6 04:42:20 galassia kernel: [ 431.601595] New task spawned: old: (tgid 6534, tid 6537), new (tgid: 6534, tid: 6539).Dec 6 04:42:20 galassia kernel: [ 432.168274] New task spawned: old: (tgid 6532, tid 6532), new (tgid: 6532, tid: 6540).Dec 6 04:42:23 galassia kernel: [ 432.493616] New task spawned: old: (tgid 6532, tid 6532), new (tgid: 6532, tid: 6600).Dec 6 04:42:23 galassia kernel: [ 435.077793] New task spawned: old: (tgid 6605, tid 6605), new (tgid: 6605, tid: 6606).Dec 6 04:42:23 galassia kernel: [ 435.097741] New task spawned:

                                                                                /var/log/syslog

                                                                                Download File
                                                                                Process:/usr/sbin/rsyslogd
                                                                                File Type:ASCII text, with very long lines (317)
                                                                                Category:dropped
                                                                                Size (bytes):26277
                                                                                Entropy (8bit):4.973681885808838
                                                                                Encrypted:false
                                                                                SSDEEP:768:keYfzhQ2KmUVLgEyz1RHLJVXecAC86m4pPzN8i2Qp3DlLRlPeEQ6i8AG3pVTRL/P:kasz
                                                                                MD5:0032731C2AF8759703BCDA3C194E0FD0
                                                                                SHA1:24F3927E6B209D2974B95090813FFA519E91A6E2
                                                                                SHA-256:A1FFF3B2C4A5F5544D77F6CA98A83A5A462F74C0BD710BC61102041DB2A00667
                                                                                SHA-512:2260B11A80FF8A11E16268B8F9665210D513C1DAD17CE0B5DEDD5276A7E452F9E60750704B682A74F70CF2DBD31C91E09E6751C9457C42441133089A6F04EEFD
                                                                                Malicious:false
                                                                                Preview:Dec 6 04:42:19 galassia systemd[1]: rsyslog.service: Main process exited, code=killed, status=9/KILL.Dec 6 04:42:19 galassia systemd[1]: rsyslog.service: Failed with result 'signal'..Dec 6 04:42:19 galassia whoopsie[6532]: [04:42:19] Using lock path: /var/lock/whoopsie/lock.Dec 6 04:42:19 galassia systemd[1]: rsyslog.service: Scheduled restart job, restart counter is at 3..Dec 6 04:42:19 galassia systemd[1]: Stopped System Logging Service..Dec 6 04:42:19 galassia systemd[1]: Starting System Logging Service....Dec 6 04:42:19 galassia systemd[1]: getty@tty2.service: Succeeded..Dec 6 04:42:19 galassia systemd[1]: getty@tty2.service: Scheduled restart job, restart counter is at 1..Dec 6 04:42:19 galassia systemd[1]: Stopped Getty on tty2..Dec 6 04:42:19 galassia systemd[1]: Started Getty on tty2..Dec 6 04:42:19 galassia systemd[1]: Started System Logging Service..Dec 6 04:42:19 galassia rsyslogd: imuxsock: Acquired UNIX socket '/run/systemd/journal/syslog' (fd 3) from systemd.

                                                                                /var/log/wtmp

                                                                                Download File
                                                                                Process:/sbin/agetty
                                                                                File Type:data
                                                                                Category:dropped
                                                                                Size (bytes):384
                                                                                Entropy (8bit):0.6775035134351416
                                                                                Encrypted:false
                                                                                SSDEEP:3:/AsXlXEWtl/55mlX:/h+ylSX
                                                                                MD5:C845632ECEE10BA106F9549808FF3960
                                                                                SHA1:9A2A89D80553CC6CF548254B1DA63C48288E4127
                                                                                SHA-256:5E1216F27E42CF92A0D63F647678F52DEAF42AE62238682E4C12ED75EBD17D50
                                                                                SHA-512:3480846FEB3C8FCC61FC6A9B2F5DF87DF7F1C772CF3378C424D7899B843AE5ADE4DCBF5AAE0AFAB0CE368DFA7F1DB6FF84250EE0524E93AFC21C7EBF86B65B8E
                                                                                Malicious:true
                                                                                Preview:........tty2.tty2.......................tty2LOGIN.....................................................................................................................................................................................................................................................................................................Rgv.......................................

                                                                                Static File Info

                                                                                General

                                                                                File type:ELF 32-bit LSB executable, ARM, version 1 (ARM), statically linked, stripped
                                                                                Entropy (8bit):5.670673593742775
                                                                                TrID:
                                                                                • ELF Executable and Linkable format (generic) (4004/1) 100.00%
                                                                                File name:Aqua.arm5.elf
                                                                                File size:166'656 bytes
                                                                                MD5:2da1798fbb916db08633e3e21c7dd051
                                                                                SHA1:f92a83277889f4228cba05e58e3a9976f0e5f534
                                                                                SHA256:6196cb20d16b99920b874df4abd3e0a6b0becbd3355651fd2d38448933824267
                                                                                SHA512:b088ed79dd1088ffb95ba1b722f3fed501f7823c5077a9e55a9e7e92a403693f9d95a0438011bfab92dab191c1d184de94f93b0ecc791ba4f9a367d6f3efcd4c
                                                                                SSDEEP:1536:uxEcAAMp6f1SKGuUUL6aCgME1Ha7iwi1KAf7q4VSiETftCn0gtOQQOBFcNKISlz7:u8AMUvu77g1K14FErtC0CrcMtbL
                                                                                TLSH:78F31945F8815F23C6D622BBFB5E428D372617A8D3EE72038D256F20379685B0E77642
                                                                                File Content Preview:.ELF...a..........(.........4...p.......4. ...(......................=...=...............@...@...@..0I..............Q.td..................................-...L."...............0@-.\P...0....S.0...P@...0... ....R......0...0...........0... ....R..... 0....S

                                                                                Static ELF Info

                                                                                ELF header

                                                                                Class:ELF32
                                                                                Data:2's complement, little endian
                                                                                Version:1 (current)
                                                                                Machine:ARM
                                                                                Version Number:0x1
                                                                                Type:EXEC (Executable file)
                                                                                OS/ABI:ARM - ABI
                                                                                ABI Version:0
                                                                                Entry Point Address:0x8190
                                                                                Flags:0x2
                                                                                ELF Header Size:52
                                                                                Program Header Offset:52
                                                                                Program Header Size:32
                                                                                Number of Program Headers:3
                                                                                Section Header Offset:166256
                                                                                Section Header Size:40
                                                                                Number of Section Headers:10
                                                                                Header String Table Index:9

                                                                                Sections

                                                                                NameTypeAddressOffsetSizeEntSizeFlagsFlags DescriptionLinkInfoAlign
                                                                                NULL0x00x00x00x00x0000
                                                                                .initPROGBITS0x80940x940x180x00x6AX004
                                                                                .textPROGBITS0x80b00xb00x207500x00x6AX0016
                                                                                .finiPROGBITS0x288000x208000x140x00x6AX004
                                                                                .rodataPROGBITS0x288140x208140x35ac0x00x2A004
                                                                                .ctorsPROGBITS0x340000x240000xc0x00x3WA004
                                                                                .dtorsPROGBITS0x3400c0x2400c0x80x00x3WA004
                                                                                .dataPROGBITS0x340200x240200x49100x00x3WA0032
                                                                                .bssNOBITS0x389300x289300x46a00x00x3WA004
                                                                                .shstrtabSTRTAB0x00x289300x3e0x00x0001

                                                                                Program Segments

                                                                                TypeOffsetVirtual AddressPhysical AddressFile SizeMemory SizeEntropyFlagsFlags DescriptionAlignProg InterpreterSection Mappings
                                                                                LOAD0x00x80000x80000x23dc00x23dc06.09560x5R E0x8000.init .text .fini .rodata
                                                                                LOAD0x240000x340000x340000x49300x8fd00.42350x6RW 0x8000.ctors .dtors .data .bss
                                                                                GNU_STACK0x00x00x00x00x00.00000x7RWE0x4

                                                                                Network Behavior

                                                                                Network Port Distribution

                                                                                TCP Packets

                                                                                TimestampSource PortDest PortSource IPDest IP
                                                                                Dec 6, 2024 11:42:02.194317102 CET4433360654.171.230.55192.168.2.23
                                                                                Dec 6, 2024 11:42:02.194557905 CET33606443192.168.2.2354.171.230.55
                                                                                Dec 6, 2024 11:42:02.315607071 CET4433360654.171.230.55192.168.2.23
                                                                                Dec 6, 2024 11:42:03.186543941 CET43928443192.168.2.2391.189.91.42
                                                                                Dec 6, 2024 11:42:03.540606022 CET500167733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:03.660387993 CET77335001689.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:03.660502911 CET500167733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:03.662002087 CET500167733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:03.781672955 CET77335001689.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:04.405956984 CET500207733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:04.525775909 CET77335002089.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:04.525840044 CET500207733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:04.531368017 CET500207733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:04.652160883 CET77335002089.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:04.901974916 CET500227733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:05.021752119 CET77335002289.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:05.021982908 CET500227733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:05.026845932 CET500227733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:05.146678925 CET77335002289.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:05.149746895 CET500247733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:05.269563913 CET77335002489.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:05.269694090 CET500247733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:05.270910025 CET500247733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:05.274441957 CET500267733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:05.390675068 CET77335002489.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:05.394174099 CET77335002689.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:05.394280910 CET500267733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:05.395464897 CET500267733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:05.396969080 CET500287733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:05.515397072 CET77335002689.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:05.516709089 CET77335002889.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:05.516834021 CET500287733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:05.518143892 CET500287733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:05.521719933 CET500307733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:05.638005018 CET77335002889.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:05.641443968 CET77335003089.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:05.641586065 CET500307733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:05.643009901 CET500307733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:05.676501036 CET500327733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:05.762836933 CET77335003089.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:05.799472094 CET77335003289.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:05.799576044 CET500327733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:05.800702095 CET500327733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:05.804111958 CET500347733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:05.920617104 CET77335003289.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:05.923888922 CET77335003489.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:05.923955917 CET500347733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:05.925755024 CET500347733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:05.930032015 CET500367733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:06.045504093 CET77335003489.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:06.049747944 CET77335003689.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:06.049896955 CET500367733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:06.051575899 CET500367733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:06.054658890 CET500387733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:06.176173925 CET77335003689.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:06.179120064 CET77335003889.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:06.179241896 CET500387733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:06.182262897 CET500387733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:06.187180042 CET500407733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:06.578039885 CET500387733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:06.669703960 CET77335003889.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:06.669750929 CET77335004089.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:06.669795036 CET500407733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:06.671549082 CET500407733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:06.674925089 CET500427733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:06.697873116 CET77335003889.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:06.791940928 CET77335004089.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:06.795517921 CET77335004289.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:06.795573950 CET500427733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:06.798656940 CET500427733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:06.818109989 CET500467733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:06.918416977 CET77335004289.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:06.937853098 CET77335004689.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:06.937938929 CET500467733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:06.945322990 CET500467733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:06.971477985 CET500487733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:07.065370083 CET77335004689.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:07.091468096 CET77335004889.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:07.091569901 CET500487733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:07.099189043 CET500487733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:07.110575914 CET500507733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:07.218923092 CET77335004889.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:07.230355978 CET77335005089.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:07.230479002 CET500507733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:07.237757921 CET500507733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:07.248821974 CET500527733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:07.357597113 CET77335005089.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:07.368767977 CET77335005289.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:07.368978977 CET500527733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:07.375916958 CET500527733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:07.395174980 CET500547733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:07.495577097 CET77335005289.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:07.515099049 CET77335005489.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:07.515645027 CET500547733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:07.534502029 CET500547733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:07.587631941 CET500567733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:07.654180050 CET77335005489.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:07.707396984 CET77335005689.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:07.707480907 CET500567733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:07.721574068 CET500567733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:07.736706972 CET500587733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:07.841398001 CET77335005689.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:07.856518984 CET77335005889.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:07.856594086 CET500587733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:07.863758087 CET500587733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:07.877511024 CET500607733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:08.186052084 CET77335005889.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:08.186064959 CET77335006089.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:08.186184883 CET500607733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:08.193238020 CET500607733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:08.312983990 CET77335006089.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:08.561769962 CET42836443192.168.2.2391.189.91.43
                                                                                Dec 6, 2024 11:42:10.353538990 CET4251680192.168.2.23109.202.202.202
                                                                                Dec 6, 2024 11:42:10.896044016 CET500647733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:11.015892982 CET77335006489.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:11.015996933 CET500647733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:11.018816948 CET500647733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:11.052694082 CET53116443192.168.2.23162.213.35.25
                                                                                Dec 6, 2024 11:42:11.052742958 CET44353116162.213.35.25192.168.2.23
                                                                                Dec 6, 2024 11:42:11.052824020 CET53116443192.168.2.23162.213.35.25
                                                                                Dec 6, 2024 11:42:11.066073895 CET500687733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:11.138627052 CET77335006489.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:11.185987949 CET77335006889.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:11.186074972 CET500687733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:11.189306021 CET500687733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:11.226974010 CET500707733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:11.309160948 CET77335006889.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:11.346901894 CET77335007089.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:11.346997023 CET500707733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:11.349978924 CET500707733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:11.382941961 CET500727733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:11.469778061 CET77335007089.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:11.502748013 CET77335007289.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:11.502834082 CET500727733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:11.506736040 CET500727733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:11.537929058 CET500747733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:11.627307892 CET77335007289.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:11.660248041 CET77335007489.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:11.660336971 CET500747733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:11.663252115 CET500747733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:11.669521093 CET500767733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:11.783425093 CET77335007489.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:11.789402008 CET77335007689.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:11.789493084 CET500767733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:11.792727947 CET500767733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:11.798285961 CET500787733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:11.913284063 CET77335007689.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:11.918591976 CET77335007889.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:11.918673038 CET500787733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:11.921658039 CET500787733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:11.927558899 CET500807733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:12.042397022 CET77335007889.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:12.049256086 CET77335008089.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:12.049328089 CET500807733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:12.052263021 CET500807733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:12.056838989 CET500827733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:12.173660040 CET77335008089.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:12.177459955 CET77335008289.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:12.177515984 CET500827733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:12.180329084 CET500827733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:12.184953928 CET500847733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:12.300764084 CET77335008289.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:12.305105925 CET77335008489.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:12.305198908 CET500847733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:12.308047056 CET500847733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:12.313088894 CET500867733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:12.428179979 CET77335008489.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:12.432832003 CET77335008689.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:12.432928085 CET500867733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:12.435759068 CET500867733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:12.440462112 CET500887733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:12.555558920 CET77335008689.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:12.560363054 CET77335008889.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:12.560440063 CET500887733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:12.562711954 CET500887733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:12.566458941 CET500907733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:12.682602882 CET77335008889.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:12.686145067 CET77335009089.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:12.686233044 CET500907733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:12.689084053 CET500907733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:12.693995953 CET500927733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:12.808851957 CET77335009089.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:12.813798904 CET77335009289.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:12.813859940 CET500927733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:12.816268921 CET500927733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:12.821008921 CET500947733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:12.936274052 CET77335009289.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:12.940975904 CET77335009489.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:12.941051960 CET500947733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:12.944195986 CET500947733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:12.949491024 CET500967733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:12.965251923 CET53116443192.168.2.23162.213.35.25
                                                                                Dec 6, 2024 11:42:12.965276957 CET44353116162.213.35.25192.168.2.23
                                                                                Dec 6, 2024 11:42:13.063971043 CET77335009489.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:13.069339991 CET77335009689.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:13.069444895 CET500967733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:13.070940018 CET500967733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:13.073673964 CET500987733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:13.190677881 CET77335009689.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:13.193362951 CET77335009889.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:13.193449020 CET500987733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:13.195255041 CET500987733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:13.198412895 CET501007733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:13.315061092 CET77335009889.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:13.318109035 CET77335010089.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:13.318219900 CET501007733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:13.319726944 CET501007733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:13.323329926 CET501027733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:13.439455032 CET77335010089.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:13.443120003 CET77335010289.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:13.443223953 CET501027733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:13.444953918 CET501027733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:13.447556019 CET501047733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:13.564651966 CET77335010289.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:13.567397118 CET77335010489.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:13.567550898 CET501047733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:13.568931103 CET501047733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:13.571011066 CET501067733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:13.688576937 CET77335010489.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:13.690706015 CET77335010689.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:13.690824032 CET501067733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:13.692295074 CET501067733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:13.694302082 CET501087733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:13.813580990 CET77335010689.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:13.816320896 CET77335010889.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:13.816428900 CET501087733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:13.817768097 CET501087733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:13.819695950 CET501107733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:13.937521935 CET77335010889.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:13.939604998 CET77335011089.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:13.939713001 CET501107733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:13.940829992 CET501107733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:13.942554951 CET501127733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:14.321146011 CET501107733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:14.432029963 CET77335011089.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:14.432140112 CET77335011289.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:14.432301998 CET501127733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:14.433530092 CET501127733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:14.435113907 CET501147733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:14.440921068 CET77335011089.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:14.441504002 CET44353116162.213.35.25192.168.2.23
                                                                                Dec 6, 2024 11:42:14.441721916 CET53116443192.168.2.23162.213.35.25
                                                                                Dec 6, 2024 11:42:14.442070007 CET53116443192.168.2.23162.213.35.25
                                                                                Dec 6, 2024 11:42:14.442070007 CET53116443192.168.2.23162.213.35.25
                                                                                Dec 6, 2024 11:42:14.442079067 CET44353116162.213.35.25192.168.2.23
                                                                                Dec 6, 2024 11:42:14.442095995 CET44353116162.213.35.25192.168.2.23
                                                                                Dec 6, 2024 11:42:14.442178965 CET44353116162.213.35.25192.168.2.23
                                                                                Dec 6, 2024 11:42:14.442630053 CET53116443192.168.2.23162.213.35.25
                                                                                Dec 6, 2024 11:42:14.442630053 CET53116443192.168.2.23162.213.35.25
                                                                                Dec 6, 2024 11:42:14.442641020 CET44353116162.213.35.25192.168.2.23
                                                                                Dec 6, 2024 11:42:14.442693949 CET53116443192.168.2.23162.213.35.25
                                                                                Dec 6, 2024 11:42:14.553180933 CET77335011289.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:14.554799080 CET77335011489.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:14.554908991 CET501147733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:14.556104898 CET501147733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:14.558187008 CET501167733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:14.677432060 CET77335011489.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:14.679131031 CET77335011689.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:14.679290056 CET501167733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:14.680527925 CET501167733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:14.682286024 CET501187733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:14.800331116 CET77335011689.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:14.802057028 CET77335011889.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:14.802212954 CET501187733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:14.803416967 CET501187733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:14.805135965 CET501207733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:14.923327923 CET77335011889.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:14.924798012 CET77335012089.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:14.924865961 CET501207733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:14.925780058 CET501207733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:14.927182913 CET501227733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:14.985481024 CET44353116162.213.35.25192.168.2.23
                                                                                Dec 6, 2024 11:42:14.985656023 CET53116443192.168.2.23162.213.35.25
                                                                                Dec 6, 2024 11:42:14.985702038 CET53116443192.168.2.23162.213.35.25
                                                                                Dec 6, 2024 11:42:14.985702038 CET53116443192.168.2.23162.213.35.25
                                                                                Dec 6, 2024 11:42:14.985733986 CET44353116162.213.35.25192.168.2.23
                                                                                Dec 6, 2024 11:42:14.985799074 CET53116443192.168.2.23162.213.35.25
                                                                                Dec 6, 2024 11:42:14.985814095 CET44353116162.213.35.25192.168.2.23
                                                                                Dec 6, 2024 11:42:14.985838890 CET53116443192.168.2.23162.213.35.25
                                                                                Dec 6, 2024 11:42:14.985852003 CET53116443192.168.2.23162.213.35.25
                                                                                Dec 6, 2024 11:42:14.985889912 CET44353116162.213.35.25192.168.2.23
                                                                                Dec 6, 2024 11:42:14.985893965 CET53116443192.168.2.23162.213.35.25
                                                                                Dec 6, 2024 11:42:14.985893965 CET53116443192.168.2.23162.213.35.25
                                                                                Dec 6, 2024 11:42:14.985965014 CET53116443192.168.2.23162.213.35.25
                                                                                Dec 6, 2024 11:42:14.985965014 CET53116443192.168.2.23162.213.35.25
                                                                                Dec 6, 2024 11:42:14.986028910 CET44353116162.213.35.25192.168.2.23
                                                                                Dec 6, 2024 11:42:14.986148119 CET53116443192.168.2.23162.213.35.25
                                                                                Dec 6, 2024 11:42:14.986160994 CET44353116162.213.35.25192.168.2.23
                                                                                Dec 6, 2024 11:42:14.986191988 CET53116443192.168.2.23162.213.35.25
                                                                                Dec 6, 2024 11:42:14.986200094 CET44353116162.213.35.25192.168.2.23
                                                                                Dec 6, 2024 11:42:14.986222982 CET53116443192.168.2.23162.213.35.25
                                                                                Dec 6, 2024 11:42:14.986222982 CET53116443192.168.2.23162.213.35.25
                                                                                Dec 6, 2024 11:42:14.986222982 CET53116443192.168.2.23162.213.35.25
                                                                                Dec 6, 2024 11:42:14.986238003 CET44353116162.213.35.25192.168.2.23
                                                                                Dec 6, 2024 11:42:14.986249924 CET44353116162.213.35.25192.168.2.23
                                                                                Dec 6, 2024 11:42:14.986267090 CET44353116162.213.35.25192.168.2.23
                                                                                Dec 6, 2024 11:42:15.045532942 CET77335012089.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:15.046915054 CET77335012289.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:15.046974897 CET501227733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:15.048279047 CET501227733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:15.050539017 CET501247733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:15.167958021 CET77335012289.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:15.170519114 CET77335012489.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:15.170619965 CET501247733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:15.171684980 CET501247733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:15.173134089 CET501267733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:15.291450024 CET77335012489.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:15.292886019 CET77335012689.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:15.292969942 CET501267733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:15.294128895 CET501267733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:15.295579910 CET501287733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:15.413846970 CET77335012689.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:15.415411949 CET77335012889.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:15.415585041 CET501287733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:15.416646004 CET501287733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:15.418114901 CET501307733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:15.536334038 CET77335012889.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:15.537816048 CET77335013089.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:15.537923098 CET501307733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:15.538892984 CET501307733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:15.544395924 CET501327733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:15.659137964 CET77335013089.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:15.665076017 CET77335013289.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:15.665178061 CET501327733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:15.666199923 CET501327733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:15.667673111 CET501347733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:15.785983086 CET77335013289.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:15.787354946 CET77335013489.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:15.787476063 CET501347733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:15.788535118 CET501347733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:15.805242062 CET501367733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:15.908257008 CET77335013489.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:15.925110102 CET77335013689.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:15.925203085 CET501367733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:15.926251888 CET501367733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:15.927956104 CET501387733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:15.942452908 CET44353116162.213.35.25192.168.2.23
                                                                                Dec 6, 2024 11:42:15.942524910 CET53116443192.168.2.23162.213.35.25
                                                                                Dec 6, 2024 11:42:15.942548037 CET44353116162.213.35.25192.168.2.23
                                                                                Dec 6, 2024 11:42:15.942568064 CET44353116162.213.35.25192.168.2.23
                                                                                Dec 6, 2024 11:42:15.942595005 CET53116443192.168.2.23162.213.35.25
                                                                                Dec 6, 2024 11:42:15.942620039 CET53116443192.168.2.23162.213.35.25
                                                                                Dec 6, 2024 11:42:15.942636013 CET44353116162.213.35.25192.168.2.23
                                                                                Dec 6, 2024 11:42:16.046010017 CET77335013689.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:16.047648907 CET77335013889.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:16.047709942 CET501387733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:16.049618006 CET501387733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:16.052460909 CET501407733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:16.169351101 CET77335013889.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:16.172219992 CET77335014089.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:16.172280073 CET501407733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:16.174061060 CET501407733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:16.177095890 CET501427733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:16.294411898 CET77335014089.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:16.297447920 CET77335014289.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:16.297502041 CET501427733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:16.299266100 CET501427733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:16.302516937 CET501447733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:16.419663906 CET77335014289.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:16.423234940 CET77335014489.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:16.423321962 CET501447733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:16.425338984 CET501447733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:16.428438902 CET501467733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:16.545833111 CET77335014489.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:16.549320936 CET77335014689.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:16.549388885 CET501467733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:16.551336050 CET501467733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:16.555493116 CET501487733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:16.671119928 CET77335014689.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:16.675323963 CET77335014889.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:16.675381899 CET501487733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:16.677362919 CET501487733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:16.680551052 CET501507733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:16.797097921 CET77335014889.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:16.800347090 CET77335015089.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:16.800431967 CET501507733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:16.802491903 CET501507733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:16.807234049 CET501527733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:17.041115999 CET77335015089.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:17.041198015 CET77335015289.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:17.041333914 CET501527733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:17.044234037 CET501527733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:17.049005985 CET501547733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:17.164025068 CET77335015289.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:17.168802977 CET77335015489.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:17.168889046 CET501547733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:17.171300888 CET501547733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:17.175762892 CET501567733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:17.291116953 CET77335015489.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:17.295700073 CET77335015689.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:17.295814037 CET501567733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:17.296933889 CET501567733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:17.298554897 CET501587733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:17.416776896 CET77335015689.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:17.418239117 CET77335015889.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:17.418342113 CET501587733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:17.421704054 CET501587733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:17.429524899 CET501607733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:17.541831017 CET77335015889.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:17.549521923 CET77335016089.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:17.549691916 CET501607733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:17.550883055 CET501607733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:17.552758932 CET501627733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:17.670602083 CET77335016089.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:17.672511101 CET77335016289.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:17.672622919 CET501627733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:17.673914909 CET501627733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:17.675662994 CET501647733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:17.793828964 CET77335016289.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:17.795351028 CET77335016489.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:17.795455933 CET501647733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:17.796941996 CET501647733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:17.798849106 CET501667733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:17.917315006 CET77335016489.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:17.918872118 CET77335016689.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:17.919066906 CET501667733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:17.922074080 CET501667733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:17.924462080 CET501687733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:18.041847944 CET77335016689.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:18.044173002 CET77335016889.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:18.044339895 CET501687733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:18.045655966 CET501687733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:18.047295094 CET501707733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:18.165638924 CET77335016889.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:18.167072058 CET77335017089.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:18.167170048 CET501707733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:18.168248892 CET501707733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:18.170063972 CET501727733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:18.288042068 CET77335017089.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:18.289846897 CET77335017289.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:18.290011883 CET501727733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:18.291282892 CET501727733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:18.292985916 CET501767733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:18.411139965 CET77335017289.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:18.412704945 CET77335017689.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:18.412878036 CET501767733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:18.413885117 CET501767733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:18.415394068 CET501787733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:18.533652067 CET77335017689.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:18.535134077 CET77335017889.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:18.535228968 CET501787733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:18.536449909 CET501787733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:18.537982941 CET501807733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:18.656297922 CET77335017889.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:18.657788038 CET77335018089.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:18.657902956 CET501807733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:18.659187078 CET501807733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:18.660967112 CET501827733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:18.778882027 CET77335018089.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:18.780730009 CET77335018289.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:18.780827045 CET501827733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:18.781971931 CET501827733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:18.783773899 CET501847733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:18.901700020 CET77335018289.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:18.903673887 CET77335018489.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:18.903764009 CET501847733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:18.904962063 CET501847733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:18.906635046 CET501867733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:19.024605989 CET77335018489.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:19.026287079 CET77335018689.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:19.026393890 CET501867733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:19.027378082 CET501867733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:19.029078960 CET501887733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:19.147511005 CET77335018689.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:19.149413109 CET77335018889.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:19.149504900 CET501887733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:19.150533915 CET501887733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:19.151933908 CET501907733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:19.270293951 CET77335018889.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:19.271651983 CET77335019089.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:19.271766901 CET501907733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:19.272718906 CET501907733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:19.281583071 CET501927733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:19.392419100 CET77335019089.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:19.401318073 CET77335019289.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:19.401437044 CET501927733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:19.402595997 CET501927733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:19.489401102 CET501947733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:19.522236109 CET77335019289.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:19.609407902 CET77335019489.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:19.609514952 CET501947733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:19.610703945 CET501947733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:19.618953943 CET501967733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:19.730415106 CET77335019489.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:19.738967896 CET77335019689.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:19.739025116 CET501967733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:19.741369009 CET501967733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:19.753170013 CET501987733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:19.861155033 CET77335019689.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:19.873014927 CET77335019889.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:19.873080015 CET501987733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:19.877959967 CET501987733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:19.896114111 CET502007733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:19.997790098 CET77335019889.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:20.015969992 CET77335020089.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:20.016093016 CET502007733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:20.019223928 CET502007733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:20.138921976 CET77335020089.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:21.291620016 CET500167733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:21.412552118 CET77335001689.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:21.609107971 CET501987733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:21.609107971 CET501967733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:21.609114885 CET502007733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:21.609127045 CET501927733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:21.609127045 CET501947733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:21.609132051 CET501907733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:21.609133005 CET501867733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:21.609133005 CET501847733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:21.609132051 CET501887733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:21.609144926 CET501827733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:21.609144926 CET501807733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:21.609154940 CET501787733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:21.609154940 CET501767733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:21.609168053 CET501727733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:21.609170914 CET501707733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:21.609178066 CET501667733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:21.609179974 CET501627733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:21.609178066 CET501647733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:21.609181881 CET501687733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:21.609196901 CET501607733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:21.609204054 CET501587733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:21.609206915 CET501507733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:21.609204054 CET501567733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:21.609208107 CET501547733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:21.609208107 CET501527733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:21.609213114 CET501467733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:21.609215975 CET501487733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:21.609225988 CET501427733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:21.609226942 CET501447733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:21.609237909 CET501407733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:21.609246016 CET501387733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:21.609246016 CET501367733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:21.609251022 CET501347733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:21.609251022 CET501327733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:21.609261990 CET501307733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:21.609261990 CET501267733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:21.609261990 CET501247733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:21.609261990 CET501287733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:21.609276056 CET501227733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:21.609276056 CET501207733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:21.609286070 CET501187733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:21.609286070 CET501167733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:21.609297037 CET501147733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:21.609297037 CET501127733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:21.609302998 CET501067733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:21.609308958 CET501107733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:21.609308958 CET501087733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:21.609323978 CET501047733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:21.609328032 CET500967733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:21.609328032 CET500987733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:21.609330893 CET501027733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:21.609330893 CET501007733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:21.609337091 CET500927733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:21.609337091 CET500947733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:21.609343052 CET500867733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:21.609343052 CET500847733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:21.609344006 CET500907733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:21.609344006 CET500887733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:21.609355927 CET500827733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:21.609355927 CET500807733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:21.609368086 CET500787733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:21.609368086 CET500767733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:21.609381914 CET500747733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:21.609381914 CET500727733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:21.609389067 CET500707733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:21.609389067 CET500687733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:21.609404087 CET500607733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:21.609405041 CET500587733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:21.609409094 CET500647733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:21.609414101 CET500567733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:21.609415054 CET500507733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:21.609424114 CET500487733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:21.609426975 CET500547733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:21.609426975 CET500527733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:21.609426975 CET500467733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:21.609431028 CET500427733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:21.609438896 CET500407733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:21.609448910 CET500347733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:21.609457970 CET500387733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:21.609457970 CET500367733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:21.609463930 CET500327733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:21.609473944 CET500307733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:21.609473944 CET500287733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:21.609477997 CET500267733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:21.609486103 CET500247733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:21.609493017 CET500207733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:21.609493971 CET500227733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:21.609529972 CET500167733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:21.769325018 CET77335017689.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:21.769360065 CET77335017289.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:21.769371986 CET77335018089.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:21.769385099 CET77335017889.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:21.769398928 CET77335018289.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:21.769412041 CET77335019689.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:21.769435883 CET77335018889.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:21.769447088 CET77335019489.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:21.769464970 CET77335019089.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:21.769475937 CET77335018489.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:21.769517899 CET77335019289.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:21.769532919 CET77335018689.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:21.769543886 CET77335020089.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:21.769553900 CET77335019889.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:21.773467064 CET77335001689.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:21.773485899 CET77335002289.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:21.773497105 CET77335002089.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:21.773565054 CET77335002489.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:21.773603916 CET77335002689.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:21.773627043 CET77335002889.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:21.773637056 CET77335003089.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:21.773721933 CET77335003289.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:21.773734093 CET77335003689.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:21.773744106 CET77335003889.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:21.773755074 CET77335003489.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:21.773823023 CET77335004089.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:21.773833990 CET77335004689.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:21.773850918 CET77335005289.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:21.773860931 CET77335005489.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:21.773871899 CET77335004289.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:21.773881912 CET77335004889.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:21.773900986 CET77335005089.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:21.773911953 CET77335005689.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:21.773921013 CET77335006489.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:21.773931026 CET77335005889.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:21.774007082 CET77335006089.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:21.774018049 CET77335006889.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:21.774027109 CET77335007089.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:21.774036884 CET77335007289.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:21.774048090 CET77335007489.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:21.774058104 CET77335007689.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:21.774068117 CET77335007889.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:21.774079084 CET77335008089.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:21.774087906 CET77335008289.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:21.774099112 CET77335008889.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:21.774117947 CET77335009089.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:21.774127960 CET77335008489.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:21.774137020 CET77335008689.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:21.774156094 CET77335009489.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:21.774168015 CET77335009289.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:21.774178028 CET77335010089.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:21.774198055 CET77335010289.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:21.774214983 CET77335009889.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:21.774224997 CET77335009689.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:21.774235010 CET77335010489.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:21.774245977 CET77335010889.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:21.774264097 CET77335011089.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:21.774275064 CET77335010689.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:21.774291039 CET77335011289.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:21.774306059 CET77335011489.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:21.774322033 CET77335011689.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:21.774337053 CET77335011889.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:21.774372101 CET77335012089.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:21.774382114 CET77335012289.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:21.774393082 CET77335012889.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:21.774410009 CET77335012489.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:21.774429083 CET77335013089.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:21.774437904 CET77335012689.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:21.774447918 CET77335013289.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:21.774456978 CET77335013489.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:21.774461985 CET77335013689.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:21.774477005 CET77335013889.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:21.774502039 CET77335014089.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:21.774512053 CET77335014489.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:21.774521112 CET77335014289.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:21.774538994 CET77335014689.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:21.774557114 CET77335015689.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:21.774569035 CET77335015889.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:21.774594069 CET77335014889.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:21.774604082 CET77335015289.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:21.774615049 CET77335015489.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:21.774626017 CET77335015089.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:21.774636030 CET77335016089.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:21.774641991 CET77335016489.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:21.774646997 CET77335016689.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:21.774656057 CET77335016889.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:21.774667978 CET77335016289.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:21.774678946 CET77335017089.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:23.663867950 CET43928443192.168.2.2391.189.91.42
                                                                                Dec 6, 2024 11:42:25.569556952 CET77335001689.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:25.569642067 CET500167733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:26.413606882 CET77335002089.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:26.413691998 CET500207733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:26.913223982 CET77335002289.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:26.913297892 CET500227733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:27.163366079 CET77335002489.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:27.163449049 CET500247733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:27.288336039 CET77335002689.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:27.288422108 CET500267733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:27.429088116 CET77335002889.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:27.429169893 CET500287733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:27.538335085 CET77335003089.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:27.538419008 CET500307733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:27.694681883 CET77335003289.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:27.694771051 CET500327733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:27.819732904 CET77335003489.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:27.819804907 CET500347733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:27.944541931 CET77335003689.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:27.944612026 CET500367733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:28.429074049 CET77335003889.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:28.429219961 CET500387733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:28.569933891 CET77335004089.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:28.570086002 CET500407733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:28.694884062 CET77335004289.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:28.695041895 CET500427733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:28.835285902 CET77335004689.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:28.835457087 CET500467733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:28.976044893 CET77335004889.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:28.976161957 CET500487733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:29.132210016 CET77335005089.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:29.132374048 CET500507733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:29.272777081 CET77335005289.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:29.272922993 CET500527733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:29.428981066 CET77335005489.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:29.429121971 CET500547733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:29.601121902 CET77335005689.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:29.601260900 CET500567733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:30.186391115 CET77335005889.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:30.186403990 CET77335005689.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:30.186528921 CET500587733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:30.186528921 CET500567733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:30.187635899 CET77335006089.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:30.187683105 CET500607733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:30.307365894 CET77335005689.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:32.929181099 CET77335006489.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:32.929251909 CET500647733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:33.085654020 CET77335006889.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:33.085762978 CET500687733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:33.257580996 CET77335007089.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:33.257719040 CET500707733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:33.398241997 CET77335007289.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:33.398350954 CET500727733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:33.570641994 CET77335007489.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:33.570790052 CET500747733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:33.725999117 CET77335007689.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:33.726104021 CET500767733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:33.820101976 CET77335007889.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:33.820262909 CET500787733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:33.976069927 CET77335008089.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:33.976201057 CET500807733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:34.069856882 CET77335008289.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:34.070031881 CET500827733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:34.195487022 CET77335008489.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:34.195641994 CET500847733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:34.319924116 CET77335008689.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:34.320082903 CET500867733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:34.460606098 CET77335008889.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:34.460802078 CET500887733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:34.601217985 CET77335009089.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:34.601398945 CET500907733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:34.726377010 CET77335009289.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:34.726536036 CET500927733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:34.851794004 CET77335009489.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:34.851988077 CET500947733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:34.960500002 CET77335009689.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:34.960639954 CET500967733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:35.110260010 CET77335009889.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:35.110426903 CET500987733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:35.226095915 CET77335010089.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:35.226248980 CET501007733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:35.366792917 CET77335010289.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:35.366966963 CET501027733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:35.460880041 CET77335010489.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:35.460998058 CET501047733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:35.585530996 CET77335010689.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:35.585638046 CET501067733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:35.726227999 CET77335010889.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:35.726355076 CET501087733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:35.950298071 CET42836443192.168.2.2391.189.91.43
                                                                                Dec 6, 2024 11:42:36.210711956 CET77335011089.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:36.210817099 CET501107733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:36.319952011 CET77335011289.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:36.320015907 CET501127733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:36.460833073 CET77335011489.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:36.460928917 CET501147733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:36.585866928 CET77335011689.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:36.585947990 CET501167733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:36.695172071 CET77335011889.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:36.695267916 CET501187733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:36.835614920 CET77335012089.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:36.835720062 CET501207733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:36.960613966 CET77335012289.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:36.960732937 CET501227733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:37.085866928 CET77335012489.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:37.085915089 CET501247733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:37.210500002 CET77335012689.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:37.210618973 CET501267733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:37.335721970 CET77335012889.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:37.335891962 CET501287733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:37.446913958 CET77335013089.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:37.447153091 CET501307733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:37.569875956 CET77335013289.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:37.570050955 CET501327733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:37.710582018 CET77335013489.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:37.710730076 CET501347733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:37.820009947 CET77335013689.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:37.820193052 CET501367733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:37.976294994 CET77335013889.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:37.976428986 CET501387733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:38.069878101 CET77335014089.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:38.070055008 CET501407733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:38.226229906 CET77335014289.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:38.226394892 CET501427733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:38.335680008 CET77335014489.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:38.335810900 CET501447733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:38.444824934 CET77335014689.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:38.444976091 CET501467733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:38.554578066 CET77335014889.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:38.554735899 CET501487733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:38.712615967 CET77335015089.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:38.712764025 CET501507733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:38.945082903 CET77335015289.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:38.945301056 CET501527733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:39.070188046 CET77335015489.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:39.070359945 CET501547733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:39.210705996 CET77335015689.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:39.210948944 CET501567733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:39.320292950 CET77335015889.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:39.320450068 CET501587733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:39.445158958 CET77335016089.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:39.445308924 CET501607733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:39.569937944 CET77335016289.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:39.570020914 CET501627733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:39.695077896 CET77335016489.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:39.695218086 CET501647733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:39.819916010 CET77335016689.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:39.820061922 CET501667733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:39.945223093 CET77335016889.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:39.945358992 CET501687733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:40.045830011 CET4251680192.168.2.23109.202.202.202
                                                                                Dec 6, 2024 11:42:40.070154905 CET77335017089.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:40.071337938 CET501707733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:40.194919109 CET77335017289.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:40.195069075 CET501727733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:40.320307970 CET77335017689.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:40.320446968 CET501767733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:40.445116043 CET77335017889.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:40.445256948 CET501787733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:40.572535992 CET77335018089.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:40.572684050 CET501807733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:40.685311079 CET77335018289.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:40.685589075 CET501827733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:40.953207016 CET77335018489.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:40.953351021 CET501847733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:40.953382015 CET77335018689.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:40.953424931 CET501867733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:41.069992065 CET77335018889.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:41.070112944 CET501887733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:41.179871082 CET77335019089.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:41.180008888 CET501907733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:41.304461002 CET77335019289.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:41.304610968 CET501927733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:41.491960049 CET77335019489.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:41.492177010 CET501947733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:41.656934977 CET77335019689.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:41.657114983 CET501967733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:41.773247004 CET77335019889.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:41.773420095 CET501987733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:42:41.913832903 CET77335020089.190.156.145192.168.2.23
                                                                                Dec 6, 2024 11:42:41.913970947 CET502007733192.168.2.2389.190.156.145
                                                                                Dec 6, 2024 11:43:04.618715048 CET43928443192.168.2.2391.189.91.42

                                                                                UDP Packets

                                                                                TimestampSource PortDest PortSource IPDest IP
                                                                                Dec 6, 2024 11:42:03.068691015 CET4165353192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:42:03.192003965 CET53416538.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:42:03.194389105 CET4645953192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:42:03.317157030 CET53464598.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:42:03.318342924 CET3408553192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:42:03.442545891 CET53340858.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:42:03.443561077 CET3740053192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:42:03.566327095 CET53374008.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:42:03.567768097 CET3905953192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:42:03.690802097 CET53390598.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:42:03.693521976 CET6067753192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:42:03.816070080 CET53606778.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:42:03.818629026 CET3871553192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:42:03.941145897 CET53387158.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:42:03.952950001 CET4584753192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:42:04.076320887 CET53458478.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:42:04.080399036 CET3394353192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:42:04.203000069 CET53339438.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:42:04.205447912 CET5047753192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:42:04.328690052 CET53504778.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:42:07.050215960 CET5007453192.168.2.231.1.1.1
                                                                                Dec 6, 2024 11:42:07.050260067 CET5074853192.168.2.231.1.1.1
                                                                                Dec 6, 2024 11:42:07.192581892 CET53500741.1.1.1192.168.2.23
                                                                                Dec 6, 2024 11:42:07.279148102 CET53507481.1.1.1192.168.2.23
                                                                                Dec 6, 2024 11:42:07.343188047 CET3817753192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:42:07.465795040 CET53381778.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:42:07.474134922 CET3294453192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:42:07.596765041 CET53329448.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:42:07.640645027 CET5921553192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:42:07.763211012 CET53592158.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:42:07.768764973 CET5481953192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:42:07.891746998 CET53548198.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:42:07.896754026 CET3815853192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:42:08.188340902 CET53381588.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:42:08.194616079 CET3436253192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:42:08.317770004 CET53343628.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:42:08.328078985 CET4572053192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:42:08.451637983 CET53457208.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:42:08.459307909 CET5876653192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:42:08.582331896 CET53587668.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:42:08.588399887 CET3952053192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:42:08.711097002 CET53395208.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:42:08.716324091 CET3990653192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:42:08.839200974 CET53399068.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:42:10.376552105 CET4923253192.168.2.231.1.1.1
                                                                                Dec 6, 2024 11:42:10.513925076 CET53492321.1.1.1192.168.2.23
                                                                                Dec 6, 2024 11:42:10.904088974 CET4063053192.168.2.231.1.1.1
                                                                                Dec 6, 2024 11:42:11.041369915 CET53406301.1.1.1192.168.2.23
                                                                                Dec 6, 2024 11:42:16.850158930 CET3406353192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:42:17.042599916 CET53340638.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:42:17.045309067 CET4563053192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:42:17.174429893 CET53456308.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:42:17.176814079 CET4121753192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:42:17.303663015 CET53412178.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:42:17.305128098 CET3998053192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:42:17.427794933 CET53399808.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:42:17.432344913 CET3372153192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:42:17.555218935 CET53337218.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:42:17.556507111 CET3669953192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:42:17.679416895 CET53366998.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:42:17.680643082 CET4247853192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:42:17.805408955 CET53424788.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:42:17.806363106 CET4298953192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:42:17.928999901 CET53429898.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:42:17.929836988 CET5678053192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:42:18.058680058 CET53567808.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:42:18.059540987 CET4585153192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:42:18.187861919 CET53458518.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:42:19.190192938 CET5850653192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:42:19.313497066 CET53585068.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:42:19.314357042 CET5417553192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:42:19.439671040 CET53541758.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:42:19.440625906 CET5656453192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:42:19.563147068 CET53565648.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:42:19.564258099 CET5225753192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:42:19.686888933 CET53522578.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:42:19.689294100 CET5383353192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:42:19.812184095 CET53538338.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:42:19.814167976 CET4668553192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:42:19.938668966 CET53466858.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:42:19.942311049 CET3640153192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:42:20.064852953 CET53364018.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:42:20.067495108 CET3618553192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:42:20.190258980 CET53361858.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:42:20.193031073 CET3713953192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:42:20.321799040 CET53371398.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:42:20.323867083 CET4583153192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:42:20.447211981 CET53458318.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:42:21.724165916 CET4820953192.168.2.231.1.1.1
                                                                                Dec 6, 2024 11:42:21.861705065 CET53482091.1.1.1192.168.2.23
                                                                                Dec 6, 2024 11:42:30.451035023 CET5863153192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:42:30.574651003 CET53586318.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:42:30.575814009 CET5538653192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:42:30.698591948 CET53553868.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:42:30.699790001 CET4280653192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:42:30.822917938 CET53428068.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:42:30.823879004 CET5900953192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:42:30.951003075 CET53590098.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:42:30.951864004 CET4696753192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:42:31.077912092 CET53469678.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:42:31.078999043 CET4405253192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:42:31.381082058 CET53440528.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:42:31.382220030 CET3772753192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:42:31.505373955 CET53377278.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:42:31.506453991 CET5420253192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:42:31.631009102 CET53542028.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:42:31.632014036 CET5705153192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:42:31.759804010 CET53570518.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:42:31.760915995 CET4714253192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:42:31.887304068 CET53471428.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:42:35.889786005 CET3417453192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:42:36.020284891 CET53341748.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:42:36.021210909 CET3352153192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:42:36.144042015 CET53335218.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:42:36.145050049 CET5337453192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:42:36.271645069 CET53533748.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:42:36.272674084 CET5468053192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:42:36.404083014 CET53546808.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:42:36.405544996 CET5330353192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:42:36.531919956 CET53533038.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:42:36.533364058 CET5331353192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:42:36.656307936 CET53533138.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:42:36.657557011 CET3880053192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:42:36.784245014 CET53388008.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:42:36.785393000 CET5319553192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:42:36.910800934 CET53531958.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:42:36.912185907 CET4842853192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:42:37.038207054 CET53484288.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:42:37.039158106 CET5049853192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:42:37.163604975 CET53504988.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:42:44.166541100 CET4552153192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:42:44.294177055 CET53455218.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:42:44.295201063 CET5471853192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:42:44.425559044 CET53547188.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:42:44.426795959 CET5577453192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:42:44.554138899 CET53557748.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:42:44.555515051 CET4773353192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:42:44.681405067 CET53477338.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:42:44.682923079 CET5967353192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:42:44.805721998 CET53596738.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:42:44.806884050 CET4187153192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:42:44.933919907 CET53418718.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:42:44.935064077 CET5270353192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:42:45.059194088 CET53527038.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:42:45.060328007 CET4326853192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:42:45.183247089 CET53432688.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:42:45.184665918 CET4345353192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:42:45.312371969 CET53434538.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:42:45.313565969 CET5075853192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:42:45.436985970 CET53507588.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:42:46.440825939 CET5125853192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:42:46.568218946 CET53512588.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:42:46.569560051 CET6060753192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:42:46.697549105 CET53606078.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:42:46.698631048 CET5664153192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:42:46.824645042 CET53566418.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:42:46.825650930 CET4047953192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:42:46.948868036 CET53404798.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:42:46.950140953 CET5211853192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:42:47.073843956 CET53521188.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:42:47.075037956 CET5875953192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:42:47.197824955 CET53587598.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:42:47.199093103 CET3780753192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:42:47.323069096 CET53378078.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:42:47.324177980 CET5468253192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:42:47.446852922 CET53546828.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:42:47.447789907 CET5688053192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:42:47.571034908 CET53568808.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:42:47.572267056 CET3431253192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:42:47.695303917 CET53343128.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:42:54.697448969 CET3299553192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:42:54.832712889 CET53329958.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:42:54.834342003 CET4746853192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:42:54.962562084 CET53474688.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:42:54.964025021 CET4414753192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:42:55.086971998 CET53441478.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:42:55.088223934 CET4840553192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:42:55.211420059 CET53484058.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:42:55.212692976 CET3982553192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:42:55.336966038 CET53398258.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:42:55.338377953 CET4143153192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:42:55.468241930 CET53414318.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:42:55.469568968 CET3306153192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:42:55.600061893 CET53330618.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:42:55.601377964 CET5361053192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:42:55.730581045 CET53536108.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:42:55.732244968 CET3985853192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:42:55.857243061 CET53398588.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:42:55.858483076 CET5424853192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:42:55.988766909 CET53542488.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:42:58.991267920 CET3541653192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:42:59.357098103 CET53354168.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:42:59.358120918 CET5485553192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:42:59.482486963 CET53548558.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:42:59.483493090 CET4207153192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:42:59.612164021 CET53420718.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:42:59.613207102 CET3331353192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:42:59.736251116 CET53333138.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:42:59.737574100 CET5989953192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:42:59.860621929 CET53598998.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:42:59.861795902 CET4842753192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:42:59.984505892 CET53484278.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:42:59.985656977 CET3860653192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:43:00.109319925 CET53386068.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:43:00.110479116 CET6036453192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:43:00.233179092 CET53603648.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:43:00.234025002 CET4355853192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:43:00.356677055 CET53435588.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:43:00.357621908 CET5914653192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:43:00.482048988 CET53591468.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:43:07.484117031 CET3738253192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:43:07.614121914 CET53373828.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:43:07.615128994 CET3480253192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:43:07.742984056 CET53348028.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:43:07.744239092 CET3743553192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:43:07.867157936 CET53374358.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:43:07.868242979 CET3727453192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:43:07.995207071 CET53372748.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:43:07.996411085 CET3665053192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:43:08.128053904 CET53366508.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:43:08.129091978 CET5842353192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:43:08.259676933 CET53584238.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:43:08.260967970 CET5657953192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:43:08.391242027 CET53565798.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:43:08.392297983 CET3616253192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:43:08.519936085 CET53361628.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:43:08.521418095 CET3628353192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:43:08.652004004 CET53362838.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:43:08.653064013 CET4704353192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:43:15.660408974 CET3675853192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:43:15.783230066 CET53367588.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:43:15.784398079 CET4119753192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:43:15.907394886 CET53411978.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:43:15.909106970 CET5111353192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:43:16.031766891 CET53511138.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:43:16.033679962 CET5729553192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:43:16.160048962 CET53572958.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:43:16.161626101 CET5876753192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:43:16.285185099 CET53587678.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:43:16.287096977 CET5934153192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:43:16.412309885 CET53593418.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:43:16.413857937 CET3737053192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:43:16.536983013 CET53373708.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:43:16.540352106 CET4674753192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:43:16.663146973 CET53467478.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:43:16.664799929 CET5761353192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:43:16.790045977 CET53576138.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:43:16.791244984 CET4102253192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:43:16.914061069 CET53410228.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:43:25.918131113 CET4585953192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:43:26.040733099 CET53458598.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:43:26.042499065 CET5021753192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:43:26.165389061 CET53502178.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:43:26.166549921 CET3624653192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:43:26.292629957 CET53362468.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:43:26.294011116 CET6001553192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:43:26.419434071 CET53600158.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:43:26.420536995 CET4400953192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:43:26.544816017 CET53440098.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:43:26.545772076 CET5669353192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:43:26.668730974 CET53566938.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:43:26.669753075 CET3461253192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:43:26.793309927 CET53346128.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:43:26.794538975 CET5717753192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:43:26.919939041 CET53571778.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:43:26.920977116 CET5895253192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:43:27.044953108 CET53589528.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:43:27.046037912 CET5379453192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:43:27.168720961 CET53537948.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:43:35.171262980 CET4937653192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:43:35.294017076 CET53493768.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:43:35.295370102 CET4500353192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:43:35.417867899 CET53450038.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:43:35.418926954 CET6044953192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:43:35.542254925 CET53604498.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:43:35.543822050 CET3287853192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:43:35.666510105 CET53328788.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:43:35.668107986 CET5033653192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:43:35.791260958 CET53503368.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:43:35.792119026 CET5371653192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:43:35.920510054 CET53537168.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:43:35.922271967 CET3335353192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:43:36.044883966 CET53333538.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:43:36.048384905 CET5728453192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:43:36.434320927 CET53572848.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:43:36.435736895 CET3550653192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:43:36.560857058 CET53355068.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:43:36.562366009 CET5648853192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:43:36.685015917 CET53564888.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:43:46.687876940 CET6032253192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:43:46.810339928 CET53603228.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:43:46.811613083 CET4831053192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:43:46.940146923 CET53483108.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:43:46.941282988 CET4450753192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:43:47.066735029 CET53445078.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:43:47.067868948 CET3954953192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:43:47.190701962 CET53395498.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:43:47.191884041 CET5686253192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:43:47.316164017 CET53568628.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:43:47.317209959 CET5306853192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:43:47.444114923 CET53530688.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:43:47.445158958 CET3458853192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:43:47.570506096 CET53345888.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:43:47.571641922 CET3370353192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:43:47.694236994 CET53337038.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:43:47.695594072 CET5733153192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:43:47.820019007 CET53573318.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:43:47.821096897 CET4371353192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:43:47.944058895 CET53437138.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:43:50.948591948 CET4697053192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:43:51.071301937 CET53469708.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:43:51.072794914 CET3647553192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:43:51.195630074 CET53364758.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:43:51.197029114 CET3321353192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:43:51.319650888 CET53332138.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:43:51.320838928 CET4802153192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:43:51.443665981 CET53480218.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:43:51.444972992 CET3521853192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:43:51.568460941 CET53352188.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:43:51.569596052 CET4834553192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:43:51.696382999 CET53483458.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:43:51.697551966 CET4464653192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:43:51.820337057 CET53446468.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:43:51.821526051 CET5340353192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:43:51.945732117 CET53534038.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:43:51.946742058 CET3460453192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:43:52.069519997 CET53346048.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:43:52.072871923 CET4171753192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:43:52.195341110 CET53417178.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:43:53.198493958 CET5710653192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:43:53.323026896 CET53571068.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:43:53.324464083 CET4582253192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:43:53.448092937 CET53458228.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:43:53.449698925 CET3720853192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:43:53.574193001 CET53372088.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:43:53.575444937 CET5234753192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:43:53.698545933 CET53523478.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:43:53.700196981 CET5581053192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:43:53.823687077 CET53558108.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:43:53.825103045 CET4893153192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:43:53.952724934 CET53489318.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:43:53.954715967 CET3623053192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:43:54.077575922 CET53362308.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:43:54.079005957 CET5606853192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:43:54.201901913 CET53560688.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:43:54.203217030 CET5696153192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:43:54.326524973 CET53569618.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:43:54.328021049 CET4989653192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:43:54.450544119 CET53498968.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:43:57.453679085 CET5629953192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:43:57.576214075 CET53562998.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:43:57.577241898 CET3814653192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:43:57.700292110 CET53381468.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:43:57.701422930 CET5674153192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:43:57.824687004 CET53567418.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:43:57.825834036 CET3798653192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:43:57.948417902 CET53379868.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:43:57.950910091 CET4833553192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:43:58.073710918 CET53483358.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:43:58.074851990 CET3456753192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:43:58.197632074 CET53345678.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:43:58.199079990 CET3991153192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:43:58.324651957 CET53399118.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:43:58.325743914 CET5189953192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:43:58.450412989 CET53518998.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:43:58.451759100 CET4781653192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:43:58.575973034 CET53478168.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:43:58.580925941 CET4159953192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:43:58.703639030 CET53415998.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:44:02.707474947 CET3498553192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:44:02.830111027 CET53349858.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:44:02.831465960 CET3480053192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:44:02.954273939 CET53348008.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:44:02.955805063 CET3964253192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:44:03.078408957 CET53396428.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:44:03.079638004 CET4325653192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:44:03.203113079 CET53432568.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:44:03.204278946 CET3492753192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:44:03.327199936 CET53349278.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:44:03.328535080 CET5709053192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:44:03.453552961 CET53570908.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:44:03.454847097 CET4946153192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:44:03.578780890 CET53494618.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:44:03.580219984 CET5975553192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:44:03.704271078 CET53597558.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:44:03.705655098 CET4894353192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:44:03.829252005 CET53489438.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:44:03.830590963 CET3319353192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:44:03.954476118 CET53331938.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:44:11.958677053 CET4663853192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:44:12.084774017 CET53466388.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:44:12.086009026 CET5713653192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:44:12.212557077 CET53571368.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:44:12.213876963 CET5467953192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:44:12.337841034 CET53546798.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:44:12.339155912 CET4306053192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:44:12.467161894 CET53430608.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:44:12.468678951 CET5160653192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:44:12.592892885 CET53516068.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:44:12.594402075 CET4851253192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:44:12.717166901 CET53485128.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:44:12.718400955 CET4110653192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:44:12.842178106 CET53411068.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:44:12.843369961 CET4500853192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:44:12.966206074 CET53450088.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:44:12.967240095 CET4486253192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:44:13.089998960 CET53448628.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:44:13.091172934 CET5282753192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:44:13.214170933 CET53528278.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:44:19.217652082 CET5755953192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:44:19.340936899 CET53575598.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:44:19.342546940 CET5971553192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:44:19.467292070 CET53597158.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:44:19.468910933 CET4073153192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:44:19.597996950 CET53407318.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:44:19.599735975 CET5165053192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:44:19.722932100 CET53516508.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:44:19.724739075 CET4806753192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:44:19.852094889 CET53480678.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:44:19.853682995 CET5953953192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:44:19.977324009 CET53595398.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:44:19.978923082 CET5798053192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:44:20.102416039 CET53579808.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:44:20.103805065 CET3907253192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:44:20.226548910 CET53390728.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:44:20.227869987 CET3911253192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:44:20.351588964 CET53391128.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:44:20.352771997 CET3310653192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:44:20.477324963 CET53331068.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:44:30.480034113 CET5366953192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:44:30.604346991 CET53536698.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:44:30.605519056 CET4337953192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:44:30.729769945 CET53433798.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:44:30.731446028 CET4853453192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:44:30.861073017 CET53485348.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:44:30.862548113 CET5416453192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:44:30.992048025 CET53541648.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:44:30.993665934 CET4961253192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:44:31.117428064 CET53496128.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:44:31.119149923 CET4451353192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:44:31.247548103 CET53445138.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:44:31.249419928 CET4054553192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:44:31.372220993 CET53405458.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:44:31.373936892 CET5860353192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:44:31.498802900 CET53586038.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:44:31.500269890 CET4001853192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:44:31.623378992 CET53400188.8.8.8192.168.2.23
                                                                                Dec 6, 2024 11:44:31.625190973 CET4896653192.168.2.238.8.8.8
                                                                                Dec 6, 2024 11:44:31.749984026 CET53489668.8.8.8192.168.2.23

                                                                                ICMP Packets

                                                                                TimestampSource IPDest IPChecksumCodeType
                                                                                Dec 6, 2024 11:42:11.661571980 CET192.168.2.23192.168.2.18283(Port unreachable)Destination Unreachable
                                                                                Dec 6, 2024 11:43:31.675520897 CET192.168.2.23192.168.2.18283(Port unreachable)Destination Unreachable

                                                                                DNS Queries

                                                                                TimestampSource IPDest IPTrans IDOP CodeNameTypeClassDNS over HTTPS
                                                                                Dec 6, 2024 11:42:03.068691015 CET192.168.2.238.8.8.80xc2b0Standard query (0)server.eye-network.ruA (IP address)IN (0x0001)false
                                                                                Dec 6, 2024 11:42:03.194389105 CET192.168.2.238.8.8.80xc2b0Standard query (0)server.eye-network.ruA (IP address)IN (0x0001)false
                                                                                Dec 6, 2024 11:42:03.318342924 CET192.168.2.238.8.8.80xc2b0Standard query (0)server.eye-network.ruA (IP address)IN (0x0001)false
                                                                                Dec 6, 2024 11:42:03.443561077 CET192.168.2.238.8.8.80xc2b0Standard query (0)server.eye-network.ruA (IP address)IN (0x0001)false
                                                                                Dec 6, 2024 11:42:03.567768097 CET192.168.2.238.8.8.80xc2b0Standard query (0)server.eye-network.ruA (IP address)IN (0x0001)false
                                                                                Dec 6, 2024 11:42:03.693521976 CET192.168.2.238.8.8.80xeeabStandard query (0)server.eye-network.ru. [malformed]256507false
                                                                                Dec 6, 2024 11:42:03.818629026 CET192.168.2.238.8.8.80xeeabStandard query (0)server.eye-network.ru. [malformed]256507false
                                                                                Dec 6, 2024 11:42:03.952950001 CET192.168.2.238.8.8.80xeeabStandard query (0)server.eye-network.ru. [malformed]256508false
                                                                                Dec 6, 2024 11:42:04.080399036 CET192.168.2.238.8.8.80xeeabStandard query (0)server.eye-network.ru. [malformed]256508false
                                                                                Dec 6, 2024 11:42:04.205447912 CET192.168.2.238.8.8.80xeeabStandard query (0)server.eye-network.ru. [malformed]256508false
                                                                                Dec 6, 2024 11:42:07.050215960 CET192.168.2.231.1.1.10xa05aStandard query (0)daisy.ubuntu.com28IN (0x0001)false
                                                                                Dec 6, 2024 11:42:07.050260067 CET192.168.2.231.1.1.10x5275Standard query (0)daisy.ubuntu.comA (IP address)IN (0x0001)false
                                                                                Dec 6, 2024 11:42:08.194616079 CET192.168.2.238.8.8.80xd892Standard query (0)server.eye-network.ru. [malformed]256256false
                                                                                Dec 6, 2024 11:42:08.328078985 CET192.168.2.238.8.8.80xd892Standard query (0)server.eye-network.ru. [malformed]256256false
                                                                                Dec 6, 2024 11:42:08.459307909 CET192.168.2.238.8.8.80xd892Standard query (0)server.eye-network.ru. [malformed]256256false
                                                                                Dec 6, 2024 11:42:08.588399887 CET192.168.2.238.8.8.80xd892Standard query (0)server.eye-network.ru. [malformed]256256false
                                                                                Dec 6, 2024 11:42:08.716324091 CET192.168.2.238.8.8.80xd892Standard query (0)server.eye-network.ru. [malformed]256256false
                                                                                Dec 6, 2024 11:42:10.376552105 CET192.168.2.231.1.1.10x8aa9Standard query (0)daisy.ubuntu.com28IN (0x0001)false
                                                                                Dec 6, 2024 11:42:10.904088974 CET192.168.2.231.1.1.10x4aaaStandard query (0)daisy.ubuntu.com28IN (0x0001)false
                                                                                Dec 6, 2024 11:42:17.556507111 CET192.168.2.238.8.8.80x639Standard query (0)server.eye-network.ru. [malformed]256265false
                                                                                Dec 6, 2024 11:42:17.680643082 CET192.168.2.238.8.8.80x639Standard query (0)server.eye-network.ru. [malformed]256265false
                                                                                Dec 6, 2024 11:42:17.806363106 CET192.168.2.238.8.8.80x639Standard query (0)server.eye-network.ru. [malformed]256265false
                                                                                Dec 6, 2024 11:42:17.929836988 CET192.168.2.238.8.8.80x639Standard query (0)server.eye-network.ru. [malformed]256266false
                                                                                Dec 6, 2024 11:42:18.059540987 CET192.168.2.238.8.8.80x639Standard query (0)server.eye-network.ru. [malformed]256266false
                                                                                Dec 6, 2024 11:42:19.814167976 CET192.168.2.238.8.8.80xcb6eStandard query (0)server.eye-network.ru. [malformed]256267false
                                                                                Dec 6, 2024 11:42:19.942311049 CET192.168.2.238.8.8.80xcb6eStandard query (0)server.eye-network.ru. [malformed]256267false
                                                                                Dec 6, 2024 11:42:20.067495108 CET192.168.2.238.8.8.80xcb6eStandard query (0)server.eye-network.ru. [malformed]256268false
                                                                                Dec 6, 2024 11:42:20.193031073 CET192.168.2.238.8.8.80xcb6eStandard query (0)server.eye-network.ru. [malformed]256268false
                                                                                Dec 6, 2024 11:42:20.323867083 CET192.168.2.238.8.8.80xcb6eStandard query (0)server.eye-network.ru. [malformed]256268false
                                                                                Dec 6, 2024 11:42:21.724165916 CET192.168.2.231.1.1.10xe245Standard query (0)daisy.ubuntu.com28IN (0x0001)false
                                                                                Dec 6, 2024 11:42:31.078999043 CET192.168.2.238.8.8.80xa23aStandard query (0)server.eye-network.ru. [malformed]256279false
                                                                                Dec 6, 2024 11:42:31.382220030 CET192.168.2.238.8.8.80xa23aStandard query (0)server.eye-network.ru. [malformed]256279false
                                                                                Dec 6, 2024 11:42:31.506453991 CET192.168.2.238.8.8.80xa23aStandard query (0)server.eye-network.ru. [malformed]256279false
                                                                                Dec 6, 2024 11:42:31.632014036 CET192.168.2.238.8.8.80xa23aStandard query (0)server.eye-network.ru. [malformed]256279false
                                                                                Dec 6, 2024 11:42:31.760915995 CET192.168.2.238.8.8.80xa23aStandard query (0)server.eye-network.ru. [malformed]256279false
                                                                                Dec 6, 2024 11:42:36.533364058 CET192.168.2.238.8.8.80xc60bStandard query (0)server.eye-network.ru. [malformed]256284false
                                                                                Dec 6, 2024 11:42:36.657557011 CET192.168.2.238.8.8.80xc60bStandard query (0)server.eye-network.ru. [malformed]256284false
                                                                                Dec 6, 2024 11:42:36.785393000 CET192.168.2.238.8.8.80xc60bStandard query (0)server.eye-network.ru. [malformed]256284false
                                                                                Dec 6, 2024 11:42:36.912185907 CET192.168.2.238.8.8.80xc60bStandard query (0)server.eye-network.ru. [malformed]256284false
                                                                                Dec 6, 2024 11:42:37.039158106 CET192.168.2.238.8.8.80xc60bStandard query (0)server.eye-network.ru. [malformed]256285false
                                                                                Dec 6, 2024 11:42:44.806884050 CET192.168.2.238.8.8.80x8c9eStandard query (0)server.eye-network.ru. [malformed]256292false
                                                                                Dec 6, 2024 11:42:44.935064077 CET192.168.2.238.8.8.80x8c9eStandard query (0)server.eye-network.ru. [malformed]256293false
                                                                                Dec 6, 2024 11:42:45.060328007 CET192.168.2.238.8.8.80x8c9eStandard query (0)server.eye-network.ru. [malformed]256293false
                                                                                Dec 6, 2024 11:42:45.184665918 CET192.168.2.238.8.8.80x8c9eStandard query (0)server.eye-network.ru. [malformed]256293false
                                                                                Dec 6, 2024 11:42:45.313565969 CET192.168.2.238.8.8.80x8c9eStandard query (0)server.eye-network.ru. [malformed]256293false
                                                                                Dec 6, 2024 11:42:47.075037956 CET192.168.2.238.8.8.80x286cStandard query (0)server.eye-network.ru. [malformed]256295false
                                                                                Dec 6, 2024 11:42:47.199093103 CET192.168.2.238.8.8.80x286cStandard query (0)server.eye-network.ru. [malformed]256295false
                                                                                Dec 6, 2024 11:42:47.324177980 CET192.168.2.238.8.8.80x286cStandard query (0)server.eye-network.ru. [malformed]256295false
                                                                                Dec 6, 2024 11:42:47.447789907 CET192.168.2.238.8.8.80x286cStandard query (0)server.eye-network.ru. [malformed]256295false
                                                                                Dec 6, 2024 11:42:47.572267056 CET192.168.2.238.8.8.80x286cStandard query (0)server.eye-network.ru. [malformed]256295false
                                                                                Dec 6, 2024 11:42:55.338377953 CET192.168.2.238.8.8.80x2730Standard query (0)server.eye-network.ru. [malformed]256303false
                                                                                Dec 6, 2024 11:42:55.469568968 CET192.168.2.238.8.8.80x2730Standard query (0)server.eye-network.ru. [malformed]256303false
                                                                                Dec 6, 2024 11:42:55.601377964 CET192.168.2.238.8.8.80x2730Standard query (0)server.eye-network.ru. [malformed]256303false
                                                                                Dec 6, 2024 11:42:55.732244968 CET192.168.2.238.8.8.80x2730Standard query (0)server.eye-network.ru. [malformed]256303false
                                                                                Dec 6, 2024 11:42:55.858483076 CET192.168.2.238.8.8.80x2730Standard query (0)server.eye-network.ru. [malformed]256303false
                                                                                Dec 6, 2024 11:42:59.861795902 CET192.168.2.238.8.8.80xdf55Standard query (0)server.eye-network.ru. [malformed]256307false
                                                                                Dec 6, 2024 11:42:59.985656977 CET192.168.2.238.8.8.80xdf55Standard query (0)server.eye-network.ru. [malformed]256308false
                                                                                Dec 6, 2024 11:43:00.110479116 CET192.168.2.238.8.8.80xdf55Standard query (0)server.eye-network.ru. [malformed]256308false
                                                                                Dec 6, 2024 11:43:00.234025002 CET192.168.2.238.8.8.80xdf55Standard query (0)server.eye-network.ru. [malformed]256308false
                                                                                Dec 6, 2024 11:43:00.357621908 CET192.168.2.238.8.8.80xdf55Standard query (0)server.eye-network.ru. [malformed]256308false
                                                                                Dec 6, 2024 11:43:08.129091978 CET192.168.2.238.8.8.80x3b0eStandard query (0)server.eye-network.ru. [malformed]256316false
                                                                                Dec 6, 2024 11:43:08.260967970 CET192.168.2.238.8.8.80x3b0eStandard query (0)server.eye-network.ru. [malformed]256316false
                                                                                Dec 6, 2024 11:43:08.392297983 CET192.168.2.238.8.8.80x3b0eStandard query (0)server.eye-network.ru. [malformed]256316false
                                                                                Dec 6, 2024 11:43:08.521418095 CET192.168.2.238.8.8.80x3b0eStandard query (0)server.eye-network.ru. [malformed]256316false
                                                                                Dec 6, 2024 11:43:08.653064013 CET192.168.2.238.8.8.80x3b0eStandard query (0)server.eye-network.ru. [malformed]256323false
                                                                                Dec 6, 2024 11:43:16.287096977 CET192.168.2.238.8.8.80xc81cStandard query (0)server.eye-network.ru. [malformed]256324false
                                                                                Dec 6, 2024 11:43:16.413857937 CET192.168.2.238.8.8.80xc81cStandard query (0)server.eye-network.ru. [malformed]256324false
                                                                                Dec 6, 2024 11:43:16.540352106 CET192.168.2.238.8.8.80xc81cStandard query (0)server.eye-network.ru. [malformed]256324false
                                                                                Dec 6, 2024 11:43:16.664799929 CET192.168.2.238.8.8.80xc81cStandard query (0)server.eye-network.ru. [malformed]256324false
                                                                                Dec 6, 2024 11:43:16.791244984 CET192.168.2.238.8.8.80xc81cStandard query (0)server.eye-network.ru. [malformed]256324false
                                                                                Dec 6, 2024 11:43:26.545772076 CET192.168.2.238.8.8.80x92fbStandard query (0)server.eye-network.ru. [malformed]256334false
                                                                                Dec 6, 2024 11:43:26.669753075 CET192.168.2.238.8.8.80x92fbStandard query (0)server.eye-network.ru. [malformed]256334false
                                                                                Dec 6, 2024 11:43:26.794538975 CET192.168.2.238.8.8.80x92fbStandard query (0)server.eye-network.ru. [malformed]256334false
                                                                                Dec 6, 2024 11:43:26.920977116 CET192.168.2.238.8.8.80x92fbStandard query (0)server.eye-network.ru. [malformed]256335false
                                                                                Dec 6, 2024 11:43:27.046037912 CET192.168.2.238.8.8.80x92fbStandard query (0)server.eye-network.ru. [malformed]256335false
                                                                                Dec 6, 2024 11:43:35.792119026 CET192.168.2.238.8.8.80xd110Standard query (0)server.eye-network.ru. [malformed]256343false
                                                                                Dec 6, 2024 11:43:35.922271967 CET192.168.2.238.8.8.80xd110Standard query (0)server.eye-network.ru. [malformed]256344false
                                                                                Dec 6, 2024 11:43:36.048384905 CET192.168.2.238.8.8.80xd110Standard query (0)server.eye-network.ru. [malformed]256344false
                                                                                Dec 6, 2024 11:43:36.435736895 CET192.168.2.238.8.8.80xd110Standard query (0)server.eye-network.ru. [malformed]256344false
                                                                                Dec 6, 2024 11:43:36.562366009 CET192.168.2.238.8.8.80xd110Standard query (0)server.eye-network.ru. [malformed]256344false
                                                                                Dec 6, 2024 11:43:47.317209959 CET192.168.2.238.8.8.80x152dStandard query (0)server.eye-network.ru. [malformed]256355false
                                                                                Dec 6, 2024 11:43:47.445158958 CET192.168.2.238.8.8.80x152dStandard query (0)server.eye-network.ru. [malformed]256355false
                                                                                Dec 6, 2024 11:43:47.571641922 CET192.168.2.238.8.8.80x152dStandard query (0)server.eye-network.ru. [malformed]256355false
                                                                                Dec 6, 2024 11:43:47.695594072 CET192.168.2.238.8.8.80x152dStandard query (0)server.eye-network.ru. [malformed]256355false
                                                                                Dec 6, 2024 11:43:47.821096897 CET192.168.2.238.8.8.80x152dStandard query (0)server.eye-network.ru. [malformed]256355false
                                                                                Dec 6, 2024 11:43:51.569596052 CET192.168.2.238.8.8.80xa6cdStandard query (0)server.eye-network.ru. [malformed]256359false
                                                                                Dec 6, 2024 11:43:51.697551966 CET192.168.2.238.8.8.80xa6cdStandard query (0)server.eye-network.ru. [malformed]256359false
                                                                                Dec 6, 2024 11:43:51.821526051 CET192.168.2.238.8.8.80xa6cdStandard query (0)server.eye-network.ru. [malformed]256359false
                                                                                Dec 6, 2024 11:43:51.946742058 CET192.168.2.238.8.8.80xa6cdStandard query (0)server.eye-network.ru. [malformed]256360false
                                                                                Dec 6, 2024 11:43:52.072871923 CET192.168.2.238.8.8.80xa6cdStandard query (0)server.eye-network.ru. [malformed]256360false
                                                                                Dec 6, 2024 11:43:53.825103045 CET192.168.2.238.8.8.80x89bStandard query (0)server.eye-network.ru. [malformed]256361false
                                                                                Dec 6, 2024 11:43:53.954715967 CET192.168.2.238.8.8.80x89bStandard query (0)server.eye-network.ru. [malformed]256362false
                                                                                Dec 6, 2024 11:43:54.079005957 CET192.168.2.238.8.8.80x89bStandard query (0)server.eye-network.ru. [malformed]256362false
                                                                                Dec 6, 2024 11:43:54.203217030 CET192.168.2.238.8.8.80x89bStandard query (0)server.eye-network.ru. [malformed]256362false
                                                                                Dec 6, 2024 11:43:54.328021049 CET192.168.2.238.8.8.80x89bStandard query (0)server.eye-network.ru. [malformed]256362false
                                                                                Dec 6, 2024 11:43:58.074851990 CET192.168.2.238.8.8.80x3dddStandard query (0)server.eye-network.ru. [malformed]256366false
                                                                                Dec 6, 2024 11:43:58.199079990 CET192.168.2.238.8.8.80x3dddStandard query (0)server.eye-network.ru. [malformed]256366false
                                                                                Dec 6, 2024 11:43:58.325743914 CET192.168.2.238.8.8.80x3dddStandard query (0)server.eye-network.ru. [malformed]256366false
                                                                                Dec 6, 2024 11:43:58.451759100 CET192.168.2.238.8.8.80x3dddStandard query (0)server.eye-network.ru. [malformed]256366false
                                                                                Dec 6, 2024 11:43:58.580925941 CET192.168.2.238.8.8.80x3dddStandard query (0)server.eye-network.ru. [malformed]256366false
                                                                                Dec 6, 2024 11:44:03.328535080 CET192.168.2.238.8.8.80xc6b9Standard query (0)server.eye-network.ru. [malformed]256371false
                                                                                Dec 6, 2024 11:44:03.454847097 CET192.168.2.238.8.8.80xc6b9Standard query (0)server.eye-network.ru. [malformed]256371false
                                                                                Dec 6, 2024 11:44:03.580219984 CET192.168.2.238.8.8.80xc6b9Standard query (0)server.eye-network.ru. [malformed]256371false
                                                                                Dec 6, 2024 11:44:03.705655098 CET192.168.2.238.8.8.80xc6b9Standard query (0)server.eye-network.ru. [malformed]256371false
                                                                                Dec 6, 2024 11:44:03.830590963 CET192.168.2.238.8.8.80xc6b9Standard query (0)server.eye-network.ru. [malformed]256371false
                                                                                Dec 6, 2024 11:44:12.594402075 CET192.168.2.238.8.8.80x9085Standard query (0)server.eye-network.ru. [malformed]256380false
                                                                                Dec 6, 2024 11:44:12.718400955 CET192.168.2.238.8.8.80x9085Standard query (0)server.eye-network.ru. [malformed]256380false
                                                                                Dec 6, 2024 11:44:12.843369961 CET192.168.2.238.8.8.80x9085Standard query (0)server.eye-network.ru. [malformed]256380false
                                                                                Dec 6, 2024 11:44:12.967240095 CET192.168.2.238.8.8.80x9085Standard query (0)server.eye-network.ru. [malformed]256381false
                                                                                Dec 6, 2024 11:44:13.091172934 CET192.168.2.238.8.8.80x9085Standard query (0)server.eye-network.ru. [malformed]256381false
                                                                                Dec 6, 2024 11:44:19.853682995 CET192.168.2.238.8.8.80x64d3Standard query (0)server.eye-network.ru. [malformed]256387false
                                                                                Dec 6, 2024 11:44:19.978923082 CET192.168.2.238.8.8.80x64d3Standard query (0)server.eye-network.ru. [malformed]256388false
                                                                                Dec 6, 2024 11:44:20.103805065 CET192.168.2.238.8.8.80x64d3Standard query (0)server.eye-network.ru. [malformed]256388false
                                                                                Dec 6, 2024 11:44:20.227869987 CET192.168.2.238.8.8.80x64d3Standard query (0)server.eye-network.ru. [malformed]256388false
                                                                                Dec 6, 2024 11:44:20.352771997 CET192.168.2.238.8.8.80x64d3Standard query (0)server.eye-network.ru. [malformed]256388false
                                                                                Dec 6, 2024 11:44:31.119149923 CET192.168.2.238.8.8.80x63bStandard query (0)server.eye-network.ru. [malformed]256399false
                                                                                Dec 6, 2024 11:44:31.249419928 CET192.168.2.238.8.8.80x63bStandard query (0)server.eye-network.ru. [malformed]256399false
                                                                                Dec 6, 2024 11:44:31.373936892 CET192.168.2.238.8.8.80x63bStandard query (0)server.eye-network.ru. [malformed]256399false
                                                                                Dec 6, 2024 11:44:31.500269890 CET192.168.2.238.8.8.80x63bStandard query (0)server.eye-network.ru. [malformed]256399false
                                                                                Dec 6, 2024 11:44:31.625190973 CET192.168.2.238.8.8.80x63bStandard query (0)server.eye-network.ru. [malformed]256399false

                                                                                DNS Answers

                                                                                TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClassDNS over HTTPS
                                                                                Dec 6, 2024 11:42:03.192003965 CET8.8.8.8192.168.2.230xc2b0Name error (3)server.eye-network.runonenoneA (IP address)IN (0x0001)false
                                                                                Dec 6, 2024 11:42:03.317157030 CET8.8.8.8192.168.2.230xc2b0Name error (3)server.eye-network.runonenoneA (IP address)IN (0x0001)false
                                                                                Dec 6, 2024 11:42:03.442545891 CET8.8.8.8192.168.2.230xc2b0Name error (3)server.eye-network.runonenoneA (IP address)IN (0x0001)false
                                                                                Dec 6, 2024 11:42:03.566327095 CET8.8.8.8192.168.2.230xc2b0Name error (3)server.eye-network.runonenoneA (IP address)IN (0x0001)false
                                                                                Dec 6, 2024 11:42:03.690802097 CET8.8.8.8192.168.2.230xc2b0Name error (3)server.eye-network.runonenoneA (IP address)IN (0x0001)false
                                                                                Dec 6, 2024 11:42:07.279148102 CET1.1.1.1192.168.2.230x5275No error (0)daisy.ubuntu.com162.213.35.24A (IP address)IN (0x0001)false
                                                                                Dec 6, 2024 11:42:07.279148102 CET1.1.1.1192.168.2.230x5275No error (0)daisy.ubuntu.com162.213.35.25A (IP address)IN (0x0001)false

                                                                                HTTP Request Dependency Graph

                                                                                • daisy.ubuntu.com

                                                                                HTTPS Proxied Packets

                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                0192.168.2.2353116162.213.35.25443
                                                                                TimestampBytes transferredDirectionData
                                                                                2024-12-06 10:42:14 UTC307OUTPOST /9aadafe2051348cd32033e1cad68f0a5fe46fba3240ac1e6e42158f31b8a1371790c09baf3996b4979fe8e533446c7dedf30f654c68b25357334c66911dc6a9e HTTP/1.1
                                                                                Host: daisy.ubuntu.com
                                                                                Accept: */*
                                                                                Content-Type: application/octet-stream
                                                                                X-Whoopsie-Version: 0.2.69ubuntu0.3
                                                                                Content-Length: 164887
                                                                                Expect: 100-continue
                                                                                2024-12-06 10:42:14 UTC25INHTTP/1.1 100 Continue
                                                                                2024-12-06 10:42:14 UTC16384OUTData Raw: 17 84 02 00 02 50 72 6f 63 45 6e 76 69 72 6f 6e 00 4e 00 00 00 50 41 54 48 3d 28 63 75 73 74 6f 6d 2c 20 6e 6f 20 75 73 65 72 29 0a 58 44 47 5f 52 55 4e 54 49 4d 45 5f 44 49 52 3d 3c 73 65 74 3e 0a 4c 41 4e 47 3d 65 6e 5f 55 53 2e 55 54 46 2d 38 0a 53 48 45 4c 4c 3d 2f 62 69 6e 2f 62 61 73 68 00 02 5f 4c 6f 67 69 6e 64 53 65 73 73 69 6f 6e 00 02 00 00 00 35 00 02 44 61 74 65 00 19 00 00 00 54 75 65 20 41 75 67 20 31 37 20 32 30 3a 31 38 3a 30 34 20 32 30 32 31 00 02 53 6f 75 72 63 65 50 61 63 6b 61 67 65 00 0d 00 00 00 6c 69 67 68 74 2d 6c 6f 63 6b 65 72 00 02 50 61 63 6b 61 67 65 41 72 63 68 69 74 65 63 74 75 72 65 00 06 00 00 00 61 6d 64 36 34 00 02 41 72 63 68 69 74 65 63 74 75 72 65 00 06 00 00 00 61 6d 64 36 34 00 02 44 69 73 74 72 6f 52 65 6c 65 61
                                                                                Data Ascii: ProcEnvironNPATH=(custom, no user)XDG_RUNTIME_DIR=<set>LANG=en_US.UTF-8SHELL=/bin/bash_LogindSession5DateTue Aug 17 20:18:04 2021SourcePackagelight-lockerPackageArchitectureamd64Architectureamd64DistroRelea
                                                                                2024-12-06 10:42:14 UTC16384OUTData Raw: 74 75 34 2e 31 0a 6c 69 62 70 61 6d 2d 72 75 6e 74 69 6d 65 20 31 2e 33 2e 31 2d 35 75 62 75 6e 74 75 34 2e 31 0a 6c 69 62 70 61 6d 2d 73 79 73 74 65 6d 64 20 32 34 35 2e 34 2d 34 75 62 75 6e 74 75 33 2e 31 31 0a 6c 69 62 70 61 6d 30 67 20 31 2e 33 2e 31 2d 35 75 62 75 6e 74 75 34 2e 31 0a 6c 69 62 70 61 6e 67 6f 2d 31 2e 30 2d 30 20 31 2e 34 34 2e 37 2d 32 75 62 75 6e 74 75 34 0a 6c 69 62 70 61 6e 67 6f 63 61 69 72 6f 2d 31 2e 30 2d 30 20 31 2e 34 34 2e 37 2d 32 75 62 75 6e 74 75 34 0a 6c 69 62 70 61 6e 67 6f 66 74 32 2d 31 2e 30 2d 30 20 31 2e 34 34 2e 37 2d 32 75 62 75 6e 74 75 34 0a 6c 69 62 70 61 6e 67 6f 78 66 74 2d 31 2e 30 2d 30 20 31 2e 34 34 2e 37 2d 32 75 62 75 6e 74 75 34 0a 6c 69 62 70 61 70 65 72 2d 75 74 69 6c 73 20 31 2e 31 2e 32 38 0a 6c
                                                                                Data Ascii: tu4.1libpam-runtime 1.3.1-5ubuntu4.1libpam-systemd 245.4-4ubuntu3.11libpam0g 1.3.1-5ubuntu4.1libpango-1.0-0 1.44.7-2ubuntu4libpangocairo-1.0-0 1.44.7-2ubuntu4libpangoft2-1.0-0 1.44.7-2ubuntu4libpangoxft-1.0-0 1.44.7-2ubuntu4libpaper-utils 1.1.28l
                                                                                2024-12-06 10:42:14 UTC16384OUTData Raw: 20 20 20 20 20 20 20 20 30 78 30 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 30 0a 67 73 20 20 20 20 20 20 20 20 20 20 20 20 20 30 78 30 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 30 0a 6b 30 20 20 20 20 20 20 20 20 20 20 20 20 20 30 78 30 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 30 0a 6b 31 20 20 20 20 20 20 20 20 20 20 20 20 20 30 78 30 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 30 0a 6b 32 20 20 20 20 20 20 20 20 20 20 20 20 20 30 78 30 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 30 0a 6b 33 20 20 20 20 20 20 20 20 20 20 20 20 20 30 78 30 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 30 0a 6b 34 20 20 20 20 20 20 20 20 20 20 20 20 20 30 78 30 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 30 0a 6b 35 20
                                                                                Data Ascii: 0x0 0gs 0x0 0k0 0x0 0k1 0x0 0k2 0x0 0k3 0x0 0k4 0x0 0k5
                                                                                2024-12-06 10:42:14 UTC16384OUTData Raw: 20 20 20 20 20 20 20 20 20 2f 75 73 72 2f 6c 69 62 2f 78 38 36 5f 36 34 2d 6c 69 6e 75 78 2d 67 6e 75 2f 6c 69 62 78 63 62 2d 72 65 6e 64 65 72 2e 73 6f 2e 30 2e 30 2e 30 0a 37 66 37 39 31 63 30 37 34 30 30 30 2d 37 66 37 39 31 63 30 37 35 30 30 30 20 2d 2d 2d 70 20 30 30 30 30 63 30 30 30 20 66 64 3a 30 30 20 38 30 36 32 36 30 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 2f 75 73 72 2f 6c 69 62 2f 78 38 36 5f 36 34 2d 6c 69 6e 75 78 2d 67 6e 75 2f 6c 69 62 78 63 62 2d 72 65 6e 64 65 72 2e 73 6f 2e 30 2e 30 2e 30 0a 37 66 37 39 31 63 30 37 35 30 30 30 2d 37 66 37 39 31 63 30 37 36 30 30 30 20 72 2d 2d 70 20 30 30 30 30 63 30 30 30 20 66 64 3a 30 30 20 38 30 36 32 36 30 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 2f 75
                                                                                Data Ascii: /usr/lib/x86_64-linux-gnu/libxcb-render.so.0.0.07f791c074000-7f791c075000 ---p 0000c000 fd:00 806260 /usr/lib/x86_64-linux-gnu/libxcb-render.so.0.0.07f791c075000-7f791c076000 r--p 0000c000 fd:00 806260 /u
                                                                                2024-12-06 10:42:14 UTC16384OUTData Raw: 6e 75 78 2d 67 6e 75 2f 6c 69 62 67 64 6b 5f 70 69 78 62 75 66 2d 32 2e 30 2e 73 6f 2e 30 2e 34 30 30 30 2e 30 0a 37 66 37 39 31 63 37 37 33 30 30 30 2d 37 66 37 39 31 63 37 37 34 30 30 30 20 72 77 2d 70 20 30 30 30 32 36 30 30 30 20 66 64 3a 30 30 20 38 30 36 32 34 35 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 2f 75 73 72 2f 6c 69 62 2f 78 38 36 5f 36 34 2d 6c 69 6e 75 78 2d 67 6e 75 2f 6c 69 62 67 64 6b 5f 70 69 78 62 75 66 2d 32 2e 30 2e 73 6f 2e 30 2e 34 30 30 30 2e 30 0a 37 66 37 39 31 63 37 37 34 30 30 30 2d 37 66 37 39 31 63 37 37 38 30 30 30 20 72 2d 2d 70 20 30 30 30 30 30 30 30 30 20 66 64 3a 30 30 20 38 30 36 32 36 38 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 2f 75 73 72 2f 6c 69 62 2f 78 38 36 5f 36 34
                                                                                Data Ascii: nux-gnu/libgdk_pixbuf-2.0.so.0.4000.07f791c773000-7f791c774000 rw-p 00026000 fd:00 806245 /usr/lib/x86_64-linux-gnu/libgdk_pixbuf-2.0.so.0.4000.07f791c774000-7f791c778000 r--p 00000000 fd:00 806268 /usr/lib/x86_64
                                                                                2024-12-06 10:42:14 UTC16384OUTData Raw: 20 70 6c 61 74 66 6f 72 6d 20 65 69 73 61 2e 30 3a 20 43 61 6e 6e 6f 74 20 61 6c 6c 6f 63 61 74 65 20 72 65 73 6f 75 72 63 65 20 66 6f 72 20 45 49 53 41 20 73 6c 6f 74 20 37 0a 41 75 67 20 31 37 20 32 30 3a 32 34 3a 34 36 20 67 61 6c 61 73 73 69 61 20 6b 65 72 6e 65 6c 3a 20 70 6c 61 74 66 6f 72 6d 20 65 69 73 61 2e 30 3a 20 43 61 6e 6e 6f 74 20 61 6c 6c 6f 63 61 74 65 20 72 65 73 6f 75 72 63 65 20 66 6f 72 20 45 49 53 41 20 73 6c 6f 74 20 38 0a 41 75 67 20 31 37 20 32 30 3a 32 34 3a 34 36 20 67 61 6c 61 73 73 69 61 20 6b 65 72 6e 65 6c 3a 20 73 64 20 33 32 3a 30 3a 30 3a 30 3a 20 5b 73 64 61 5d 20 41 73 73 75 6d 69 6e 67 20 64 72 69 76 65 20 63 61 63 68 65 3a 20 77 72 69 74 65 20 74 68 72 6f 75 67 68 0a 41 75 67 20 31 37 20 32 30 3a 32 34 3a 34 37 20 67
                                                                                Data Ascii: platform eisa.0: Cannot allocate resource for EISA slot 7Aug 17 20:24:46 galassia kernel: platform eisa.0: Cannot allocate resource for EISA slot 8Aug 17 20:24:46 galassia kernel: sd 32:0:0:0: [sda] Assuming drive cache: write throughAug 17 20:24:47 g
                                                                                2024-12-06 10:42:14 UTC16384OUTData Raw: 35 35 31 5d 3a 20 28 49 49 29 20 4c 6f 61 64 4d 6f 64 75 6c 65 3a 20 22 66 62 64 65 76 68 77 22 0a 41 75 67 20 31 37 20 32 30 3a 32 35 3a 30 34 20 67 61 6c 61 73 73 69 61 20 2f 75 73 72 2f 6c 69 62 2f 67 64 6d 33 2f 67 64 6d 2d 78 2d 73 65 73 73 69 6f 6e 5b 31 35 35 31 5d 3a 20 28 49 49 29 20 4c 6f 61 64 69 6e 67 20 2f 75 73 72 2f 6c 69 62 2f 78 6f 72 67 2f 6d 6f 64 75 6c 65 73 2f 6c 69 62 66 62 64 65 76 68 77 2e 73 6f 0a 41 75 67 20 31 37 20 32 30 3a 32 35 3a 30 34 20 67 61 6c 61 73 73 69 61 20 2f 75 73 72 2f 6c 69 62 2f 67 64 6d 33 2f 67 64 6d 2d 78 2d 73 65 73 73 69 6f 6e 5b 31 35 35 31 5d 3a 20 28 49 49 29 20 4d 6f 64 75 6c 65 20 66 62 64 65 76 68 77 3a 20 76 65 6e 64 6f 72 3d 22 58 2e 4f 72 67 20 46 6f 75 6e 64 61 74 69 6f 6e 22 0a 41 75 67 20 31 37
                                                                                Data Ascii: 551]: (II) LoadModule: "fbdevhw"Aug 17 20:25:04 galassia /usr/lib/gdm3/gdm-x-session[1551]: (II) Loading /usr/lib/xorg/modules/libfbdevhw.soAug 17 20:25:04 galassia /usr/lib/gdm3/gdm-x-session[1551]: (II) Module fbdevhw: vendor="X.Org Foundation"Aug 17
                                                                                2024-12-06 10:42:14 UTC16384OUTData Raw: 2f 6c 69 62 2f 67 64 6d 33 2f 67 64 6d 2d 78 2d 73 65 73 73 69 6f 6e 5b 31 35 35 31 5d 3a 20 28 49 49 29 20 76 6d 77 61 72 65 28 30 29 3a 20 4e 6f 74 20 75 73 69 6e 67 20 64 65 66 61 75 6c 74 20 6d 6f 64 65 20 22 31 39 32 30 78 31 32 30 30 22 20 28 69 6e 73 75 66 66 69 63 69 65 6e 74 20 6d 65 6d 6f 72 79 20 66 6f 72 20 6d 6f 64 65 29 0a 41 75 67 20 31 37 20 32 30 3a 32 35 3a 30 35 20 67 61 6c 61 73 73 69 61 20 2f 75 73 72 2f 6c 69 62 2f 67 64 6d 33 2f 67 64 6d 2d 78 2d 73 65 73 73 69 6f 6e 5b 31 35 35 31 5d 3a 20 28 49 49 29 20 76 6d 77 61 72 65 28 30 29 3a 20 4e 6f 74 20 75 73 69 6e 67 20 64 65 66 61 75 6c 74 20 6d 6f 64 65 20 22 39 36 30 78 36 30 30 22 20 28 62 61 64 20 6d 6f 64 65 20 63 6c 6f 63 6b 2f 69 6e 74 65 72 6c 61 63 65 2f 64 6f 75 62 6c 65 73
                                                                                Data Ascii: /lib/gdm3/gdm-x-session[1551]: (II) vmware(0): Not using default mode "1920x1200" (insufficient memory for mode)Aug 17 20:25:05 galassia /usr/lib/gdm3/gdm-x-session[1551]: (II) vmware(0): Not using default mode "960x600" (bad mode clock/interlace/doubles
                                                                                2024-12-06 10:42:14 UTC16384OUTData Raw: 20 31 33 33 36 20 31 35 32 30 20 20 38 36 34 20 38 36 35 20 38 36 38 20 38 39 35 20 2d 68 73 79 6e 63 20 2b 76 73 79 6e 63 20 28 35 33 2e 37 20 6b 48 7a 20 64 29 0a 41 75 67 20 31 37 20 32 30 3a 32 35 3a 30 35 20 67 61 6c 61 73 73 69 61 20 2f 75 73 72 2f 6c 69 62 2f 67 64 6d 33 2f 67 64 6d 2d 78 2d 73 65 73 73 69 6f 6e 5b 31 35 35 31 5d 3a 20 28 2a 2a 29 20 76 6d 77 61 72 65 28 30 29 3a 20 20 44 65 66 61 75 6c 74 20 6d 6f 64 65 20 22 31 30 32 34 78 37 36 38 22 3a 20 39 34 2e 35 20 4d 48 7a 2c 20 36 38 2e 37 20 6b 48 7a 2c 20 38 35 2e 30 20 48 7a 0a 41 75 67 20 31 37 20 32 30 3a 32 35 3a 30 35 20 67 61 6c 61 73 73 69 61 20 2f 75 73 72 2f 6c 69 62 2f 67 64 6d 33 2f 67 64 6d 2d 78 2d 73 65 73 73 69 6f 6e 5b 31 35 35 31 5d 3a 20 28 49 49 29 20 76 6d 77 61 72
                                                                                Data Ascii: 1336 1520 864 865 868 895 -hsync +vsync (53.7 kHz d)Aug 17 20:25:05 galassia /usr/lib/gdm3/gdm-x-session[1551]: (**) vmware(0): Default mode "1024x768": 94.5 MHz, 68.7 kHz, 85.0 HzAug 17 20:25:05 galassia /usr/lib/gdm3/gdm-x-session[1551]: (II) vmwar
                                                                                2024-12-06 10:42:14 UTC16384OUTData Raw: 65 64 20 53 65 74 20 32 20 6b 65 79 62 6f 61 72 64 3a 20 61 6c 77 61 79 73 20 72 65 70 6f 72 74 73 20 63 6f 72 65 20 65 76 65 6e 74 73 0a 41 75 67 20 31 37 20 32 30 3a 32 35 3a 30 35 20 67 61 6c 61 73 73 69 61 20 2f 75 73 72 2f 6c 69 62 2f 67 64 6d 33 2f 67 64 6d 2d 78 2d 73 65 73 73 69 6f 6e 5b 31 35 35 31 5d 3a 20 28 2a 2a 29 20 4f 70 74 69 6f 6e 20 22 44 65 76 69 63 65 22 20 22 2f 64 65 76 2f 69 6e 70 75 74 2f 65 76 65 6e 74 31 22 0a 41 75 67 20 31 37 20 32 30 3a 32 35 3a 30 35 20 67 61 6c 61 73 73 69 61 20 2f 75 73 72 2f 6c 69 62 2f 67 64 6d 33 2f 67 64 6d 2d 78 2d 73 65 73 73 69 6f 6e 5b 31 35 35 31 5d 3a 20 28 2a 2a 29 20 4f 70 74 69 6f 6e 20 22 5f 73 6f 75 72 63 65 22 20 22 73 65 72 76 65 72 2f 75 64 65 76 22 0a 41 75 67 20 31 37 20 32 30 3a 32 35
                                                                                Data Ascii: ed Set 2 keyboard: always reports core eventsAug 17 20:25:05 galassia /usr/lib/gdm3/gdm-x-session[1551]: (**) Option "Device" "/dev/input/event1"Aug 17 20:25:05 galassia /usr/lib/gdm3/gdm-x-session[1551]: (**) Option "_source" "server/udev"Aug 17 20:25
                                                                                2024-12-06 10:42:15 UTC279INHTTP/1.1 400 Bad Request
                                                                                Date: Fri, 06 Dec 2024 10:42:15 GMT
                                                                                Server: gunicorn/19.7.1
                                                                                X-Daisy-Revision-Number: 979
                                                                                X-Oops-Repository-Version: 0.0.0
                                                                                Strict-Transport-Security: max-age=2592000
                                                                                Connection: close
                                                                                Transfer-Encoding: chunked
                                                                                17
                                                                                Crash already reported.
                                                                                0


                                                                                System Behavior

                                                                                General

                                                                                Start time (UTC):10:42:01
                                                                                Start date (UTC):06/12/2024
                                                                                Path:/usr/bin/dash
                                                                                Arguments:-
                                                                                File size:129816 bytes
                                                                                MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                                                Chronological Activities


                                                                                General

                                                                                Start time (UTC):10:42:01
                                                                                Start date (UTC):06/12/2024
                                                                                Path:/usr/bin/rm
                                                                                Arguments:rm -f /tmp/tmp.f8NtUib4dg /tmp/tmp.QwVtZeApeT /tmp/tmp.ExO63KUjCm
                                                                                File size:72056 bytes
                                                                                MD5 hash:aa2b5496fdbfd88e38791ab81f90b95b

                                                                                Chronological Activities


                                                                                General

                                                                                Start time (UTC):10:42:01
                                                                                Start date (UTC):06/12/2024
                                                                                Path:/usr/bin/dash
                                                                                Arguments:-
                                                                                File size:129816 bytes
                                                                                MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                                                Chronological Activities


                                                                                General

                                                                                Start time (UTC):10:42:01
                                                                                Start date (UTC):06/12/2024
                                                                                Path:/usr/bin/rm
                                                                                Arguments:rm -f /tmp/tmp.f8NtUib4dg /tmp/tmp.QwVtZeApeT /tmp/tmp.ExO63KUjCm
                                                                                File size:72056 bytes
                                                                                MD5 hash:aa2b5496fdbfd88e38791ab81f90b95b

                                                                                Chronological Activities


                                                                                General

                                                                                Start time (UTC):10:42:02
                                                                                Start date (UTC):06/12/2024
                                                                                Path:/tmp/Aqua.arm5.elf
                                                                                Arguments:/tmp/Aqua.arm5.elf
                                                                                File size:4956856 bytes
                                                                                MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                                                                                Chronological Activities


                                                                                General

                                                                                Start time (UTC):10:42:02
                                                                                Start date (UTC):06/12/2024
                                                                                Path:/tmp/Aqua.arm5.elf
                                                                                Arguments:-
                                                                                File size:4956856 bytes
                                                                                MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                                                                                Chronological Activities


                                                                                General

                                                                                Start time (UTC):10:42:02
                                                                                Start date (UTC):06/12/2024
                                                                                Path:/tmp/Aqua.arm5.elf
                                                                                Arguments:-
                                                                                File size:4956856 bytes
                                                                                MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                                                                                Chronological Activities


                                                                                General

                                                                                Start time (UTC):10:42:02
                                                                                Start date (UTC):06/12/2024
                                                                                Path:/usr/libexec/gnome-session-binary
                                                                                Arguments:-
                                                                                File size:334664 bytes
                                                                                MD5 hash:d9b90be4f7db60cb3c2d3da6a1d31bfb

                                                                                Chronological Activities


                                                                                General

                                                                                Start time (UTC):10:42:02
                                                                                Start date (UTC):06/12/2024
                                                                                Path:/bin/sh
                                                                                Arguments:/bin/sh -e -u -c "export GIO_LAUNCHED_DESKTOP_FILE_PID=$$; exec \"$@\"" sh /usr/libexec/gsd-rfkill
                                                                                File size:129816 bytes
                                                                                MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                                                Chronological Activities


                                                                                General

                                                                                Start time (UTC):10:42:03
                                                                                Start date (UTC):06/12/2024
                                                                                Path:/usr/libexec/gsd-rfkill
                                                                                Arguments:/usr/libexec/gsd-rfkill
                                                                                File size:51808 bytes
                                                                                MD5 hash:88a16a3c0aba1759358c06215ecfb5cc

                                                                                Chronological Activities


                                                                                General

                                                                                Start time (UTC):10:42:03
                                                                                Start date (UTC):06/12/2024
                                                                                Path:/usr/lib/systemd/systemd
                                                                                Arguments:-
                                                                                File size:1620224 bytes
                                                                                MD5 hash:9b2bec7092a40488108543f9334aab75

                                                                                Chronological Activities


                                                                                General

                                                                                Start time (UTC):10:42:03
                                                                                Start date (UTC):06/12/2024
                                                                                Path:/lib/systemd/systemd-hostnamed
                                                                                Arguments:/lib/systemd/systemd-hostnamed
                                                                                File size:35040 bytes
                                                                                MD5 hash:2cc8a5576629a2d5bd98e49a4b8bef65

                                                                                Chronological Activities


                                                                                General

                                                                                Start time (UTC):10:42:03
                                                                                Start date (UTC):06/12/2024
                                                                                Path:/usr/sbin/gdm3
                                                                                Arguments:-
                                                                                File size:453296 bytes
                                                                                MD5 hash:2492e2d8d34f9377e3e530a61a15674f

                                                                                Chronological Activities


                                                                                General

                                                                                Start time (UTC):10:42:03
                                                                                Start date (UTC):06/12/2024
                                                                                Path:/etc/gdm3/PrimeOff/Default
                                                                                Arguments:/etc/gdm3/PrimeOff/Default
                                                                                File size:129816 bytes
                                                                                MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                                                Chronological Activities


                                                                                General

                                                                                Start time (UTC):10:42:03
                                                                                Start date (UTC):06/12/2024
                                                                                Path:/usr/sbin/gdm3
                                                                                Arguments:-
                                                                                File size:453296 bytes
                                                                                MD5 hash:2492e2d8d34f9377e3e530a61a15674f

                                                                                Chronological Activities


                                                                                General

                                                                                Start time (UTC):10:42:03
                                                                                Start date (UTC):06/12/2024
                                                                                Path:/etc/gdm3/PrimeOff/Default
                                                                                Arguments:/etc/gdm3/PrimeOff/Default
                                                                                File size:129816 bytes
                                                                                MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                                                Chronological Activities


                                                                                General

                                                                                Start time (UTC):10:42:05
                                                                                Start date (UTC):06/12/2024
                                                                                Path:/usr/sbin/gdm3
                                                                                Arguments:-
                                                                                File size:453296 bytes
                                                                                MD5 hash:2492e2d8d34f9377e3e530a61a15674f

                                                                                Chronological Activities


                                                                                General

                                                                                Start time (UTC):10:42:05
                                                                                Start date (UTC):06/12/2024
                                                                                Path:/etc/gdm3/PrimeOff/Default
                                                                                Arguments:/etc/gdm3/PrimeOff/Default
                                                                                File size:129816 bytes
                                                                                MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                                                Chronological Activities


                                                                                General

                                                                                Start time (UTC):10:42:05
                                                                                Start date (UTC):06/12/2024
                                                                                Path:/usr/lib/systemd/systemd
                                                                                Arguments:-
                                                                                File size:1620224 bytes
                                                                                MD5 hash:9b2bec7092a40488108543f9334aab75

                                                                                Chronological Activities


                                                                                General

                                                                                Start time (UTC):10:42:05
                                                                                Start date (UTC):06/12/2024
                                                                                Path:/usr/bin/dbus-daemon
                                                                                Arguments:/usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only
                                                                                File size:249032 bytes
                                                                                MD5 hash:3089d47e3f3ab84cd81c48fd406d7a8c

                                                                                Chronological Activities


                                                                                General

                                                                                Start time (UTC):10:42:05
                                                                                Start date (UTC):06/12/2024
                                                                                Path:/usr/lib/systemd/systemd
                                                                                Arguments:-
                                                                                File size:1620224 bytes
                                                                                MD5 hash:9b2bec7092a40488108543f9334aab75

                                                                                Chronological Activities


                                                                                General

                                                                                Start time (UTC):10:42:05
                                                                                Start date (UTC):06/12/2024
                                                                                Path:/usr/bin/pulseaudio
                                                                                Arguments:/usr/bin/pulseaudio --daemonize=no --log-target=journal
                                                                                File size:100832 bytes
                                                                                MD5 hash:0c3b4c789d8ffb12b25507f27e14c186

                                                                                Chronological Activities


                                                                                General

                                                                                Start time (UTC):10:42:05
                                                                                Start date (UTC):06/12/2024
                                                                                Path:/usr/lib/systemd/systemd
                                                                                Arguments:-
                                                                                File size:1620224 bytes
                                                                                MD5 hash:9b2bec7092a40488108543f9334aab75

                                                                                Chronological Activities


                                                                                General

                                                                                Start time (UTC):10:42:05
                                                                                Start date (UTC):06/12/2024
                                                                                Path:/usr/sbin/rsyslogd
                                                                                Arguments:/usr/sbin/rsyslogd -n -iNONE
                                                                                File size:727248 bytes
                                                                                MD5 hash:0b8087fc907c42eb3c81a691db258e33

                                                                                Chronological Activities


                                                                                General

                                                                                Start time (UTC):10:42:06
                                                                                Start date (UTC):06/12/2024
                                                                                Path:/usr/lib/systemd/systemd
                                                                                Arguments:-
                                                                                File size:1620224 bytes
                                                                                MD5 hash:9b2bec7092a40488108543f9334aab75

                                                                                Chronological Activities


                                                                                General

                                                                                Start time (UTC):10:42:06
                                                                                Start date (UTC):06/12/2024
                                                                                Path:/usr/libexec/rtkit-daemon
                                                                                Arguments:/usr/libexec/rtkit-daemon
                                                                                File size:68096 bytes
                                                                                MD5 hash:df0cacf1db4ec95ac70f5b6e06b8ffd7

                                                                                Chronological Activities


                                                                                General

                                                                                Start time (UTC):10:42:06
                                                                                Start date (UTC):06/12/2024
                                                                                Path:/usr/lib/systemd/systemd
                                                                                Arguments:-
                                                                                File size:1620224 bytes
                                                                                MD5 hash:9b2bec7092a40488108543f9334aab75

                                                                                Chronological Activities


                                                                                General

                                                                                Start time (UTC):10:42:06
                                                                                Start date (UTC):06/12/2024
                                                                                Path:/lib/systemd/systemd-logind
                                                                                Arguments:/lib/systemd/systemd-logind
                                                                                File size:268576 bytes
                                                                                MD5 hash:8dd58a1b4c12f7a1d5fe3ce18b2aaeef

                                                                                Chronological Activities


                                                                                General

                                                                                Start time (UTC):10:42:06
                                                                                Start date (UTC):06/12/2024
                                                                                Path:/usr/lib/systemd/systemd
                                                                                Arguments:-
                                                                                File size:1620224 bytes
                                                                                MD5 hash:9b2bec7092a40488108543f9334aab75

                                                                                Chronological Activities


                                                                                General

                                                                                Start time (UTC):10:42:06
                                                                                Start date (UTC):06/12/2024
                                                                                Path:/usr/lib/policykit-1/polkitd
                                                                                Arguments:/usr/lib/policykit-1/polkitd --no-debug
                                                                                File size:121504 bytes
                                                                                MD5 hash:8efc9b4b5b524210ad2ea1954a9d0e69

                                                                                Chronological Activities


                                                                                General

                                                                                Start time (UTC):10:42:06
                                                                                Start date (UTC):06/12/2024
                                                                                Path:/usr/libexec/gvfsd-fuse
                                                                                Arguments:-
                                                                                File size:47632 bytes
                                                                                MD5 hash:d18fbf1cbf8eb57b17fac48b7b4be933

                                                                                Chronological Activities


                                                                                General

                                                                                Start time (UTC):10:42:06
                                                                                Start date (UTC):06/12/2024
                                                                                Path:/bin/fusermount
                                                                                Arguments:fusermount -u -q -z -- /run/user/1000/gvfs
                                                                                File size:39144 bytes
                                                                                MD5 hash:576a1b135c82bdcbc97a91acea900566

                                                                                Chronological Activities


                                                                                General

                                                                                Start time (UTC):10:42:06
                                                                                Start date (UTC):06/12/2024
                                                                                Path:/usr/lib/systemd/systemd
                                                                                Arguments:-
                                                                                File size:1620224 bytes
                                                                                MD5 hash:9b2bec7092a40488108543f9334aab75

                                                                                Chronological Activities


                                                                                General

                                                                                Start time (UTC):10:42:06
                                                                                Start date (UTC):06/12/2024
                                                                                Path:/usr/bin/gpu-manager
                                                                                Arguments:/usr/bin/gpu-manager --log /var/log/gpu-manager.log
                                                                                File size:76616 bytes
                                                                                MD5 hash:8fae9dd5dd67e1f33d873089c2fd8761

                                                                                Chronological Activities


                                                                                General

                                                                                Start time (UTC):10:42:07
                                                                                Start date (UTC):06/12/2024
                                                                                Path:/usr/bin/gpu-manager
                                                                                Arguments:-
                                                                                File size:76616 bytes
                                                                                MD5 hash:8fae9dd5dd67e1f33d873089c2fd8761

                                                                                Chronological Activities


                                                                                General

                                                                                Start time (UTC):10:42:07
                                                                                Start date (UTC):06/12/2024
                                                                                Path:/bin/sh
                                                                                Arguments:sh -c "grep -G \"^blacklist.*nvidia[[:space:]]*$\" /etc/modprobe.d/*.conf"
                                                                                File size:129816 bytes
                                                                                MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                                                Chronological Activities


                                                                                General

                                                                                Start time (UTC):10:42:07
                                                                                Start date (UTC):06/12/2024
                                                                                Path:/bin/sh
                                                                                Arguments:-
                                                                                File size:129816 bytes
                                                                                MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                                                Chronological Activities


                                                                                General

                                                                                Start time (UTC):10:42:07
                                                                                Start date (UTC):06/12/2024
                                                                                Path:/usr/bin/grep
                                                                                Arguments:grep -G ^blacklist.*nvidia[[:space:]]*$ /etc/modprobe.d/alsa-base.conf /etc/modprobe.d/amd64-microcode-blacklist.conf /etc/modprobe.d/blacklist-ath_pci.conf /etc/modprobe.d/blacklist-firewire.conf /etc/modprobe.d/blacklist-framebuffer.conf /etc/modprobe.d/blacklist-modem.conf /etc/modprobe.d/blacklist-oss.conf /etc/modprobe.d/blacklist-rare-network.conf /etc/modprobe.d/blacklist.conf /etc/modprobe.d/intel-microcode-blacklist.conf /etc/modprobe.d/iwlwifi.conf /etc/modprobe.d/mdadm.conf
                                                                                File size:199136 bytes
                                                                                MD5 hash:1e6ebb9dd094f774478f72727bdba0f5

                                                                                Chronological Activities


                                                                                General

                                                                                Start time (UTC):10:42:08
                                                                                Start date (UTC):06/12/2024
                                                                                Path:/usr/bin/gpu-manager
                                                                                Arguments:-
                                                                                File size:76616 bytes
                                                                                MD5 hash:8fae9dd5dd67e1f33d873089c2fd8761

                                                                                Chronological Activities


                                                                                General

                                                                                Start time (UTC):10:42:08
                                                                                Start date (UTC):06/12/2024
                                                                                Path:/bin/sh
                                                                                Arguments:sh -c "grep -G \"^blacklist.*nvidia[[:space:]]*$\" /lib/modprobe.d/*.conf"
                                                                                File size:129816 bytes
                                                                                MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                                                Chronological Activities


                                                                                General

                                                                                Start time (UTC):10:42:08
                                                                                Start date (UTC):06/12/2024
                                                                                Path:/bin/sh
                                                                                Arguments:-
                                                                                File size:129816 bytes
                                                                                MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                                                Chronological Activities


                                                                                General

                                                                                Start time (UTC):10:42:08
                                                                                Start date (UTC):06/12/2024
                                                                                Path:/usr/bin/grep
                                                                                Arguments:grep -G ^blacklist.*nvidia[[:space:]]*$ /lib/modprobe.d/aliases.conf /lib/modprobe.d/blacklist_linux_5.4.0-72-generic.conf /lib/modprobe.d/blacklist_linux_5.4.0-81-generic.conf /lib/modprobe.d/fbdev-blacklist.conf /lib/modprobe.d/systemd.conf
                                                                                File size:199136 bytes
                                                                                MD5 hash:1e6ebb9dd094f774478f72727bdba0f5

                                                                                Chronological Activities


                                                                                General

                                                                                Start time (UTC):10:42:08
                                                                                Start date (UTC):06/12/2024
                                                                                Path:/usr/bin/gpu-manager
                                                                                Arguments:-
                                                                                File size:76616 bytes
                                                                                MD5 hash:8fae9dd5dd67e1f33d873089c2fd8761

                                                                                Chronological Activities


                                                                                General

                                                                                Start time (UTC):10:42:08
                                                                                Start date (UTC):06/12/2024
                                                                                Path:/bin/sh
                                                                                Arguments:sh -c "grep -G \"^blacklist.*radeon[[:space:]]*$\" /etc/modprobe.d/*.conf"
                                                                                File size:129816 bytes
                                                                                MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                                                Chronological Activities


                                                                                General

                                                                                Start time (UTC):10:42:08
                                                                                Start date (UTC):06/12/2024
                                                                                Path:/bin/sh
                                                                                Arguments:-
                                                                                File size:129816 bytes
                                                                                MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                                                Chronological Activities


                                                                                General

                                                                                Start time (UTC):10:42:08
                                                                                Start date (UTC):06/12/2024
                                                                                Path:/usr/bin/grep
                                                                                Arguments:grep -G ^blacklist.*radeon[[:space:]]*$ /etc/modprobe.d/alsa-base.conf /etc/modprobe.d/amd64-microcode-blacklist.conf /etc/modprobe.d/blacklist-ath_pci.conf /etc/modprobe.d/blacklist-firewire.conf /etc/modprobe.d/blacklist-framebuffer.conf /etc/modprobe.d/blacklist-modem.conf /etc/modprobe.d/blacklist-oss.conf /etc/modprobe.d/blacklist-rare-network.conf /etc/modprobe.d/blacklist.conf /etc/modprobe.d/intel-microcode-blacklist.conf /etc/modprobe.d/iwlwifi.conf /etc/modprobe.d/mdadm.conf
                                                                                File size:199136 bytes
                                                                                MD5 hash:1e6ebb9dd094f774478f72727bdba0f5

                                                                                Chronological Activities


                                                                                General

                                                                                Start time (UTC):10:42:08
                                                                                Start date (UTC):06/12/2024
                                                                                Path:/usr/bin/gpu-manager
                                                                                Arguments:-
                                                                                File size:76616 bytes
                                                                                MD5 hash:8fae9dd5dd67e1f33d873089c2fd8761

                                                                                Chronological Activities


                                                                                General

                                                                                Start time (UTC):10:42:08
                                                                                Start date (UTC):06/12/2024
                                                                                Path:/bin/sh
                                                                                Arguments:sh -c "grep -G \"^blacklist.*radeon[[:space:]]*$\" /lib/modprobe.d/*.conf"
                                                                                File size:129816 bytes
                                                                                MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                                                Chronological Activities


                                                                                General

                                                                                Start time (UTC):10:42:08
                                                                                Start date (UTC):06/12/2024
                                                                                Path:/bin/sh
                                                                                Arguments:-
                                                                                File size:129816 bytes
                                                                                MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                                                Chronological Activities


                                                                                General

                                                                                Start time (UTC):10:42:08
                                                                                Start date (UTC):06/12/2024
                                                                                Path:/usr/bin/grep
                                                                                Arguments:grep -G ^blacklist.*radeon[[:space:]]*$ /lib/modprobe.d/aliases.conf /lib/modprobe.d/blacklist_linux_5.4.0-72-generic.conf /lib/modprobe.d/blacklist_linux_5.4.0-81-generic.conf /lib/modprobe.d/fbdev-blacklist.conf /lib/modprobe.d/systemd.conf
                                                                                File size:199136 bytes
                                                                                MD5 hash:1e6ebb9dd094f774478f72727bdba0f5

                                                                                Chronological Activities


                                                                                General

                                                                                Start time (UTC):10:42:09
                                                                                Start date (UTC):06/12/2024
                                                                                Path:/usr/bin/gpu-manager
                                                                                Arguments:-
                                                                                File size:76616 bytes
                                                                                MD5 hash:8fae9dd5dd67e1f33d873089c2fd8761

                                                                                Chronological Activities


                                                                                General

                                                                                Start time (UTC):10:42:09
                                                                                Start date (UTC):06/12/2024
                                                                                Path:/bin/sh
                                                                                Arguments:sh -c "grep -G \"^blacklist.*amdgpu[[:space:]]*$\" /etc/modprobe.d/*.conf"
                                                                                File size:129816 bytes
                                                                                MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                                                Chronological Activities


                                                                                General

                                                                                Start time (UTC):10:42:09
                                                                                Start date (UTC):06/12/2024
                                                                                Path:/bin/sh
                                                                                Arguments:-
                                                                                File size:129816 bytes
                                                                                MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                                                Chronological Activities


                                                                                General

                                                                                Start time (UTC):10:42:09
                                                                                Start date (UTC):06/12/2024
                                                                                Path:/usr/bin/grep
                                                                                Arguments:grep -G ^blacklist.*amdgpu[[:space:]]*$ /etc/modprobe.d/alsa-base.conf /etc/modprobe.d/amd64-microcode-blacklist.conf /etc/modprobe.d/blacklist-ath_pci.conf /etc/modprobe.d/blacklist-firewire.conf /etc/modprobe.d/blacklist-framebuffer.conf /etc/modprobe.d/blacklist-modem.conf /etc/modprobe.d/blacklist-oss.conf /etc/modprobe.d/blacklist-rare-network.conf /etc/modprobe.d/blacklist.conf /etc/modprobe.d/intel-microcode-blacklist.conf /etc/modprobe.d/iwlwifi.conf /etc/modprobe.d/mdadm.conf
                                                                                File size:199136 bytes
                                                                                MD5 hash:1e6ebb9dd094f774478f72727bdba0f5

                                                                                Chronological Activities


                                                                                General

                                                                                Start time (UTC):10:42:09
                                                                                Start date (UTC):06/12/2024
                                                                                Path:/usr/bin/gpu-manager
                                                                                Arguments:-
                                                                                File size:76616 bytes
                                                                                MD5 hash:8fae9dd5dd67e1f33d873089c2fd8761

                                                                                Chronological Activities


                                                                                General

                                                                                Start time (UTC):10:42:09
                                                                                Start date (UTC):06/12/2024
                                                                                Path:/bin/sh
                                                                                Arguments:sh -c "grep -G \"^blacklist.*amdgpu[[:space:]]*$\" /lib/modprobe.d/*.conf"
                                                                                File size:129816 bytes
                                                                                MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                                                Chronological Activities


                                                                                General

                                                                                Start time (UTC):10:42:09
                                                                                Start date (UTC):06/12/2024
                                                                                Path:/bin/sh
                                                                                Arguments:-
                                                                                File size:129816 bytes
                                                                                MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                                                Chronological Activities


                                                                                General

                                                                                Start time (UTC):10:42:09
                                                                                Start date (UTC):06/12/2024
                                                                                Path:/usr/bin/grep
                                                                                Arguments:grep -G ^blacklist.*amdgpu[[:space:]]*$ /lib/modprobe.d/aliases.conf /lib/modprobe.d/blacklist_linux_5.4.0-72-generic.conf /lib/modprobe.d/blacklist_linux_5.4.0-81-generic.conf /lib/modprobe.d/fbdev-blacklist.conf /lib/modprobe.d/systemd.conf
                                                                                File size:199136 bytes
                                                                                MD5 hash:1e6ebb9dd094f774478f72727bdba0f5

                                                                                Chronological Activities


                                                                                General

                                                                                Start time (UTC):10:42:09
                                                                                Start date (UTC):06/12/2024
                                                                                Path:/usr/bin/gpu-manager
                                                                                Arguments:-
                                                                                File size:76616 bytes
                                                                                MD5 hash:8fae9dd5dd67e1f33d873089c2fd8761

                                                                                Chronological Activities


                                                                                General

                                                                                Start time (UTC):10:42:09
                                                                                Start date (UTC):06/12/2024
                                                                                Path:/bin/sh
                                                                                Arguments:sh -c "grep -G \"^blacklist.*nouveau[[:space:]]*$\" /etc/modprobe.d/*.conf"
                                                                                File size:129816 bytes
                                                                                MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                                                Chronological Activities


                                                                                General

                                                                                Start time (UTC):10:42:09
                                                                                Start date (UTC):06/12/2024
                                                                                Path:/bin/sh
                                                                                Arguments:-
                                                                                File size:129816 bytes
                                                                                MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                                                Chronological Activities


                                                                                General

                                                                                Start time (UTC):10:42:09
                                                                                Start date (UTC):06/12/2024
                                                                                Path:/usr/bin/grep
                                                                                Arguments:grep -G ^blacklist.*nouveau[[:space:]]*$ /etc/modprobe.d/alsa-base.conf /etc/modprobe.d/amd64-microcode-blacklist.conf /etc/modprobe.d/blacklist-ath_pci.conf /etc/modprobe.d/blacklist-firewire.conf /etc/modprobe.d/blacklist-framebuffer.conf /etc/modprobe.d/blacklist-modem.conf /etc/modprobe.d/blacklist-oss.conf /etc/modprobe.d/blacklist-rare-network.conf /etc/modprobe.d/blacklist.conf /etc/modprobe.d/intel-microcode-blacklist.conf /etc/modprobe.d/iwlwifi.conf /etc/modprobe.d/mdadm.conf
                                                                                File size:199136 bytes
                                                                                MD5 hash:1e6ebb9dd094f774478f72727bdba0f5

                                                                                Chronological Activities


                                                                                General

                                                                                Start time (UTC):10:42:10
                                                                                Start date (UTC):06/12/2024
                                                                                Path:/usr/bin/gpu-manager
                                                                                Arguments:-
                                                                                File size:76616 bytes
                                                                                MD5 hash:8fae9dd5dd67e1f33d873089c2fd8761

                                                                                Chronological Activities


                                                                                General

                                                                                Start time (UTC):10:42:10
                                                                                Start date (UTC):06/12/2024
                                                                                Path:/bin/sh
                                                                                Arguments:sh -c "grep -G \"^blacklist.*nouveau[[:space:]]*$\" /lib/modprobe.d/*.conf"
                                                                                File size:129816 bytes
                                                                                MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                                                Chronological Activities


                                                                                General

                                                                                Start time (UTC):10:42:10
                                                                                Start date (UTC):06/12/2024
                                                                                Path:/bin/sh
                                                                                Arguments:-
                                                                                File size:129816 bytes
                                                                                MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                                                Chronological Activities


                                                                                General

                                                                                Start time (UTC):10:42:10
                                                                                Start date (UTC):06/12/2024
                                                                                Path:/usr/bin/grep
                                                                                Arguments:grep -G ^blacklist.*nouveau[[:space:]]*$ /lib/modprobe.d/aliases.conf /lib/modprobe.d/blacklist_linux_5.4.0-72-generic.conf /lib/modprobe.d/blacklist_linux_5.4.0-81-generic.conf /lib/modprobe.d/fbdev-blacklist.conf /lib/modprobe.d/systemd.conf
                                                                                File size:199136 bytes
                                                                                MD5 hash:1e6ebb9dd094f774478f72727bdba0f5

                                                                                Chronological Activities


                                                                                General

                                                                                Start time (UTC):10:42:07
                                                                                Start date (UTC):06/12/2024
                                                                                Path:/usr/lib/systemd/systemd
                                                                                Arguments:-
                                                                                File size:1620224 bytes
                                                                                MD5 hash:9b2bec7092a40488108543f9334aab75

                                                                                Chronological Activities


                                                                                General

                                                                                Start time (UTC):10:42:07
                                                                                Start date (UTC):06/12/2024
                                                                                Path:/usr/bin/dbus-daemon
                                                                                Arguments:/usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only
                                                                                File size:249032 bytes
                                                                                MD5 hash:3089d47e3f3ab84cd81c48fd406d7a8c

                                                                                Chronological Activities


                                                                                General

                                                                                Start time (UTC):10:42:07
                                                                                Start date (UTC):06/12/2024
                                                                                Path:/usr/lib/systemd/systemd
                                                                                Arguments:-
                                                                                File size:1620224 bytes
                                                                                MD5 hash:9b2bec7092a40488108543f9334aab75

                                                                                Chronological Activities


                                                                                General

                                                                                Start time (UTC):10:42:07
                                                                                Start date (UTC):06/12/2024
                                                                                Path:/usr/sbin/rsyslogd
                                                                                Arguments:/usr/sbin/rsyslogd -n -iNONE
                                                                                File size:727248 bytes
                                                                                MD5 hash:0b8087fc907c42eb3c81a691db258e33

                                                                                Chronological Activities


                                                                                General

                                                                                Start time (UTC):10:42:14
                                                                                Start date (UTC):06/12/2024
                                                                                Path:/usr/lib/systemd/systemd
                                                                                Arguments:-
                                                                                File size:1620224 bytes
                                                                                MD5 hash:9b2bec7092a40488108543f9334aab75

                                                                                Chronological Activities


                                                                                General

                                                                                Start time (UTC):10:42:14
                                                                                Start date (UTC):06/12/2024
                                                                                Path:/sbin/agetty
                                                                                Arguments:/sbin/agetty -o "-p -- \\u" --noclear tty2 linux
                                                                                File size:69000 bytes
                                                                                MD5 hash:3a374724ba7e863768139bdd60ca36f7

                                                                                Chronological Activities


                                                                                General

                                                                                Start time (UTC):10:42:11
                                                                                Start date (UTC):06/12/2024
                                                                                Path:/usr/lib/systemd/systemd
                                                                                Arguments:-
                                                                                File size:1620224 bytes
                                                                                MD5 hash:9b2bec7092a40488108543f9334aab75

                                                                                Chronological Activities


                                                                                General

                                                                                Start time (UTC):10:42:11
                                                                                Start date (UTC):06/12/2024
                                                                                Path:/usr/share/gdm/generate-config
                                                                                Arguments:/usr/share/gdm/generate-config
                                                                                File size:129816 bytes
                                                                                MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                                                Chronological Activities


                                                                                General

                                                                                Start time (UTC):10:42:11
                                                                                Start date (UTC):06/12/2024
                                                                                Path:/usr/share/gdm/generate-config
                                                                                Arguments:-
                                                                                File size:129816 bytes
                                                                                MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                                                Chronological Activities


                                                                                General

                                                                                Start time (UTC):10:42:11
                                                                                Start date (UTC):06/12/2024
                                                                                Path:/usr/bin/pkill
                                                                                Arguments:pkill --signal HUP --uid gdm dconf-service
                                                                                File size:30968 bytes
                                                                                MD5 hash:fa96a75a08109d8842e4865b2907d51f

                                                                                Chronological Activities


                                                                                General

                                                                                Start time (UTC):10:42:12
                                                                                Start date (UTC):06/12/2024
                                                                                Path:/usr/lib/systemd/systemd
                                                                                Arguments:-
                                                                                File size:1620224 bytes
                                                                                MD5 hash:9b2bec7092a40488108543f9334aab75

                                                                                Chronological Activities


                                                                                General

                                                                                Start time (UTC):10:42:12
                                                                                Start date (UTC):06/12/2024
                                                                                Path:/usr/lib/gdm3/gdm-wait-for-drm
                                                                                Arguments:/usr/lib/gdm3/gdm-wait-for-drm
                                                                                File size:14640 bytes
                                                                                MD5 hash:82043ba752c6930b4e6aaea2f7747545

                                                                                Chronological Activities


                                                                                General

                                                                                Start time (UTC):10:42:19
                                                                                Start date (UTC):06/12/2024
                                                                                Path:/usr/lib/systemd/systemd
                                                                                Arguments:-
                                                                                File size:1620224 bytes
                                                                                MD5 hash:9b2bec7092a40488108543f9334aab75

                                                                                Chronological Activities


                                                                                General

                                                                                Start time (UTC):10:42:19
                                                                                Start date (UTC):06/12/2024
                                                                                Path:/usr/bin/dbus-daemon
                                                                                Arguments:/usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only
                                                                                File size:249032 bytes
                                                                                MD5 hash:3089d47e3f3ab84cd81c48fd406d7a8c

                                                                                Chronological Activities


                                                                                General

                                                                                Start time (UTC):10:42:19
                                                                                Start date (UTC):06/12/2024
                                                                                Path:/usr/lib/systemd/systemd
                                                                                Arguments:-
                                                                                File size:1620224 bytes
                                                                                MD5 hash:9b2bec7092a40488108543f9334aab75

                                                                                Chronological Activities


                                                                                General

                                                                                Start time (UTC):10:42:19
                                                                                Start date (UTC):06/12/2024
                                                                                Path:/usr/sbin/rsyslogd
                                                                                Arguments:/usr/sbin/rsyslogd -n -iNONE
                                                                                File size:727248 bytes
                                                                                MD5 hash:0b8087fc907c42eb3c81a691db258e33

                                                                                Chronological Activities


                                                                                General

                                                                                Start time (UTC):10:42:23
                                                                                Start date (UTC):06/12/2024
                                                                                Path:/usr/lib/systemd/systemd
                                                                                Arguments:-
                                                                                File size:1620224 bytes
                                                                                MD5 hash:9b2bec7092a40488108543f9334aab75

                                                                                Chronological Activities


                                                                                General

                                                                                Start time (UTC):10:42:23
                                                                                Start date (UTC):06/12/2024
                                                                                Path:/sbin/agetty
                                                                                Arguments:/sbin/agetty -o "-p -- \\u" --noclear tty2 linux
                                                                                File size:69000 bytes
                                                                                MD5 hash:3a374724ba7e863768139bdd60ca36f7

                                                                                Chronological Activities


                                                                                General

                                                                                Start time (UTC):10:42:20
                                                                                Start date (UTC):06/12/2024
                                                                                Path:/usr/lib/systemd/systemd
                                                                                Arguments:-
                                                                                File size:1620224 bytes
                                                                                MD5 hash:9b2bec7092a40488108543f9334aab75

                                                                                Chronological Activities


                                                                                General

                                                                                Start time (UTC):10:42:20
                                                                                Start date (UTC):06/12/2024
                                                                                Path:/lib/systemd/systemd-logind
                                                                                Arguments:/lib/systemd/systemd-logind
                                                                                File size:268576 bytes
                                                                                MD5 hash:8dd58a1b4c12f7a1d5fe3ce18b2aaeef

                                                                                Chronological Activities


                                                                                General

                                                                                Start time (UTC):10:42:22
                                                                                Start date (UTC):06/12/2024
                                                                                Path:/usr/lib/systemd/systemd
                                                                                Arguments:-
                                                                                File size:1620224 bytes
                                                                                MD5 hash:9b2bec7092a40488108543f9334aab75

                                                                                Chronological Activities


                                                                                General

                                                                                Start time (UTC):10:42:22
                                                                                Start date (UTC):06/12/2024
                                                                                Path:/usr/sbin/gdm3
                                                                                Arguments:/usr/sbin/gdm3
                                                                                File size:453296 bytes
                                                                                MD5 hash:2492e2d8d34f9377e3e530a61a15674f

                                                                                Chronological Activities


                                                                                General

                                                                                Start time (UTC):10:42:23
                                                                                Start date (UTC):06/12/2024
                                                                                Path:/usr/sbin/gdm3
                                                                                Arguments:-
                                                                                File size:453296 bytes
                                                                                MD5 hash:2492e2d8d34f9377e3e530a61a15674f

                                                                                Chronological Activities


                                                                                General

                                                                                Start time (UTC):10:42:23
                                                                                Start date (UTC):06/12/2024
                                                                                Path:/usr/bin/plymouth
                                                                                Arguments:plymouth --ping
                                                                                File size:51352 bytes
                                                                                MD5 hash:87003efd8dad470042f5e75360a8f49f

                                                                                Chronological Activities


                                                                                General

                                                                                Start time (UTC):10:42:24
                                                                                Start date (UTC):06/12/2024
                                                                                Path:/usr/sbin/gdm3
                                                                                Arguments:-
                                                                                File size:453296 bytes
                                                                                MD5 hash:2492e2d8d34f9377e3e530a61a15674f

                                                                                Chronological Activities


                                                                                General

                                                                                Start time (UTC):10:42:24
                                                                                Start date (UTC):06/12/2024
                                                                                Path:/usr/lib/gdm3/gdm-session-worker
                                                                                Arguments:"gdm-session-worker [pam/gdm-launch-environment]"
                                                                                File size:293360 bytes
                                                                                MD5 hash:692243754bd9f38fe9bd7e230b5c060a

                                                                                Chronological Activities


                                                                                General

                                                                                Start time (UTC):10:42:26
                                                                                Start date (UTC):06/12/2024
                                                                                Path:/usr/lib/gdm3/gdm-session-worker
                                                                                Arguments:-
                                                                                File size:293360 bytes
                                                                                MD5 hash:692243754bd9f38fe9bd7e230b5c060a

                                                                                Chronological Activities


                                                                                General

                                                                                Start time (UTC):10:42:26
                                                                                Start date (UTC):06/12/2024
                                                                                Path:/usr/lib/gdm3/gdm-wayland-session
                                                                                Arguments:/usr/lib/gdm3/gdm-wayland-session "dbus-run-session -- gnome-session --autostart /usr/share/gdm/greeter/autostart"
                                                                                File size:76368 bytes
                                                                                MD5 hash:d3def63cf1e83f7fb8a0f13b1744ff7c

                                                                                Chronological Activities


                                                                                General

                                                                                Start time (UTC):10:42:26
                                                                                Start date (UTC):06/12/2024
                                                                                Path:/usr/lib/gdm3/gdm-wayland-session
                                                                                Arguments:-
                                                                                File size:76368 bytes
                                                                                MD5 hash:d3def63cf1e83f7fb8a0f13b1744ff7c

                                                                                Chronological Activities


                                                                                General

                                                                                Start time (UTC):10:42:26
                                                                                Start date (UTC):06/12/2024
                                                                                Path:/usr/bin/dbus-daemon
                                                                                Arguments:dbus-daemon --print-address 3 --session
                                                                                File size:249032 bytes
                                                                                MD5 hash:3089d47e3f3ab84cd81c48fd406d7a8c

                                                                                Chronological Activities


                                                                                General

                                                                                Start time (UTC):10:42:26
                                                                                Start date (UTC):06/12/2024
                                                                                Path:/usr/bin/dbus-daemon
                                                                                Arguments:-
                                                                                File size:249032 bytes
                                                                                MD5 hash:3089d47e3f3ab84cd81c48fd406d7a8c

                                                                                Chronological Activities


                                                                                General

                                                                                Start time (UTC):10:42:26
                                                                                Start date (UTC):06/12/2024
                                                                                Path:/usr/bin/dbus-daemon
                                                                                Arguments:-
                                                                                File size:249032 bytes
                                                                                MD5 hash:3089d47e3f3ab84cd81c48fd406d7a8c

                                                                                Chronological Activities


                                                                                General

                                                                                Start time (UTC):10:42:26
                                                                                Start date (UTC):06/12/2024
                                                                                Path:/bin/false
                                                                                Arguments:/bin/false
                                                                                File size:39256 bytes
                                                                                MD5 hash:3177546c74e4f0062909eae43d948bfc

                                                                                Chronological Activities


                                                                                General

                                                                                Start time (UTC):10:42:26
                                                                                Start date (UTC):06/12/2024
                                                                                Path:/usr/lib/gdm3/gdm-wayland-session
                                                                                Arguments:-
                                                                                File size:76368 bytes
                                                                                MD5 hash:d3def63cf1e83f7fb8a0f13b1744ff7c

                                                                                Chronological Activities


                                                                                General

                                                                                Start time (UTC):10:42:26
                                                                                Start date (UTC):06/12/2024
                                                                                Path:/usr/bin/dbus-run-session
                                                                                Arguments:dbus-run-session -- gnome-session --autostart /usr/share/gdm/greeter/autostart
                                                                                File size:14480 bytes
                                                                                MD5 hash:245f3ef6a268850b33b0225a8753b7f4

                                                                                Chronological Activities


                                                                                General

                                                                                Start time (UTC):10:42:27
                                                                                Start date (UTC):06/12/2024
                                                                                Path:/usr/bin/dbus-run-session
                                                                                Arguments:-
                                                                                File size:14480 bytes
                                                                                MD5 hash:245f3ef6a268850b33b0225a8753b7f4

                                                                                Chronological Activities


                                                                                General

                                                                                Start time (UTC):10:42:27
                                                                                Start date (UTC):06/12/2024
                                                                                Path:/usr/bin/dbus-daemon
                                                                                Arguments:dbus-daemon --nofork --print-address 4 --session
                                                                                File size:249032 bytes
                                                                                MD5 hash:3089d47e3f3ab84cd81c48fd406d7a8c

                                                                                Chronological Activities


                                                                                General

                                                                                Start time (UTC):10:42:27
                                                                                Start date (UTC):06/12/2024
                                                                                Path:/usr/sbin/gdm3
                                                                                Arguments:-
                                                                                File size:453296 bytes
                                                                                MD5 hash:2492e2d8d34f9377e3e530a61a15674f

                                                                                Chronological Activities


                                                                                General

                                                                                Start time (UTC):10:42:27
                                                                                Start date (UTC):06/12/2024
                                                                                Path:/etc/gdm3/PrimeOff/Default
                                                                                Arguments:/etc/gdm3/PrimeOff/Default
                                                                                File size:129816 bytes
                                                                                MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                                                Chronological Activities


                                                                                General

                                                                                Start time (UTC):10:42:27
                                                                                Start date (UTC):06/12/2024
                                                                                Path:/usr/sbin/gdm3
                                                                                Arguments:-
                                                                                File size:453296 bytes
                                                                                MD5 hash:2492e2d8d34f9377e3e530a61a15674f

                                                                                Chronological Activities


                                                                                General

                                                                                Start time (UTC):10:42:27
                                                                                Start date (UTC):06/12/2024
                                                                                Path:/etc/gdm3/PrimeOff/Default
                                                                                Arguments:/etc/gdm3/PrimeOff/Default
                                                                                File size:129816 bytes
                                                                                MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                                                Chronological Activities


                                                                                General

                                                                                Start time (UTC):10:42:23
                                                                                Start date (UTC):06/12/2024
                                                                                Path:/usr/lib/systemd/systemd
                                                                                Arguments:-
                                                                                File size:1620224 bytes
                                                                                MD5 hash:9b2bec7092a40488108543f9334aab75

                                                                                Chronological Activities


                                                                                General

                                                                                Start time (UTC):10:42:23
                                                                                Start date (UTC):06/12/2024
                                                                                Path:/usr/lib/accountsservice/accounts-daemon
                                                                                Arguments:/usr/lib/accountsservice/accounts-daemon
                                                                                File size:203192 bytes
                                                                                MD5 hash:01a899e3fb5e7e434bea1290255a1f30

                                                                                Chronological Activities


                                                                                General

                                                                                Start time (UTC):10:42:23
                                                                                Start date (UTC):06/12/2024
                                                                                Path:/usr/lib/accountsservice/accounts-daemon
                                                                                Arguments:-
                                                                                File size:203192 bytes
                                                                                MD5 hash:01a899e3fb5e7e434bea1290255a1f30

                                                                                Chronological Activities


                                                                                General

                                                                                Start time (UTC):10:42:23
                                                                                Start date (UTC):06/12/2024
                                                                                Path:/usr/share/language-tools/language-validate
                                                                                Arguments:/usr/share/language-tools/language-validate en_US.UTF-8
                                                                                File size:129816 bytes
                                                                                MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                                                Chronological Activities


                                                                                General

                                                                                Start time (UTC):10:42:23
                                                                                Start date (UTC):06/12/2024
                                                                                Path:/usr/share/language-tools/language-validate
                                                                                Arguments:-
                                                                                File size:129816 bytes
                                                                                MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                                                Chronological Activities


                                                                                General

                                                                                Start time (UTC):10:42:23
                                                                                Start date (UTC):06/12/2024
                                                                                Path:/usr/share/language-tools/language-options
                                                                                Arguments:/usr/share/language-tools/language-options
                                                                                File size:3478464 bytes
                                                                                MD5 hash:16a21f464119ea7fad1d3660de963637

                                                                                Chronological Activities


                                                                                General

                                                                                Start time (UTC):10:42:23
                                                                                Start date (UTC):06/12/2024
                                                                                Path:/usr/share/language-tools/language-options
                                                                                Arguments:-
                                                                                File size:3478464 bytes
                                                                                MD5 hash:16a21f464119ea7fad1d3660de963637

                                                                                Chronological Activities


                                                                                General

                                                                                Start time (UTC):10:42:23
                                                                                Start date (UTC):06/12/2024
                                                                                Path:/bin/sh
                                                                                Arguments:sh -c "locale -a | grep -F .utf8 "
                                                                                File size:129816 bytes
                                                                                MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                                                Chronological Activities


                                                                                General

                                                                                Start time (UTC):10:42:23
                                                                                Start date (UTC):06/12/2024
                                                                                Path:/bin/sh
                                                                                Arguments:-
                                                                                File size:129816 bytes
                                                                                MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                                                Chronological Activities


                                                                                General

                                                                                Start time (UTC):10:42:23
                                                                                Start date (UTC):06/12/2024
                                                                                Path:/usr/bin/locale
                                                                                Arguments:locale -a
                                                                                File size:58944 bytes
                                                                                MD5 hash:c72a78792469db86d91369c9057f20d2

                                                                                Chronological Activities


                                                                                General

                                                                                Start time (UTC):10:42:23
                                                                                Start date (UTC):06/12/2024
                                                                                Path:/bin/sh
                                                                                Arguments:-
                                                                                File size:129816 bytes
                                                                                MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                                                Chronological Activities


                                                                                General

                                                                                Start time (UTC):10:42:23
                                                                                Start date (UTC):06/12/2024
                                                                                Path:/usr/bin/grep
                                                                                Arguments:grep -F .utf8
                                                                                File size:199136 bytes
                                                                                MD5 hash:1e6ebb9dd094f774478f72727bdba0f5

                                                                                Chronological Activities


                                                                                General

                                                                                Start time (UTC):10:42:24
                                                                                Start date (UTC):06/12/2024
                                                                                Path:/usr/lib/systemd/systemd
                                                                                Arguments:-
                                                                                File size:1620224 bytes
                                                                                MD5 hash:9b2bec7092a40488108543f9334aab75

                                                                                Chronological Activities


                                                                                General

                                                                                Start time (UTC):10:42:24
                                                                                Start date (UTC):06/12/2024
                                                                                Path:/usr/lib/policykit-1/polkitd
                                                                                Arguments:/usr/lib/policykit-1/polkitd --no-debug
                                                                                File size:121504 bytes
                                                                                MD5 hash:8efc9b4b5b524210ad2ea1954a9d0e69

                                                                                Chronological Activities


                                                                                General

                                                                                Start time (UTC):10:43:36
                                                                                Start date (UTC):06/12/2024
                                                                                Path:/usr/lib/systemd/systemd
                                                                                Arguments:-
                                                                                File size:1620224 bytes
                                                                                MD5 hash:9b2bec7092a40488108543f9334aab75

                                                                                Chronological Activities


                                                                                General

                                                                                Start time (UTC):10:43:36
                                                                                Start date (UTC):06/12/2024
                                                                                Path:/usr/bin/dbus-daemon
                                                                                Arguments:/usr/bin/dbus-daemon --session --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only
                                                                                File size:249032 bytes
                                                                                MD5 hash:3089d47e3f3ab84cd81c48fd406d7a8c

                                                                                Chronological Activities


                                                                                General

                                                                                Start time (UTC):10:43:36
                                                                                Start date (UTC):06/12/2024
                                                                                Path:/usr/lib/systemd/systemd
                                                                                Arguments:-
                                                                                File size:1620224 bytes
                                                                                MD5 hash:9b2bec7092a40488108543f9334aab75

                                                                                Chronological Activities


                                                                                General

                                                                                Start time (UTC):10:43:36
                                                                                Start date (UTC):06/12/2024
                                                                                Path:/usr/bin/pulseaudio
                                                                                Arguments:/usr/bin/pulseaudio --daemonize=no --log-target=journal
                                                                                File size:100832 bytes
                                                                                MD5 hash:0c3b4c789d8ffb12b25507f27e14c186

                                                                                Chronological Activities


                                                                                General

                                                                                Start time (UTC):10:43:36
                                                                                Start date (UTC):06/12/2024
                                                                                Path:/usr/lib/systemd/systemd
                                                                                Arguments:-
                                                                                File size:1620224 bytes
                                                                                MD5 hash:9b2bec7092a40488108543f9334aab75

                                                                                Chronological Activities


                                                                                General

                                                                                Start time (UTC):10:43:36
                                                                                Start date (UTC):06/12/2024
                                                                                Path:/usr/libexec/rtkit-daemon
                                                                                Arguments:/usr/libexec/rtkit-daemon
                                                                                File size:68096 bytes
                                                                                MD5 hash:df0cacf1db4ec95ac70f5b6e06b8ffd7

                                                                                Chronological Activities